Network Requirements
High-level overview of JFrog Connect network specifications.
JFrog Connect is based on client-server architecture. This page provides a high-level overview of the network specifications for JFrog Connect operating in cloud SaaS mode.
If you have questions about additional requirements, please contact us to discuss.
Protocols
As one method of enhancing network security, there are no open ports or running servers on the edge devices. Communication with Connect Agent works via outbound requests to ensure zero attack surfaces for attackers.
The edge device uses UDP and port 53 to resolve hostnames and connect with the JFrog Connect servers.
The Connect Agent and servers communicate on TCP as follows:
Terminal uses SSH protocol on port 442 or 443
Remote access using port tunneling uses SSH protocol on port 22
All other client-server communication uses HTTPS TLS encryption on port 443
Server Allowed List
To use JFrog Connect, ensure that the following Outbound domains and IP addresses are on your allowed list:
api.connect.jfrog.io
3.127.6.122,
35.159.42.141
connect.jfrog.io
3.127.6.122,
35.159.42.141
remote.control.jfconnect.io
18.158.153.17
forwarding.jfconnect.io
3.70.153.137
For Future Use
The following IP addresses should also be added to the allowed list. They are currently not bound to any domains, but are reserved for future use.
35.158.29.166
18.198.83.150
52.59.156.195
35.157.243.155
18.185.67.99
Terminal & Port Tunneling
Remote tools enable you to easily connect to the edge device. All requests are outbound from the device to JFrog Connect servers. If there are strict network policies, allow outbound requests as described below.
Terminal
Domain: remote.control.jfconnect.io
Static IP: 18.158.153.17
Ports: 442, 443
Port Tunneling
Domain: forwarding.jfconnect.io
Static IP: 3.70.153.137
Ports: Will try 22 first, then 443, then 80
What’s Next?
Learn how JFrog Connect fits into your larger DevOps pipeline architecture.
Last updated
Was this helpful?