This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Configuring a new traffic isolation packs (TIP)

Posted on 05-12-2022 10:51 AM
DavitH
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

We are trying to separate high-volume proxies into a separate TIP.  Apigee team has provisioned a new TIP and asked us to whitelist the EIPs for the pods.

What is the whitelisting process?
Where exactly does it have to be done?

An architecture diagram showing routers, firewalls, TIPs, etc, would be helpful.

Thanks in advance!

1 2 177
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
kurtkanaskie
Staff
Reply posted on --/--/---- --:-- AM

Nothing has to be done. With the TIP installed you will get a list of static IP addresses that Apigee will use for southbound communication. If you choose, you can set these IP addresses into an allow-list on your side to only allow those IPs access into your backends. This would be done by your network admin on whatever solution you use to protect your network.  You are not required to do this, though. 

You can view your IPs using an Edge API, for example:

 

 

curl -H $AUTH https://api.enterprise.apigee.com/v1/organizations/$YOUR_ORG/eips
{
  "podEips" : [ {
    "eips" : [ ],
    "pod" : {
      "name" : "agea1rt001-1",
      "region" : "us-east1"
    }
  }, {
    "eips" : [ "35.237.42.121", "35.231.238.30" ],
    "pod" : {
      "name" : "agea1mp000-5",
      "region" : "us-east1"
    }
  } ]
}

 

 

I've not been able to pinpoint the docs for this.

Posted on --/--/---- --:-- AM
DavitH
Bronze 3
Bronze 3
In response to kurtkanaskie
Reply posted on --/--/---- --:-- AM

Thank you @kurtkanaskie 

0 Likes