This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
VikingsFan
Advisor
‎2025-08-14 01:53 PM
Jump to solution

Updatable Objects and WebEx Calling

Getting ready to move to WebEx for voice calling and am trying to use the Updatable Object 'WebEx Services' which points to https://help.webex.com/en-us/article/WBX000028782/Network-Requirements-for-Webex-Services#id_135011

The subnets I'm specifically looking for are a subset of that link and located under the WebEx Calling doc: https://help.webex.com/en-us/article/b2exve/Port-Reference-Information-for-Webex-Calling

Testing has been mostly successful but seeing drops to subnets that are specifically called out on the WebEx Calling doc and stopping the desk phones from fully registering.  For example: 128.177.36.0/24

I checked the  webex.C file and it is missing subnets in the Cisco doc.  Is there a way to request the WebEx Updatable Object to refresh with the subnets from their website or is there a reason certain subnets are missing?

Thanks.

0 Kudos
2 Solutions

Accepted Solutions
the_rock
MVP Platinum
MVP Platinum
‎2025-08-14 04:29 PM
Jump to solution

I dont believe thats CP dependant, its all how vendors "present" it, if you will. In the meantime, I would just allow that whole subnet.

Andy

Best,
Andy

View solution in original post

PhoneBoy
Admin
Admin
‎2025-08-14 05:03 PM
Jump to solution

As with most of our Updatable Objects, we pull the data about IPs from the vendor directly.
We're only as accurate as the vendor is, sadly.

View solution in original post

(1)
7 Replies
the_rock
MVP Platinum
MVP Platinum
‎2025-08-14 04:29 PM
Jump to solution

I dont believe thats CP dependant, its all how vendors "present" it, if you will. In the meantime, I would just allow that whole subnet.

Andy

Best,
Andy
the_rock
MVP Platinum
MVP Platinum
‎2025-08-14 04:31 PM
In response to the_rock
Jump to solution

@VikingsFan This is whats currently included.

Andy


[Expert@CP-GW:0]# dynamic_objects -uo "Webex Services"

object name: Webex Services
range 0 : 4.144.190.0 4.144.190.255
range 1 : 4.152.180.0 4.152.180.255
range 2 : 4.152.214.0 4.152.214.255
range 3 : 4.158.208.0 4.158.208.255
range 4 : 4.175.120.0 4.175.120.255
range 5 : 18.230.160.0 18.230.160.127
range 6 : 20.50.235.0 20.50.235.255
range 7 : 20.53.87.0 20.53.87.255
range 8 : 20.57.87.0 20.57.87.255
range 9 : 20.68.154.0 20.68.154.255
range 10 : 20.76.127.0 20.76.127.255
range 11 : 20.108.99.0 20.108.99.255
range 12 : 20.120.238.0 20.120.239.255
range 13 : 23.89.0.0 23.89.255.255
range 14 : 40.119.234.0 40.119.234.255
range 15 : 44.234.52.192 44.234.52.255
range 16 : 52.232.210.0 52.232.210.255
range 17 : 62.109.192.0 62.109.255.255
range 18 : 64.68.96.0 64.68.127.255
range 19 : 66.114.160.0 66.114.175.255
range 20 : 66.163.32.0 66.163.63.255
range 21 : 69.26.160.0 69.26.191.255
range 22 : 114.29.192.0 114.29.223.255
range 23 : 144.196.0.0 144.196.255.255
range 24 : 150.253.128.0 150.253.255.255
range 25 : 163.129.0.0 163.129.255.255
range 26 : 170.72.0.0 170.72.255.255
range 27 : 170.133.128.0 170.133.191.255
range 28 : 173.39.224.0 173.39.255.255
range 29 : 173.243.0.0 173.243.15.255
range 30 : 207.182.160.0 207.182.191.255
range 31 : 209.197.192.0 209.197.223.255
range 32 : 210.4.192.0 210.4.207.255
range 33 : 216.151.128.0 216.151.159.255
range 34 : 2402:2500:: 2402:2500:3fff:ffff:ffff:ffff:ffff:ffff
range 35 : 2607:fcf0:: 2607:fcf0:3fff:ffff:ffff:ffff:ffff:ffff
range 36 : 2a00:a640:: 2a00:a640:3fff:ffff:ffff:ffff:ffff:ffff

Looking for domains for 'Webex Services' and its children objects:

Domains name list for 'Webex Third Party Services':

[1] safebrowsing.googleapis.com
[2] *.docker.io
[3] d1fjaus8223wqt.cloudfront.net
[4] storage101.dfw1.clouddrive.com
[5] *.amazonaws.com
[6] ec.walkme.com
[7] msftncsi.com
[8] *.docker.com
[9] *.sparkpostmail.com
[10] s3.walkmeusercontent.com
[11] *.digicert.com
[12] *.clouddrive.com
[13] api.amplitude.com
[14] speech.googleapis.com
[15] *.quovadisglobal.com
[16] playerserver.walkme.com
[17] cdn.amplitude.com
[18] cdn.walkme.com
[19] *.amplitude.com
[20] 3c2ba678857e073c9506-9b92ffc51ccdc874f7e956dfcfbdbfba.ssl.cf5.rackcdn.com
[21] *.giphy.com
[22] texttospeech.googleapis.com
[23] 8983bd2f5e976cffe087-a8239a8de08e774770d9a0a128aff634.ssl.cf1.rackcdn.com
[24] *.godaddy.com
[25] captive.apple.com
[26] *.walkme.com
[27] storage101.iad3.clouddrive.com
[28] *.sparkpostmail1.com
[29] storage101.ord1.clouddrive.com
[30] *.rackcdn.com

Domains name list for 'Webex Main Services':

[1] *.eum-appdynamics.com
[2] web-authentication-a.wbx2.com
[3] blog.webex.com
[4] speech-services-manager-a.wbx2.com
[5] mln1mcs119.webex.com
[6] akamaicdn.webex.com
[7] remote.webex.com
[8] *.wbx2.com
[9] globalpage-prod.webex.com
[10] *.webex.com
[11] help.webex.com
[12] status.ciscospark.com
[13] *.accompany.com
[14] devices.webex.com
[15] port.webex.com
[16] web.webex.com
[17] *.webexcontent.com
[18] *.ciscosparkcontent.com
[19] mln1mcs188.webex.com
[20] wdm-a.wbx2.com
[21] developer.webex.com
[22] pgr.webex.com
[23] energy.webex.com
[24] customs.webex.com
[25] bmmp.ciscospark.com
[26] signin.webex.com
[27] mln1mcccl01.webex.com
[28] binaries.webex.com
[29] acs.webex.com
[30] ed1sjcbmm10.webex.com
[31] *.cloudconnector.cisco.com
[32] logo.webex.com
[33] metrics-a.wbx2.com
[34] nebulaai.webex.com
[35] dc.webex.com
[36] idbroker.webex.com
[37] info.webex.com
[38] example.webex.com
[39] use.webex.com
[40] tsa.webex.com
[41] cisco.webex.com
[42] *.cisco.com
[43] vmware.webex.com
[44] training.webex.com
[45] *.ciscospark.com
[46] storm.webex.com
[47] eaicb41301.webex.com
[48] cart.webex.com
[49] faqs.webex.com
[50] service-help.webex.com
[51] ed1vacbmm30.webex.com
[52] eaicbmm10.webex.com
[53] resolver.webex.com
[54] teams.webex.com
[55] txt.webex.com
[56] wap.webex.com
[57] join.webex.com


Operation completed successfully
[Expert@CP-GW:0]#

Best,
Andy
0 Kudos
VikingsFan
Advisor
‎2025-08-15 04:30 AM
In response to the_rock
Jump to solution

That's cool.  Is that the same information that's stored in the webex.C file?  I'll check it out later.  I'll have to compare the list to what's on the WebEx site and then add the extra subnets.  A bit manual and goes against the point of using Updatable Objects but for now is a workaround.

Thanks Andy.

0 Kudos
the_rock
MVP Platinum
MVP Platinum
‎2025-08-15 05:03 AM
In response to VikingsFan
Jump to solution

Not sure about the file itself, but I agree as far as manual work comment. But, as @PhoneBoy has stated, whatever other vendors update, thats all CP can provide, as far as updatable objects. Truth be told, thats the same way with any other fw company.

Andy

Best,
Andy
0 Kudos
PhoneBoy
Admin
Admin
‎2025-08-14 05:03 PM
Jump to solution

As with most of our Updatable Objects, we pull the data about IPs from the vendor directly.
We're only as accurate as the vendor is, sadly.

(1)
VikingsFan
Advisor
‎2025-08-15 04:28 AM
In response to PhoneBoy
Jump to solution

Sounds like I need to talk to my Cisco contacts to have them change it. 🙂

Are you aware of what feed CP uses to pull the IPs from WebEx and if it's publicly available?  I know, for instance, Microsoft lists their networks in a JSON file here: https://endpoints.office.com/endpoints/worldwide?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a...

 

 

0 Kudos
PhoneBoy
Admin
Admin
‎2025-08-15 01:59 PM
In response to VikingsFan
Jump to solution

Offhand, I do not.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events