Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

GitHub Enterprise Behind Firewall (F5)

Jay Collett
Jay Collett September 25, 2017

We are interested in connected our JIRA cloud instance to our on-premise GitHub Enterprise system, we already identified the need to open a port on the firewall but I'm curious to know if the IP addresses that Atlassian uses are set so we can only allow inbound access from those IPs? Our security team is not ok with us opening the port to all internet IPs...

Answer
Watch
Like # people like this
1528 views

1 answer

2 votes
Jay Collett
Jay Collett September 25, 2017

I answered my own question, for those who may be seeking the same answer, there is a great article on this from Atlassian. It's not really referenced for JIRA but applies to JIRA and Confluence.

https://confluence.atlassian.com/cloud/atlassian-cloud-ip-ranges-and-domains-744721662.html

View More Comments
Max Cascone
Max Cascone October 13, 2017

Thanks - this is exactly what I've been looking for for a while now, and I hadn't come across this page before. Why is it so hidden??

Did you find the integration was useful? Did you compare it at all to the add-on that does presumably the same things?  I have no affiliation with them, I'm just looking at the addon and wondering if it's worth the additional price vs the built-in DVCS feature. 

I already got our infosec to approve opening the single IP for the addon, and now I just found this with like 100 more things to open in the firewall, I hope they go for it.

Like
Max Cascone
Max Cascone October 20, 2017

@Jay Collett, did you find that you need to open all of those ports and domains? I imagine that your infosec group balked at the scope of the request. My guess is that the domains, ports and IPs listed in that doc are for all of Jira's UX to be accessible through a firewall. But what is necessary only to enable the GitHub DVCS integration?

It's ironic that the plugin i linked to above only requires a single IP to be whitelisted, which my infosec approved. Then I had the brilliant idea to try the native - and free, more specifically - DVCS integration first, which brought me to this page, and that huge list of ips, and now of course infosec is thinking twice about it.

Like Daniel Alonso likes this
Max Cascone
Max Cascone February 8, 2019

Following up on this - infosec said no way to opening up all those IPs - it's several thousand holes when you look at all the ranges. So our only choice was the BigBrassBand plugin. And since we've been using it, it's been great. It's useful to be able to see when code is being done and when PRs are opened and closed. And I haven't had to touch the config in months, which is really great.

Like Adam Wride likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events