To access SFTP storage locations in Customer Data Platform (CDP),
your IP must be on Acquia’s allowlist. If you encounter errors such
as Network timeouts
while trying to establish a connection, try
to connect from an allowlisted IP address. Ensure that you complete
the following prerequisites before contacting Acquia Support.
Prerequisites
IP address is public:
Public IP addresses can be accessed from outside the network whereas private IP addresses cannot be accessed from outside the network. Ensure that your IP address is public. To locate your public IP, see What is my public IP?.
Acquia cannot allowlist a private IP address. The following is the range of private IP addresses:
192.168.0.0 - 192.168.255.255 172.16.0.0 - 172.31.255.255 10.0.0.0 - 10.255.255.255
IP address is static:
Perform an Internet lookup for the IP address to ensure that the address is static. Acquia does not allowlist dynamic IP addresses because the IP can change and that voids the allowlisting.
To check the type of your IP address:
Go to Look up IP Address Location.
Enter your IP address and click Get IP Details.
Check the value for the Assignment parameter.
Unblocking SFTP access:
Check your Firewall or VPN settings to ensure that they do not block SFTP access. Test connections by using other SFTP clients to verify if the issue is related to your SFTP client. For more information about the public SFTP servers, see Free Public SFTP Servers.
Informing Acquia about allowlisted but unused IP addresses:
If you were using a legacy IP address to access the SFTP storage and want to use a different IP address now, inform your customer value manager (CVM) about the old allowlisted IP address.
IP Allow-listing Range Limits:
CDP supports a subnet mask range of 22 to 32.
The notations are as follows:
/24 denotes a subnet mask that enables the usage of 256 IP addresses.
/23 denotes a subnet mask that enables the usage of 512 IP addresses.
/22 denotes a subnet mask that enables the usage of 1024 IP addresses.
The /17 range results in the usage of a significantly large number of IP addresses, increasing the potential security concerns. Therefore, CDP does not support the subnet masks in the /17 range to avoid exposing the systems to a large number of IP addresses.