Skip to main content
This document lists the static IP addresses used by the Altostrat SDX infrastructure. Use this information to configure firewall rules, access control lists (ACLs), and other network policies to ensure your MikroTik devices can communicate reliably with our platform.
While this page provides a human-readable list, we maintain A and AAAA DNS records that contains an up-to-date list of all critical infrastructure IPs. For automated and resilient firewall configurations, we highly recommend using this record.You can query it using a command-line tool like dig:
dig infra-ips.altostrat.io
The result will be a list of all necessary IP addresses.

​
MikroTik Asynchronous Management API

These are the primary endpoints that your MikroTik devices communicate with for asynchronous tasks, such as receiving jobs, sending heartbeats, and completing the adoption process.
AddressType
76.223.125.108IPv4
15.197.194.200IPv4
2600:9000:a60e:db2a:4d51:9241:8951:9094IPv6
2600:9000:a50c:6014:c9e1:e1f7:4258:42e8IPv6

​
WAN Failover Service

These anycast IP addresses are used by the WAN Failover service for health checks and monitoring to determine the status of your internet links.
AddressType
15.197.71.200Anycast
35.71.132.82Anycast
15.197.83.84Anycast
75.2.53.242Anycast

​
Captive Portal Service

These anycast IP addresses are used for DNS and STUN services required for the Captive Portal functionality to operate correctly.
AddressType
15.197.88.90Anycast
13.248.128.212Anycast

​
Regional Management Servers

Your devices establish a secure Management VPN to one of our regional server clusters for real-time monitoring and synchronous API commands. We use GeoDNS to automatically direct your device to the nearest cluster for optimal performance. The regional FQDN (e.g., afr.sdx.altostrat.io) typically resolves to a load balancer, which then distributes traffic to one of the individual servers in that region.
HostnameIP AddressRole
africa-lb.sdx.altostrat.io139.84.237.24Load Balancer
afr1.sdx.altostrat.io139.84.238.238Management Node
afr2.sdx.altostrat.io139.84.240.250Management Node
afr3.sdx.altostrat.io139.84.238.146Management Node
afr4.sdx.altostrat.io139.84.226.47Management Node
afr5.sdx.altostrat.io139.84.229.190Management Node
afr6.sdx.altostrat.io139.84.238.244Management Node
HostnameIP AddressRole
eur-lb.sdx.altostrat.io45.32.158.203Load Balancer
eur1.sdx.altostrat.io108.61.179.106Management Node
eur2.sdx.altostrat.io140.82.34.249Management Node
eur3.sdx.altostrat.io45.76.93.128Management Node
eur4.sdx.altostrat.io104.238.159.48Management Node
eur5.sdx.altostrat.io95.179.253.71Management Node
HostnameIP AddressRole
usa1.sdx.altostrat.io66.42.83.99Management Node
The Altostrat SDX Web Portal/Dashboard and the main REST API (v1.api.altostrat.io) are served via global Content Delivery Networks (CDNs). The IP addresses for these services are dynamic, geo-located, and subject to change without notice.You should not create firewall rules based on the resolved IP addresses for these services, as they are not guaranteed to be static. The IPs listed on this page are sufficient for all device-to-platform communication.

​
Firewall Configuration Summary

To ensure full functionality, your network firewall should allow outbound traffic from your MikroTik devices to the IP addresses listed on this page. At a minimum, ensure the following: