We recently sent out an email regarding this, but I thought I would post it here just in case anyone missed the email. If you have any questions, feel free to contact our support department.

All 8e6 users,

In order to provide improved access and reliability, 8e6 is upgrading its Internet connection to a multi-homed configuration. Unfortunately, this change requires the renumbering of some customer-facing systems. Consequently, some changes may be required on your networks to ensure continued connectivity to 8e6 for the purposes of downloading library updates, software patches, and technical support remote access. This is a one time only change since the new IP addresses are “owned” by 8e6 and, as such, portable with respect to future Internet Service Provider changes.

Bottom line, it is extremely important that your firewall administrator is alerted to the following items, in order to ensure continue connectivity to 8e6 update servers.

FTP Update Server EOL
Concurrent with this change comes the End-of-Life for the legacy FTP update servers. As of July 31 st, updates will only be available using the HTTPS update servers. The 2.1 software release of the R3000 (scheduled for mid-July) will remove the ability to download library and software updates via FTP, and switch the transport method of all library and software updates to HTTPS.

It is recommended that you immediately ensure that your R3000 is set to use HTTPS for library and software updates. This can be done via the R3000 GUI, and is available under Library>Updates>Configuration. If your R3000 is set to use FTP, change the method to HTTPS. Once the configuration change is made you can perform a manual update to ensure that connectivity can be established.

Library, Software Patch and CFM Updates
If your network firewall rules for outbound connectivity utilize statically assigned IP addresses for access to 8e6’s patch, update and cfm servers, modification will be required to allow access to the new IP addresses indicated below.

IMPORTANT: The changes in this section must be made prior to July 31, 2008 or you may experience an interruption in the related services. To facilitate a transition window, please maintain access for both old and new IP’s until September 30 th 2008 at which time, you can remove access for the old IP’s.

All 8e6 systems (R3000, Enterprise Reporter and Threat Analysis Reporter) should have access via HTTPS to the following systems.

patch.8e6.net (software updates)
Old
209.11.161.20
209.11.161.21
New
208.90.236.69

secureupdate.8e6.com (library updates)
Old
209.11.161.24
209.11.161.25
209.11.161.26
209.11.161.27
New
208.90.236.70
208.90.236.71
208.90.236.72
208.90.236.73

cfm.8e6.com (customer feedback module updates)
Old
209.11.161.224
New
208.90.236.75

Technical Support
Similarly, you will need to modify your firewall rules to allow SSH access from 8e6’s two newly assigned “keyserver” IP addresses listed below.

IMPORTANT: The changes in this section must be made prior to July 31, 2008 or you may experience an interruption in the related services. To facilitate a transition window, please maintain access for both old and new IP’s until September 30 th 2008 at which time, you can remove access for the old IP’s.

key1.8e6.com
Old = 209.11.160.50
New = 208.90.236.132

key2.8e6.com
Old = 209.11.160.51
New = 208.90.236.133

If you have any questions regarding the above information, please contact 8e6 Technologies Tech Support at support@8e6.com or call (888) 786-7999, menu selection #3. Thank you for your support and patience in this matter.

Sincerely,

Your 8e6 Technologies Product Management Team

This entry was posted on Thursday, June 19th, 2008 at 3:05 pm and is filed under Administrivia. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.