Hello,
We had a situation with the Telerik packages recently bypassing firewalls of the networking in our environment. Actually our firewall blocks all the calls from outside including Telerik packages. The networking team whitelisted the domain nuget.telerik.com but the demanded packages still remained blocked. After an research we found out that Telerik uses a series of IP's (probably dynamic) and also subdomains for the packages.
For the moment we have solved the problem because all the requested IP's of the Telerik packages are allowed in our firewall, but I was wondering if the IP's are dynamic and in a moment of time they will change we will be again in the starting point where is needed to create specific security policies for the new IP's.
So my question is:
Does Telerik have a range of IP's and domain/subdomains so we can add them from the beginning in our firewall?
I am not sure if there is another solution or Telerik provide documentation for similar situations.
Thank you!
1 Answer, 1 is accepted
Hello Llazar,
I have discussed this with our development team and I am afraid that we can't provide such a list. The assemblies are hosted on a third-party server and the links are built dinamically. What I can suggest is whitelisting the following domains:
- downloads.cdn.telerik.com
- nuget.telerik.com
There is another approach I want to mention. Depending on the used project, you can download either the NuGet packages or the assemblies and reference them locally. This way you will ensure that the same version is used and you will need to download only when upgrading.
Let me know if I can assist you further.
Regards,
Dimitar
Progress Telerik
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.
Rank 1
Hello Dimitar,
Thanks for your fast replay.
Now I see that we were missing the downloads.cdn.telerik.com domain in our firewall whitelist.
For the second approach to download the packages/assemblies is not good solution in our case.
Best regards,
Llazar
Hello Llazar,
Let me know what the results are after white-listing the second domain.
Regards,
Dimitar
Rank 1
Hello Dimitar,
The second domain solved our problems. Now the networking team just by whitelisting the 2 domains can allow all packages passing through the pipeline.
Thanks again for your help. I am accepting your answer as solution in our case.
Best,
Llazar
Hi Llazar,
I am glad that this works now. Do not hesitate to contact us if you have other questions.
Regards,Dimitar