TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

Google Safe Browsing IP Blocking

Discussion in 'Model S: User Interface' started by ReturnZero, Mar 6, 2019.

  1. ReturnZero

    ReturnZero Member

    Joined:
    Jul 9, 2015
    Messages:
    216
    Location:
    Dallas TX
    I have a Synology Router with the Safe Access app on it, which integrates the Google Safe Browsing and Threat Intelligence database to block suspicious traffic on my network. It works pretty well, but pretty regularly it blocks my Model S from connecting to various IP addresses in the middle of the night.

    I'm guessing these are Tesla's IP addresses and it's trying to upload Autopilot data or perhaps do firmware updates or something. These are the IPs I've discovered and whitelisted so far:

    168.1.23.122
    83.161.67.152
    138.201.64.208

    I would prefer to just tell the system to allow any traffic from the Model S MAC address but I can't whitelist on a device basis, only add destination rules that say allow this traffic. Has anyone put together a list of Tesla's IP addresses that should be whitelisted?
     
  2. mb300sd

    mb300sd Member

    Joined:
    Aug 22, 2017
    Messages:
    167
    Location:
    GA
    Can you whitelist a source ip? I assigned the Tesla a static dhcp entry to monitor its traffic easily.
     
  3. ReturnZero

    ReturnZero Member

    Joined:
    Jul 9, 2015
    Messages:
    216
    Location:
    Dallas TX
    Unfortunately no, that would have been my preferred solution but the router doesn't take the origin into account, only the destination.
     
  4. mb300sd

    mb300sd Member

    Joined:
    Aug 22, 2017
    Messages:
    167
    Location:
    GA
    I set up sflow on my switches the other day. Here's the list of IPs the car's talked to lately.

    • 205.234.31.77
    • 239.255.255.250
    • 205.234.31.26
    • 205.234.31.61
    • 34.215.35.189
    • 54.68.224.2
    • 100.25.62.91
    • 13.35.119.76
    • 205.234.31.19
    • 216.58.194.74
    • 3.85.154.158
    • 34.202.206.236
    • 34.209.58.201
    • 52.36.7.211
    Tesla uses AWS, so there's probably no way to get a comprehensive list since they'll keep changing. If you can whitelist by domain, https to the ips and get the domains from the certificates. Those might stay static.
     
    • Helpful x 1
  5. ReturnZero

    ReturnZero Member

    Joined:
    Jul 9, 2015
    Messages:
    216
    Location:
    Dallas TX
    This is really useful, thanks!
     

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


    SUPPORT TMC