IP addresses for AD and SCEP connections

This page lists the ports and IP addresses Sophos Mobile uses to connect to your Active Directory (AD) or Simple Certificate Enrollment Protocol (SCEP) server.

Sophos Mobile must connect to your AD or SCEP server for the following features:

  • User authentication with AD credentials when enrolling Apple Business Manager, Google zero-touch, or Samsung KME devices.

    See Configure LDAP connection.

  • Distributing certificates to your devices through SCEP.

    See Configure SCEP.

When you use one of these features, configure your firewall to allow inbound connections for the ports and IP addresses listed below.

Ports

For LDAP connections, Sophos Mobile uses TCP port 636.

For SCEP connections, Sophos Mobile uses TCP port 443.

IP addresses

Sophos Mobile uses the IP addresses listed below. The addresses depend on the Sophos Central region for your account.

To find out the region for your account, see Find out Sophos Central region.

Sophos Central region

IP addresses

eu-central-1

52.29.128.75

52.58.235.103

18.156.47.34

eu-west-1

52.209.59.212

52.209.14.81

176.34.113.51

us-west-2

52.42.30.211

52.41.107.188

44.236.112.183

us-east-2

18.220.198.150

18.220.213.3

3.143.71.170