Skip to main content

Configuring the firewall for Test Cloud Public Sector

For general network configuration and firewall information, refer to Configuring the firewall

Test Cloud Public Sector Portal

The following table lists the domains used by Test Cloud Public Sector Portal:

Scenario Domains to Allow
UiPath Test Cloud Public Sector https://govcloud.uipath.us
https://govcloud.uipath.us/portal_/cloudrpa
https://govcloud.uipath.us/portal_/signinwithsso
https://govcloud.uipath.us/<accountname>/
https://govcloud.uipath.us/<accountname>/<tenantname>/portal
Login flows (configured via SSO) https://login.microsoftonline.com
Sign in with Azure Active Directory (Azure AD) https://aadcdn.msftauth.net
https://govcloud.uipath.us
https://login.microsoftonline.com
Sign in with UiPath Assistant (basic email) *-signalr.service.signalr.net

For events related to signing in with basic authentication:

https://account.uipath.com
https://govcloud.uipath.us
https://platform-cdn.uipath.com
Sign in with UiPath Studio (basic email) https://api.nuget.org
*-signalr.service.signalr.net
https://gallery.uipath.com
https://pkgs.dev.azure.com

For events related to signing in with basic authentication:

https://account.uipath.com
https://govcloud.uipath.us
https://platform-cdn.uipath.com
Static assets: Fonts, Styling and CDN hosted scripts

Fonts:

https://use.typekit.net
https://fonts.gstatic.com
https://platform-cdn.uipath.com

Images:

https://s.gravatar.com
https://secure.gravatar.com
https://*.wp.com
https://*.googleusercontent.com
https://i.ytimg.com
https://platform-cdn.uipath.com

CSS:

https://fonts.googleapis.com/css
https://use.typekit.net
https://p.typekit.net
https://platform-cdn.uipath.com
https://staticresources.uipath.us

Scripts:

https://primer.typekit.net
https://use.typekit.net
https://platform-cdn.uipath.com
Sign in via Auth0 (for EU) uipath.eu.auth0.com
Update services ctldl.windowsupdate.com

To configure network connections, use Microsoft documentation .

App Insights / Google Tag Manager https://usgovvirginia-0.in.applicationinsights.azure.us
https://www.googletagmanager.com/gtm.js?id=GTM-PLLP8P
https://code.jquery.com/jquery-3.5.1.min.js
important

If you use Azure buckets, they must not be located in the tenant's region or in the failover region.

Outbound IP ranges

To ensure proper functionality for UiPath services, we recommend allowing the following IPs:

52.247.128.100
52.227.65.197
52.245.221.122

Action Center

Domains

The following table lists the domains used by Action Center that we recommend allowing, based on the functionality you plan to use:

Scenario Domains to Allow
Navigate to Action Center page https://govcloud.uipath.us/<accountName>/<tenantName>/actions_
https://govcloud.uipath.us/<accountName>/<tenantName>/processes_
https://govcloud.uipath.us/<accountName>/<tenantName>/bupproxyservice_
https://uipath-acc-pgov.uipath.us

Automation Cloud Robots - Serverless

Static IP configuration

Static IP for Cloud Robot - Serverless enables you to route outbound network traffic through a dedicated, static IP address range managed by UiPath. This allows you to whitelist or securely integrate with external systems that restrict incoming connections to known IPs.

Configuration

You can enable Static IP while creating the Serverless template and going to the Network Configuration page.

Availability

The Stable IP feature is available for Cloud Robot - Serverless in supported regions.

These static IP addresses can sometimes change as a result of infrastructure deployments. To help keep you on top of any changes, we have compiled a list of up-to-date static egress IPs, which you can check in the following tables.

Table 1. Community users

Region CIDR Outbound IP ranges
Europe 
20.191.43.0/30
20.191.42.240/30
 
20.191.43.0
20.191.43.1
20.191.43.2
20.191.43.3
20.191.42.240
20.191.42.241
20.191.42.242
20.191.42.243

Table 2. Enterprise users

Region CIDR Outbound IP ranges
Australia 
20.53.170.116/30
20.53.170.208/30
 
20.53.170.116
20.53.170.117
20.53.170.118
20.53.170.119
20.53.170.208
20.53.170.209
20.53.170.210
20.53.170.211
United States 
20.102.5.168/30
20.102.0.76/30
 
20.102.5.168
20.102.5.169
20.102.5.170
20.102.5.171
20.102.0.76
20.102.0.77
20.102.0.78
20.102.0.79
Japan 
20.44.188.168/30
20.44.185.192/30
 
20.44.188.168
20.44.188.169
20.44.188.170
20.44.188.171
20.44.185.192
20.44.185.193
20.44.185.194
20.44.185.195
Europe (European Union) 
20.191.46.104/30
20.191.43.60/30
 
20.191.46.104
20.191.46.105
20.191.46.106
20.191.46.107
20.191.43.60
20.191.43.61
20.191.43.62
20.191.43.63

Automation Hub

Domains

The following table lists the domains used by Automation Hub:

Scenario Domains to Allow
Navigate to the Automation Hub page https://govcloud.uipath.us
http://*.userpilot.io
https://dc.services.visualstudio.com
https://ah-prod-ts-blue-eu.uipath.com
https://ah-prod-ts-blue-us.uipath.com
https://ah-prod-ts-blue-ja.uipath.com
https://ah-prod-ts-blue-au.uipath.com
https://ah-prod-ts-blue-ca.uipath.com
https://ah-prod-ts-blue-sea.uipath.com
https://ah-prod-ts-blue-uk.uipath.com
https://ah-prod-ts-blue-in.uipath.com
https://ah-gxp-ts-blue-us.uipath.com
Use OpenAPI for Automation Hub https://automation-hub.uipath.com
http://ah-gxp-openapi-us.uipath.com
Access Public Sector in Automation Hub https://govcloud.uipath.us

Automation Ops

Domains

The following table lists the domains used by Automation Ops:

Scenario Domains to Allow
Navigate to the Automation Ops page https://usgovvirginia-0.in.applicationinsights.azure.us
https://govcloud.uipath.us
https://staticresources.uipath.us
*-signalr.signalr.azure.us
https://use.typekit.net
https://p.typekit.net

Data Service

Domains

The following table lists the domains used by Data Service:

Scenario Domains to Allow
All Data Service operations https://govcloud.uipath.us
Fetching static frontend content https://staticds.uipath.us

Document Understanding

Domains

The following table lists the domains used by Document Understanding:

Module or ScenarioDomains to Allow
Network and Storagehttps://*.uipath.us
Telemetry and SignalRhttps://*.azure.us
Public endpointsCheck the Public endpoints page for the full list of public endpoints URLs.

Insights

Domains

The following table lists the domains used by Insights:

Scenario Domains to Allow
Navigate to the Insights page https://govcloud.uipath.us
https://*.lookercdn.com
https://uipath-insights-statics.azureedge.net/
https://*.looker.uipath.com/

Outbound static IP ranges

Outbound static IP ranges allow you to add a list of IPs for the Log Export functionality to the allowlist and not open your network to all external IPs.

To ensure proper performance for the Log Export functionality, make sure to add the Outbound IP ranges from the Test Cloud Public Sector Portal section to the allowlist.

Due to a limitation on Microsoft side for Log Export, you cannot set up inbound IP restriction when your Azure blob storage account and the Insights infrastructure is under the same region in Azure. Because of this, you cannot use the USGov Virginia region for the blob storage account. For more information on this limitation, check the Restrictions for IP network rules page from the Microsoft Azure Blob Storage documentation.

Orchestrator

Domains

Robots send traffic to these Test Cloud Public Sector Orchestrator domains. We recommend that you allow them to ensure proper functioning of your automations, as described in the following table:

Module or Functionality Domains to Allow
UiPath Orchestrator https://govcloud.uipath.us
https://orch-cdn.uipath.com
https://account.uipath.com
Automation Cloud Public Sector Robots - VM https://govcloud.uipath.us
https://download.uipath.com
Storage

If using Amazon s3 buckets:

*.s3.amazonaws.com

Package and library feeds

(library, tenant processes, and others)

https://pkgs.dev.azure.com
Azure SignalR *.service.signalr.net
Studio and Robot auto-update functionality https://download.uipath.com
Traffic Manager (internal) *.trafficmanager.net

Process Mining

Domains

The following table lists the domains used by Process Mining:

Module or Scenario Domains to Allow
Identity Server https://govcloud.uipath.us
Static assets https://fonts.googleapis.com
https://fonts.gstatic.com
https://content.usage.uipath.com
https://s.gravatar.com
https://i1.wp.com
Azure SignalR *.signalr.azure.us
Telemetry https://*.in.applicationinsights.azure.us
Upload files *.blob.core.usgovcloudapi.net

Test Manager

Domains

The following table lists the domains used by Test Manager that we recommend allowing, based on the functionality you plan to use:

Module or functionality Domains to allow
UiPath Test Manager https://govcloud.uipath.us
Azure SignalR *.signalr.azure.us