If a merchant has firewall rules permitting access outbound (http/s) from their systems to *.globalgatewaye4.firstdata.com hosts they are encouraged to use Fully Qualified Domain Names (FQDN) instead of specific IP addresses in their rule sets.
For those merchants who use numerical IP addresses for their rule sets, the address ranges are listed below. Note that the COMPLETE LIST of addresses must be added and not just one or two.
The address ranges listed below are for the production environment only. In order to permit access to the demo environment, you will need to use FQDN. We do not list IP addresses for the demo environment.
Outgoing from merchant firewalls to *.GlobalGatewayE4.FirstData.com
IPv4 - These are all mandatory for all merchants who have firewall rules.
IPv6 - This complete list can be optionally added by merchants who want to include IPv6 in their firewall rules. It does not replace the need to add all of the above IPv4 IPs:
If a merchant uses “Hosted Payment Pages” they may have inbound http/s firewall rules to receive information sourcing from *.globalgatewaye4.firstdata.com hosts. These merchants are also encouraged to use FQDNs instead of IP addresses. Merchants should choose Option 1 or Option 2 depending on their firewall’s ability to use FQDNs:
Note that the COMPLETE LIST of FQDNs or addresses must be added and not just one or two.
Option 1: use fully qualified dns domain names to allow incoming:
Option 2: use static IP addresses to allow incoming: