Obtaining AWS IP ranges to enable proxy and firewall configuration

Depending on your company's infrastructure setup, the on-premises components may or may not go through a proxy/firewall to reach the Symphony pod.

We have seen previous cases where the customer's own network team use a static IP in the proxy/firewall settings, to allow traffic directly to the Symphony pod. However, static IP's provide an issue at this point due to AWS performing automatic scaling on their side, which will assign/remove IP from the ELB dynamically. 
Note: Because the set of IP addresses associated with a LoadBalancer can change over time, you should never create an 'A' record with any specific IP address. If you want to use a friendly DNS name for your load balancer instead of the name generated by the Elastic Load Balancing service, you should create a CNAME record for the LoadBalancer DNS name, or use Amazon Route 53 to create a hosted zone. For more information, see Using Domain Names With Elastic Load Balancing
Note: Symphony have no control over AWS regarding their scaling, therefore Symphony is unable to notify you beforehand
In the event that your company does use static IP in the proxy/firewall settings, you may want to refer to the below steps to find the IP ranges for your pod. To find which AWS region your pod is located or what the IP is used by your pod in the ELB currently, you can use the following NSLOOKUP command: 

nslookup <POD NAME>.symphony.com

Server:  USPA-DC03.corp.symphony.com



Non-authoritative answer:

Name:    XXXXXXXXXXXXXXXXXXXX.us-east-1.elb.amazonaws.com

Addresses:  AAA.BBB.CCC.DDD



Aliases:  <POD NAME>.symphony.com

In the above example, the region name is US-East-1
If that is the case, you may want to check with your network team to review the AWS IP address range for the US-East-1 region by using the following URL:


As there are many IP address which AWS holds - it was best advised to filter for the specific IP address - there were approximately 251 IP address for the US-East-1 region.

You will also be able to filter for the IP address using the following URL:
You can use the following URL tool, to calculate the IP range and its netmask (supernet) address:
Here, the IP netmask (supernet) for will give you the IP and netmask of This will cover the range from to (Figure 1):

Figure 1 IP Details
If you require further assistance regarding this, please contact the Symphony Support team at support@symphony.com