neo4j · fiquick · Mar 21, 2025 · Mar 24, 2025 · Mar 25, 2025 · Mar 25, 2025
diff --git a/modules/ROOT/content-nav.adoc b/modules/ROOT/content-nav.adoc
@@ -108,13 +108,17 @@ Generic Start
 ** xref:security/single-sign-on.adoc[Single sign-on]
 ** xref:security/encryption.adoc[Encryption]
 
-* xref:user-management.adoc[User management]
-
-* xref:billing.adoc[Billing]
+* Network access
+** xref:network-access/query-api.adoc[Using Query API]
+** xref:network-access/urls-ips-ports.adoc[URLs, IPs and ports]
+** xref:network-access/vdc-ip-address.adoc[Get fixed IP]
 
 * Connecting applications
 ** xref:connecting-applications/overview.adoc[Drivers and libraries]
-** xref:connecting-applications/query-api.adoc[Using Query API]
+
+* xref:user-management.adoc[User management]
+
+* xref:billing.adoc[Billing]
 
 * Neo4j Connectors
 ** xref:connectors/spark.adoc[Neo4j Connector for Apache Spark]

diff --git a/...es/connecting-applications/query-api.adoc → .../ROOT/pages/network-access/query-api.adoc b/...es/connecting-applications/query-api.adoc → .../ROOT/pages/network-access/query-api.adoc
diff --git a/modules/ROOT/pages/network-access/urls-ips-ports.adoc b/modules/ROOT/pages/network-access/urls-ips-ports.adoc
@@ -0,0 +1,283 @@
+[[aura-ip-addresses]]
+= IP addresses
+:description: How to configure your firewall to allow traffic to and from public IP addresses.
+
+This page lists the public IP addresses and ports required to allow traffic to and from Neo4j Aura.
+
+An IP address is a unique identifier for a device on a network.
+Enterprises typically only want their resources accessible by a selected range of IP addresses, not the public internet. 
+By specifying the exact IPs Aura uses, you can configure firewalls to allow only trusted inbound and outbound connections.
+
+*Two groups of IP addresses you need to use Aura:*
+
+*Common tools* with *common global addresses* that use global services and are centrally hosted (e.g. the Aura console, `console.neo4j.io` would be 34.110.249.124).
+These tools and services are shared across all Aura databases, regardless of region. 
+
+*Instances in specific regions and cloud providers.* 
+These are the databases you create in Aura and where they physically reside in the cloud (e.g. instance in `us-east-1`, AWS).
+
+== Common global addresses 
+
+These are applicable to all Aura plans.
+
+[cols="1,1,1"]
+|===
+|Access point name |URL |IPv4 Address 
+
+|Aura Console
+|console.neo4j.io
+|35.241.228.234 (for future use 34.110.249.124)
+
+|Aura Workspace
+|workspace-preview.neo4j.io	
+|34.160.183.136
+
+|Aura API
+|api.neo4j.io
+|34.36.216.162
+
+|Aura Support portal
+|support.neo4j.com	
+|link:https://help.salesforce.com/s/articleView?id=000384438&type=1[See full list]
+
+|Aura Bloom	
+|bloom.neo4j.io	
+|34.110.209.142 
+35.244.155.41
+
+|Aura Browser
+|browser.neo4j.io	
+|34.102.158.61
+
+|Aura Data Importer
+|data-importer.neo4j.io	
+|107.178.242.111
+
+|Aura Ops Manager
+|ops-manager.neo4j.io
+|34.160.136.34
+
+|Aura Customer Metrics Integration
+|customer-metrics-api.neo4j.io
+|34.140.105.178
+|===
+
+== Instance addresses
+
+The public IP address of your AuraDB or AuraDS instance depends on the region and Aura plan. 
+
+=== AuraDB Professional
+AuraDB Professional uses a collection of public IP addresses depending on the instance's region and depending on the cloud service provider.
+
+=== GCP (for AuraDS also add port 8491)
+
+[cols="1,1,1,1,1"]
+|===
+|Region |Location |Name |Aura Professional IPv4 Address |Ports (TCP)
+
+|EUROPE
+|Belgium
+|europe-west1
+|35.240.50.81
+35.187.55.46
+|80*,443,7474*,7687
+
+|EUROPE
+|UK
+|europe-west2
+|34.105.131.232
+|80*,443,7474*,7687
+
+|EUROPE
+|Germany
+|europe-west3
+|35.242.209.97
+|80*,443,7474*,7687
+
+|USA
+|Iowa, USA	
+|us-central1
+|104.197.20.211
+35.226.25.193
+|80*,443,7474*,7687
+
+|USA
+|South Carolina, USA
+|us-east1	
+|104.196.181.95
+34.148.173.76
+|80*,443,7474*,7687
+
+|USA
+|Oregon, USA
+|us-west1
+|34.82.68.138
+34.82.120.138
+|80*,443,7474*,7687
+
+|ASIA
+|Hong Kong
+|asia-east2
+|34.96.218.41
+|80*,443,7474*,7687
+
+|ASIA
+|Taiwan
+|asia-east1
+|35.201.159.192	
+|80*,443,7474*,7687
+
+|OCEANIA
+|Australia
+|australia-southeast1
+|34.87.204.150
+|80*,443,7474*,7687
+|===
+
+Port 80 and 7474 are optional and only ever used to redirect to HTTPS. Not used for data communication. 
+
+=== AWS (for AuraDS also add port 8491) 
+
+[cols="1,1,1,1,1"]
+|===
+|Region |Location |Name |Aura Professional IPv4 Address |Ports (TCP)
+
+|EUROPE
+|Ireland
+|eu-west-1
+|54.73.23.22 
+63.32.207.218 
+54.216.115.14	
+|80*,443,7474*,7687
+
+|USA	
+|Oregon, USA
+|us-west-2
+|44.236.242.242
+44.227.200.111
+35.166.145.198
+44.232.120.60
+|80*,443,7474*,7687
+
+|USA
+|North Virginia, USA
+|us-east-1
+|54.205.140.194
+3.224.243.10
+34.237.189.213 
+3.229.58.166 
+52.21.223.250
+54.205.24.25
+52.73.189.221
+44.222.56.18
+34.205.10.16
+18.235.106.124	
+|80*,443,7474*,7687
+
+|SOUTH AMERICA
+|São Paulo, Brazil
+|sa-east-1	
+|54.232.153.180
+18.230.132.57
+54.207.37.117
+|80*,443,7474*,7687
+
+|ASIA
+|Singapore
+|ap-southeast-1
+|52.74.5.242
+13.215.33.19
+54.179.248.226
+|80*,443,7474*,7687
+|===
+
+Port 80 and 7474 are optional and only ever used to redirect to HTTPS. Not used for data communication. 
+
+=== Azure (for AuraDS also add port 8491)
+
+[cols="1,1,1,1,1"]
+|===
+|Region |Location |Name |Aura Professional IPv4 Address |Ports (TCP)
+
+|EUROPE	
+|Paris, France	
+|francecentral	
+|51.103.49.175	
+|80*,443,7474*,7687
+
+|USA	
+|Virginia, USA	
+|eastus	
+|20.124.3.249	
+|80*,443,7474*,7687
+
+|USA	
+|Arizona, USA	
+|westus3	
+|20.124.3.249	
+|80*,443,7474*,7687
+
+|SOUTH AMERICA
+|São Paulo, Brazil	
+|brazilsouth	
+|20.124.3.249
+|80*,443,7474*,7687
+
+|ASIA
+|Seoul
+|koreacentral
+|20.124.3.249
+|80*,443,7474*,7687
+|===
+
+Port 80 and 7474 are optional and only ever used to redirect to HTTPS. Not used for data communication. 
+
+== AuraDB Free tier (GCP ONLY)
+
+[cols="1,1,1,1,1"]
+|===
+
+|Region |Location	|Name |IPv4 Address	|Ports (TCP)
+
+|EUROPE	
+|Belgium
+|europe-west1
+|34.78.243.29
+34.76.245.87
+35.205.213.74
+35.189.250.174
+34.78.76.49
+35.241.237.34	
+|80*,443,7474*,7687
+
+|USA
+|Iowa, USA
+|us-central1	
+|34.69.128.95
+34.66.78.163
+34.121.155.65
+34.31.169.230
+|80*,443,7474*,7687
+
+|ASIA
+|Singapore
+|asia-southeast1
+|34.126.64.110
+34.126.114.186
+34.126.171.25
+34.124.169.171	
+|80*,443,7474*,7687
+|===
+
+Port 80 and 7474 are optional and only ever used to redirect to HTTPS. Not used for data communication. 
+
+== Notes
+
+Further details of the physical location can be found in Google's link:https://cloud.google.com/compute/docs/regions-zones#locations[Regions and zones documentation]
+
+To connect to Aura in your application, your URI will need to use the fully qualified domain name (FQDN) of your AuraDB Instance, and not just the IP address.
+
+For example, if your AuraDB Instance ID is `abcd1234`, then the URI to use would be `neo4j+s://abcd1234.databases.neo4j.io`
+
+Ports 80 and 7474 are redirected to 443 for convenience but communication remains encrypted.
+
diff --git a/modules/ROOT/pages/network-access/vdc-ip-address.adoc b/modules/ROOT/pages/network-access/vdc-ip-address.adoc
@@ -0,0 +1,48 @@
+[[aura-fixed-ip-addresses]]
+= Finding out the fixed IP address to provision in Firewall for an AuraDB Enterprise tier
+
+AuraDB Virtual Dedicated Cloud and AuraDS Enterprise customers have a dedicated IP endpoint to access their AuraDB Instance.
+
+For the Aura Console, the fixed IP addresses are listed here link:connecting-applications/urls-ips-ports.adoc[fixed ip addresses].
+
+To work out the fixed IP address used to access your AuraDB Instances in your environment:
+
+. Select or if none exist create an AuraDB Instance in your environment
+
+. Copy the connection URI of that AuraDB Instance
+
+. Remove the protocol specifier of the URI e.g. neo4j+s://abcd1234.databases.neo4j.io => keep only abcd1234.databases.neo4j.io
+
+. Run from your environment in a command prompt
+
+. nslookup dbid .databases.neo4j.io (adjust the dbid as appropriate)
+
+. Example: `nslookup abcd1234.databases.neo4j.io`
+
+If your AuraDB Instance is on AWS you would see at least 3 IPv4 addresses - one IPv4 address per availability zone - (some regions have up to 5 availability zones and hence there would be more)
+
+$ nslookup abcd1234.databases.neo4j.io
+Server:		127.0.0.53
+Address:	127.0.0.53#53
+
+Non-authoritative answer:
+Name:	abcd1234.databases.neo4j.io
+Address: 50.161.105.214
+Name:	abcd1234.databases.neo4j.io
+Address: 54.233.121.213
+Name:	abcd1234.databases.neo4j.io
+Address: 54.167.147.97
+If your AuraDB Instance is running on GCP or Azure you will only see 1 single IPv4 address instead
+
+$ nslookup a1b2c3d4.databases.neo4j.io
+Server:		127.0.0.53
+Address:	127.0.0.53#53
+
+Non-authoritative answer:
+Name:	a1b2c3d4.databases.neo4j.io
+Address: 51.161.125.214
+
+[IMPORTANT]
+====
+For AuraDS only - The Arrow server runs on port 8491 
+====