Which Internet Protocol (IP) addresses (subnets) compose the Ariba Network and Ariba on-demand solutions for firewall validation?

	English	
Български Čeština Dansk Deutsch Ελληνικά Español Suomi Français (France) Hrvatski Magyar Italiano 日本語 한국어 Nederlands Norsk Polski Português (Brasil) Română Русский Svenska ไทย Türkçe 简体中文繁體中文

FAQ KB0392428

Question

Which Internet Protocol (IP) addresses (subnets) compose the Ariba Network and Ariba on-demand solutions for firewall validation?

Answer

Ariba strongly encourages you to validate postings from Ariba Network using Hypertext Transport Protocol Secure (HTTPS) client certification of service.ariba.com, rather than hard-coding IP address access through firewalls.

Nonetheless, if an IP range is required, open the following range of IP addresses to support the full set of servers composing the Ariba Network. This list applies for Applicability Statement 2 (AS2) inbound traffic (from Ariba) to suppliers. The same IP range applies to Ariba on-demand solutions, such as Ariba Procure-to-Pay and Ariba Sourcing Pro. This also applies to the advanced security front door '-2' URL's.

US:
216.109.110.0 to 216.109.111.255
216.109.108.0 to 216.109.109.255
216.109.107.0 to 216.109.107.255
216.109.106.0 to 216.109.106.255
216.109.105.0 to 216.109.105.255
216.109.104.0 to 216.109.104.255

Europe:
216.109.103.0 to 216.109.103.255
194.39.129.0 to 194.39.129.255
194.39.128.0 to 194.39.128.255

Russia:
157.133.6.0 to 157.133.6.255
157.133.7.0 to 157.133.7.255
157.133.14.0 to 157.133.14.255

API Developer Portals:

api.ariba.com: 216.109.110.0 to 216.109.111.255

openapi.ariba.com: 157.133.208.1 to 157.133.208.255

If you have a stateful firewall, port is 443. If you are not using stateful firewall, you will also have to enable established connection

CIG:

What are the IP ranges for Cloud Integration Gateway (CIG) tenants?

Additional Information

From the Ariba Network perspective, any company that receives HTTPS posts from the Ariba Network may require this information. Ariba Buyer customers should not require this data, unless they allow access via punch-in from the Ariba Network.

If you are required to add IP addresses to your email allow lists to receive emails generated by the Ariba Network or Ariba on-demand solutions, you can add the previously listed IP range.
The equivalent Classless Inter-Domain Routing (CIDR) notation for these IP addresses:

216.109.110.0/23
216.109.108.0/23
216.109.107.0/24
216.109.106.0/24
216.109.105.0/24
216.109.104.0/24
216.109.103.0/24
194.39.129.0/24
194.39.128.0/24
157.133.6.0/24
157.133.7.0/24
157.133.14.0/24
The same IP address range applies to the Early Access environment.

Verification of Ariba ownership of IP address range:

https://whois.arin.net/rest/org/ARIBAI/nets

Applies To

Core Procurement > Core Administration > Application Integration (between Buying & Sourcing)
Invoicing
Purchasing
Spend Visibility
Strategic Contracts
Strategic Sourcing