Allowlist Target edge nodes | Community
Skip to main content
C
caride
December 19, 2024
Solved

Allowlist Target edge nodes

  • December 19, 2024
  • 2 replies
  • 1006 views

We are working on a hybrid ntegration with Adobe Target Delivery API and we ran into problems with our company firewalls.

Currently, in our environments all requests to external services are blocked by default and we need to request opening communication towards specific IPs.

 

We have tried to look up what IPs we should specify in our firewall rules but the documentation doesn’t specify the Adobe servers the SDK seems to be using.

Documentation: How Do I Allowlist Target Edge Nodes? | Adobe Target

Further docs: IP Addresses Used by Experience Cloud | Adobe Experience Cloud Services

(nothing about mboxedge37 on either of these pages)

 

Our at.js config:

    clientCode: "OURCOMPANY", 

    serverDomain: "OURCOMPANY.tt.omtrdc.net",

 

The above seems to translate to:

https://mboxedge37.tt.omtrdc.net

which is not listed in the documentation. We are not sure how this address is being built and where does it come from (we assume it’s from the CNAME of ourcompany.tt.omtrdc.net & mbox cookie that AT creates) . Is it always 37?

 

 

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Gokul_Agiwal

    Hi @caride 

    Yes you're correct. If you use a CNAME like OURCOMPANY.tt.omtrdc.net then Adobe routes traffic through its edge nodes close to request origin. 

    So, in your case the mboxedge37 is the internal assignment for routing traffic.  I think the edge number is not fixed as it depends upon the user location and traffic routes.  

     

    in my implementation too - I can see mboxedge37 only though I've my own clientcode. 

     

    you can see here in below documentation link - you will the reference for mboxedge37. 

    https://experienceleague.adobe.com/en/docs/target-dev/developer/implementation/implement-cname-support-in-target#request-cname-support-in-target  

     

    Now in case if you need to allow specific IP then you might need to allow the rules in firewall setting which allows **.tt.omtrdc.net even if your edge node gets changed dynamically. 

    Hope this helps. 

    Thanks

    2 replies

    Gokul_Agiwal
    Community Advisor
    Gokul_AgiwalCommunity AdvisorAccepted solution
    Community Advisor
    December 19, 2024

    Hi @caride 

    Yes you're correct. If you use a CNAME like OURCOMPANY.tt.omtrdc.net then Adobe routes traffic through its edge nodes close to request origin. 

    So, in your case the mboxedge37 is the internal assignment for routing traffic.  I think the edge number is not fixed as it depends upon the user location and traffic routes.  

     

    in my implementation too - I can see mboxedge37 only though I've my own clientcode. 

     

    you can see here in below documentation link - you will the reference for mboxedge37. 

    https://experienceleague.adobe.com/en/docs/target-dev/developer/implementation/implement-cname-support-in-target#request-cname-support-in-target  

     

    Now in case if you need to allow specific IP then you might need to allow the rules in firewall setting which allows **.tt.omtrdc.net even if your edge node gets changed dynamically. 

    Hope this helps. 

    Thanks

      RiteshY18
      Community Advisor
      RiteshY18Community Advisor
      Community Advisor
      December 20, 2024

      @caride  would suggest to consider below 

       

      • check  browser/network tools to validate the request being blocked in your case it is mboxedge37 ?
      • check list of allowed IP list in org range validate range against the Adobe range n request update is needed 
      • may be add below to your firewall allowed list / if not done 
        • *.tt.omtrdc.net

       

        Terms & ConditionsAccessibility statement

        Loading footer...