Resources
Infrastructure IPs
Learn about the static IP addresses used by the Altostrat SDX infrastructure.
This document lists the static IP addresses used by the Altostrat SDX infrastructure. Use this information to configure firewall rules, access control lists (ACLs), and other network policies to ensure your MikroTik devices can communicate reliably with our platform.
While this page provides a human-readable list, we maintain A and AAAA DNS records that contains an up-to-date list of all critical infrastructure IPs. For automated and resilient firewall configurations, we highly recommend using this record.You can query it using a command-line tool like The result will be a list of all necessary IP addresses.
dig:MikroTik Asynchronous Management API
These are the primary endpoints that your MikroTik devices communicate with for asynchronous tasks, such as receiving jobs, sending heartbeats, and completing the adoption process.| Address | Type |
|---|---|
76.223.125.108 | IPv4 |
15.197.194.200 | IPv4 |
2600:9000:a60e:db2a:4d51:9241:8951:9094 | IPv6 |
2600:9000:a50c:6014:c9e1:e1f7:4258:42e8 | IPv6 |
WAN Failover Service
These anycast IP addresses are used by the WAN Failover service for health checks and monitoring to determine the status of your internet links.| Address | Type |
|---|---|
15.197.71.200 | Anycast |
35.71.132.82 | Anycast |
15.197.83.84 | Anycast |
75.2.53.242 | Anycast |
Captive Portal Service
These anycast IP addresses are used for DNS and STUN services required for the Captive Portal functionality to operate correctly.| Address | Type |
|---|---|
15.197.88.90 | Anycast |
13.248.128.212 | Anycast |
Regional Management Servers
Your devices establish a secure Management VPN to one of our regional server clusters for real-time monitoring and synchronous API commands. We use GeoDNS to automatically direct your device to the nearest cluster for optimal performance. The regional FQDN (e.g.,afr.sdx.altostrat.io) typically resolves to a load balancer, which then distributes traffic to one of the individual servers in that region.
Africa Region (afr.sdx.altostrat.io)
Africa Region (afr.sdx.altostrat.io)
| Hostname | IP Address | Role |
|---|---|---|
africa-lb.sdx.altostrat.io | 139.84.237.24 | Load Balancer |
afr1.sdx.altostrat.io | 139.84.238.238 | Management Node |
afr2.sdx.altostrat.io | 139.84.240.250 | Management Node |
afr3.sdx.altostrat.io | 139.84.238.146 | Management Node |
afr4.sdx.altostrat.io | 139.84.226.47 | Management Node |
afr5.sdx.altostrat.io | 139.84.229.190 | Management Node |
afr6.sdx.altostrat.io | 139.84.238.244 | Management Node |
Europe Region (eur.sdx.altostrat.io)
Europe Region (eur.sdx.altostrat.io)
| Hostname | IP Address | Role |
|---|---|---|
eur-lb.sdx.altostrat.io | 45.32.158.203 | Load Balancer |
eur1.sdx.altostrat.io | 108.61.179.106 | Management Node |
eur2.sdx.altostrat.io | 140.82.34.249 | Management Node |
eur3.sdx.altostrat.io | 45.76.93.128 | Management Node |
eur4.sdx.altostrat.io | 104.238.159.48 | Management Node |
eur5.sdx.altostrat.io | 95.179.253.71 | Management Node |
US Region (usa.sdx.altostrat.io)
US Region (usa.sdx.altostrat.io)
| Hostname | IP Address | Role |
|---|---|---|
usa1.sdx.altostrat.io | 66.42.83.99 | Management Node |
The Altostrat SDX Web Portal/Dashboard and the main REST API (
v1.api.altostrat.io) are served via global Content Delivery Networks (CDNs). The IP addresses for these services are dynamic, geo-located, and subject to change without notice.You should not create firewall rules based on the resolved IP addresses for these services, as they are not guaranteed to be static. The IPs listed on this page are sufficient for all device-to-platform communication.Firewall Configuration Summary
To ensure full functionality, your network firewall should allow outbound traffic from your MikroTik devices to the IP addresses listed on this page. At a minimum, ensure the following:- Outbound TCP/8443: For the secure Management VPN tunnel to our Regional Management Servers.
- Outbound TCP/443: For the MikroTik Asynchronous Management API.