Required list of IP address for for firewall team to inclusion list the endpoint for mid server communication


The firewall team would need to know the specific IP addresses list for as the firewall team is getting a different IP address packet trace to inclusion list for MID Server to communicate with the instance


The Entrust IP addresses used revocation checks are dynamic and globally load-balanced, because of this Entrust cannot provide a set of Static IP addresses.

Other Options:

1. Inclusion list the FQDN's listed below:


2. Proxy the CRL requests to a server in DMZ.

Request to would be directed to a proxy server which has internet access. Proxy server downloads the CRL.
Implementation details are dependent on the hardware/software available to execute this setup.

3. Host the CRL internally.

Please check the below link from entrust for more details