Which Internet Protocol (IP) addresses (subnets) compose SAP Ariba and SAP Business Network for firewall validation?

	English	
Български Čeština Dansk Deutsch Ελληνικά Español Suomi Français (France) Hrvatski Magyar Italiano 日本語 한국어 Nederlands Norsk Polski Português (Brasil) Română Русский Svenska ไทย Türkçe 简体中文繁體中文

FAQ KB0392428

Symptom

Which Internet Protocol (IP) addresses (subnets) compose the SAP Ariba solutions and SAP Business Network for firewall validation?

Resolution

SAP Ariba strongly encourages you to validate postings from SAP Business Network using Hypertext Transport Protocol Secure (HTTPS) client certification of service.ariba.com, rather than hard-coding IP address access through firewalls.

Nonetheless, if an IP range is required, open the following range of IP addresses to support the full set of servers composing the SAP Business Network. This list applies for Applicability Statement 2 (AS2) inbound traffic (from SAP Ariba) to suppliers. The same IP range applies to SAP Ariba solutions, such as SAP Ariba Buying and Invoicing and SAP Ariba Sourcing.

US:
216.109.110.0 to 216.109.111.255
216.109.108.0 to 216.109.109.255
216.109.107.0 to 216.109.107.255
216.109.106.0 to 216.109.106.255
216.109.105.0 to 216.109.105.255
216.109.104.0 to 216.109.104.255

Europe: (Updated to reflect Next-Generation Cloud Delivery IP addresses)
35.204.199.16
34.147.43.114
34.91.77.177
35.204.216.169
34.147.62.167
34.147.10.102
34.90.236.209
35.204.28.17
34.141.218.14
34.147.89.69
34.147.29.30
34.91.195.133
35.204.75.189
34.147.100.165
34.91.149.24
34.90.105.18
34.159.191.55
34.159.251.130
34.159.215.1
34.159.12.244
34.159.147.220
34.141.75.15
34.141.19.245
35.242.212.248
34.107.49.210
34.107.85.53
34.89.201.146
34.159.80.139
34.159.213.97
35.198.73.10
35.242.209.174
35.198.142.164

Russia:
157.133.6.0 to 157.133.6.255
157.133.7.0 to 157.133.7.255
157.133.14.0 to 157.133.14.255

API Developer Portals:

api.ariba.com: 216.109.110.0 to 216.109.111.255

openapi.ariba.com: 157.133.208.1 to 157.133.208.255

If you have a stateful firewall, port is 443. If you are not using stateful firewall, you will also have to enable established connection

For more information on SAP Integration Suite, managed gateway for spend management and SAP Business Network IPs, check what are the IP ranges for SAP Integration Suite, managed gateway for spend management and SAP Business Network tenants?

See Also

From the SAP Business Network perspective, any company that receives HTTPS posts from the SAP Business Network may require this information. SAP Ariba Buying and Invoicing customers should not require this data, unless they allow access via punch-in from the SAP Business Network.

Check this address to verify the ownership of an IP address range by SAP Ariba.

KB0398621 - What are the IP ranges for SAP Integration Suite, managed gateway for spend management and SAP Business Network tenants?

Applies To

Invoicing
Purchasing
SAP Business Network for Procurement & Supply Chain > Administration (Buyer & Supplier Account Administration)
Spend Visibility
Strategic Contracts
Strategic Sourcing