Which Internet Protocol (IP) addresses (subnets) compose the Ariba Network and Ariba on-demand solutions for firewall validation?

	English	
Български Čeština Dansk Deutsch Ελληνικά Español Suomi Français (France) Hrvatski Magyar Italiano 日本語 한국어 Nederlands Norsk Polski Português (Brasil) Română Русский Svenska ไทย Türkçe 简体中文繁體中文

FAQ KB0392428

Symptom

IP Ariba

Resolution

Question

Which Internet Protocol (IP) addresses (subnets) compose the Ariba Network and Ariba on-demand solutions for firewall validation?

Answer

Ariba strongly encourages you to validate postings from Ariba Network using Hypertext Transport Protocol Secure (HTTPS) client certification of service.ariba.com, rather than hard-coding IP address access through firewalls.

Nonetheless, if an IP range is required, open the following range of IP addresses to support the full set of servers composing the Ariba Network. This list applies for Applicability Statement 2 (AS2) inbound traffic (from Ariba) to suppliers. The same IP range applies to Ariba on-demand solutions, such as Ariba Procure-to-Pay and Ariba Sourcing Pro. This also applies to the advanced security front door '-2' URL's.

US:
216.109.110.0 to 216.109.111.255
216.109.108.0 to 216.109.109.255
216.109.107.0 to 216.109.107.255
216.109.106.0 to 216.109.106.255
216.109.105.0 to 216.109.105.255
216.109.104.0 to 216.109.104.255

Europe: (Updated to reflect Next-Generation Cloud Delivery IP addresses)
35.204.199.16
34.147.43.114
34.91.77.177
35.204.216.169
34.147.62.167
34.147.10.102
34.90.236.209
35.204.28.17
34.141.218.14
34.147.89.69
34.147.29.30
34.91.195.133
35.204.75.189
34.147.100.165
34.91.149.24
34.90.105.18
34.159.191.55
34.159.251.130
34.159.215.1
34.159.12.244
34.159.147.220
34.141.75.15
34.141.19.245
35.242.212.248
34.107.49.210
34.107.85.53
34.89.201.146
34.159.80.139
34.159.213.97
35.198.73.10
35.242.209.174
35.198.142.164

Russia:
157.133.6.0 to 157.133.6.255
157.133.7.0 to 157.133.7.255
157.133.14.0 to 157.133.14.255

API Developer Portals:

api.ariba.com: 216.109.110.0 to 216.109.111.255

openapi.ariba.com: 157.133.208.1 to 157.133.208.255

If you have a stateful firewall, port is 443. If you are not using stateful firewall, you will also have to enable established connection

CIG:

What are the IP ranges for Cloud Integration Gateway (CIG) tenants?

Additional Information

From the Ariba Network perspective, any company that receives HTTPS posts from the Ariba Network may require this information. Ariba Buyer customers should not require this data, unless they allow access via punch-in from the Ariba Network.

If you are required to add IP addresses to your email allow lists to receive emails generated by the Ariba Network or Ariba on-demand solutions, you can add the previously listed IP range.
The equivalent Classless Inter-Domain Routing (CIDR) notation for these IP addresses:

216.109.110.0/23
216.109.108.0/23
216.109.107.0/24
216.109.106.0/24
216.109.105.0/24
216.109.104.0/24
216.109.103.0/24
194.39.129.0/24
194.39.128.0/24
157.133.6.0/24
157.133.7.0/24
157.133.14.0/24
The same IP address range applies to the Early Access environment.

Verification of Ariba ownership of IP address range:

https://whois.arin.net/rest/org/ARIBAI/nets

Applies To

Invoicing
Purchasing
SAP Business Network for Procurement & Supply Chain > Administration (Buyer & Supplier Account Administration)
Spend Visibility
Strategic Contracts
Strategic Sourcing