My MultiPlus II GX sits behind a firewall through which I manage outgoing connections for all of my IoT devices. I regard my MP-IIGX as an IoT device. I have configured a set of valid IPs for outbound destinations by using the results of manual DNS lookups of the domains specified in the Color Control GX manual. However the manual seems to be out of date as my firewall is blocking additional destination IPs originating from my MP-IIGX.
Here is a list of IPs that I do not block (I realise there are some overlaps):
ccgxlogging: 52.28.0.0/15 and 3.0.0.0/9
Vupdates: 163.171.129.134, 163.171.130.131 and 174.35.118.62
Vsupport: 84.22.107.120 and 84.22.108.49
mqttrpc: 18.198.160.64
mqtt1128: 3.123.93.20, 3.125.86.187, 18.159.118.92, 18.158.132.9, 18.159.187.47, 18.159.56.224, 18.196.62.11 and 35.157.231.129
node-red-updates: 104.16.21.35
timeservers: all destinations on port 123
I recently had to add 174.35.118.62 to the Vupdates list as it was being blocked. I am also seeing access attempts to 35.165.124.40 but I have not opened up access to this IP through the firewall because it does not come up in any DNS lookup of the listed domains.
Very strangely I have had one request to 17.57.146.162 (an Apple IP) from 10.173.189.12 using the MAC address of my MP-IIGX.
The reason for raising this here is to request that Victron make available an up-to-date list of all IPs used by its devices so that firewalls can be programmed correctly and so that any destination IP that is not on the list can be further investigated. As a general purpose computing device with access to the internet, GX devices are potential targets for hackers to use for their malicious purposes and I'd like to be able to prevent them.
