https://netsuiteprofessionals.com logo
Join SlackCommunities
Powered by
Anyone have experience with connecting to an exter...
# suitescript
c
Anyone have experience with connecting to an external SFTP when an IP/Port is required? Recently we have gotten away with adding the IP address to the approved list, but with the move to OCI I believe the IP changed again. Our Infosec team wants us to come up with a longer term solution to resolve this. However they will not allow an SFTP to be open to the internet and require an IP/Port for network connectivity. However it appears NS is not able to provide an IP list. Has anyone else had to deal with a situation like this? Without an IP/Port I am not aware how any of the recommended solutions would work. The files need to be PGP encrypted and as of right now that all occurs when the files get to the SFTP since there were difficulties getting it working within NS.
p
This may require a middleware tool. I am unsure if you can do ftp whitelisting through a NetSuite script
c
ok. yea it feels like we are stuck. Our IT won't allow connection without an IP and Netsuite doesn't provide IPs. However if we find out there are no other options besides middleware maybe we will be able to get something done.
p
I prefer the middleware solution because tools like boomi can pgp encrypt the file for you
c
yea I think we have been dealing with some many integration issues we are at the point to where we are looking at Boomi or something else
So i guess it works out because it's just another reason to get one
b
NetSuite IP Addresses describes how netsuite publishes their outbound ip address
c
Where exactly? It sounds like it says they don't publish their ips
b
you probably want to read all their warning and alternatives
but there is a line you can find with 
outboundips
c
I have read this page and sent it to our infosec team, but they made it sound like none of these solutions would work.
b
depends on if they can configure their firewall / sftp server to lookup ips
for example, you can see which ips netsuite is using right now by using
Copy code
nslookup <http://outboundips.netsuite.com|outboundips.netsuite.com>
c
yea I asked and they said they aren't using a firewall in front of the server, but maybe we could use a lambda function to query and update . However they didn't know if InfoSec would approve it.
ok so infosec got back to me when I mentioned that outboundips.netsuite.com specifically and the good news is they see the ip that it changed to, but the problem is they may change randomly.
b
it will change whenever netsuite feels like they need another server
so their sftp server would need to be able to lookup ip addresses from domain names, or the more likely reverse lookup domain name from ip address
its more likely to get that from a firewall than a sftp server
c
yea that's the same thing they mentioned so hopefully we figure out a solution. at least now we can get a confirmed list of IPs because without that they wouldn't even add the one I mentioned
Open in Slack
PreviousNext
Powered by