Copy link to clipboard
Copied
I'm using Adobe XD in corporate network that is using a proxy. The app works fine and saves files in cloud, but when I enable coediting feature (which is mandatory for us) Adobe XD shows a connection error like if I'm offline.
With IT dep. I've tried to listen to Adobe XD in order to find which endpoint calls this particular function but none of them was denied by the proxy.
Which features are required for using this feature? Could be a web socket problem? What can I ask to IT to setup in order to solve this problem?
Thanks
<The Title was renamed by moderator>
Copy link to clipboard
Copied
Hi Riccard,
We are sorry to hear you are having trouble using XD in enterprise enviornment. Would you mind confirming if you have asked your IT team to enable all the network endpoint required to run XD from this article: https://helpx.adobe.com/enterprise/kb/network-endpoints.html & share your results with us?
We will try our best to help.
Thanks,
Harshika
Copy link to clipboard
Copied
Hi Harshika,
I've asked IT dep. to check if all XD endpoints are on whitelist. I'll write back whenever I get their result.
If the answer is positive (like i think) what can I check or do to try to address this issue?
Thanks
Bests
Copy link to clipboard
Copied
Thank for checking with the team. Let us know if they have already enabled the network endpoints and issue still persists.
We will try our best to help.
Thanks,
Harshika
Copy link to clipboard
Copied
Hi, I've spoken with IT and firewall manager. It seems that Adobe XD tries to access the network without using proxies. Proxies are fine by the way.
My Mac is correctly configured, I've checked the configuration shown on these links:
https://helpx.adobe.com/it/download-install/using/proxy-authentication-support.html
It seems that Adobe XD when using coediting tries to reach amazonaws.com without using proxies.
Is there a way to force Adobe XD to not bypass proxies?
Copy link to clipboard
Copied
It seems that connections to amazonaws.com started from Adobe XD are bypassing the proxy.
In order to fix this bug permanently it has to be fixed in Adobe XD software. IT can write rules in firewall in order to patch for now the behaviour but we need to know all amazonaws endpoints the app calls because changes every few hours.
So far we have found 3 endpoints:
ec2-52-22-24-96.compute-1.amazonaws.com
ec2-54-82-212-175.compute-1.amazonaws.com
ec2-34-198-253-93.compute-1.amazonaws.com
Obviously there are many more but there is a way to know them or have a pattern to follow or IP classes? Here we need to be very accurate with connections and firewalls rules.
Copy link to clipboard
Copied
You should be able to wildcard these as *compute*.amazonaws.com.
However, after adding these as firewall exceptions, is the issue resolved? If still encountering a problem, would you mind sharing some logs using the following tool?
https://helpx.adobe.com/creative-cloud/kb/cc-log-collector.html
Copy link to clipboard
Copied
Many thanks Winston for your reply.
I've spoken to the firewall manager and he told me this, I'm directly quoting him.
“Because of our Security Policies we are not allowed to exit directly from our PCs toward the Internet, we must always use the configured proxyes.
The problem rises when Adobe XD do not use the proxy configured end try to exit directly to the internet, like I said this is not allowed.
We need you to fix this problem ASAP because cannot go on working”.
It seems to be an Adobe XD bug. Is it solvable?
Thanks
Copy link to clipboard
Copied
Can you please clarify whether you're able to add an exception for the wildcard address above and can confirm that doing so resolved the original issue you posed about, where XD is showing a message about being offline. I'd like to understand whether this is the confirmed root cause of the problem before taking any further steps. Sharing logs, requested previously would also be beneficial to help isolate the problem.
Copy link to clipboard
Copied
I think I misunderstood some comments above. You'll need to configure firewall exceptions for all the following endpoints in order for the cloud document and coediting features of XD to work: https://helpx.adobe.com/enterprise/kb/network-endpoints.html
Copy link to clipboard
Copied
Thanks Winston for your reply,
unfortunately our firewall is not aple to add string wildcards but only whitelist IPs. Whitelisting the IPs associatyed to the endpoints mentioned some comments above the problem seem partially solved and only if Adobe XD pings these endpoints, when it pings others amazonaws endpoints the problem is still there.
I'll use log app as you suggested before but I think that because the coediting is in beta it has not all the "proxy" features of others in the app. Do you think coediting will be using proxy features after the beta?
Copy link to clipboard
Copied
Does this work as expected with a new cloud document (not coediting enabled), or does it fail for that as well?
Copy link to clipboard
Copied
With no coediting enabled it works just fine. The problem is only with the coediting feature unfortunately.
Copy link to clipboard
Copied
Your company rightfully uses firewalls and proxies to prevent any uinappropriate internet access, and they're obviously very strict about it. Adobe applications and services have their requirements regarding network access, but they're also very clear about it. There just has to be some retsricted and regulated form of open access, otherwise you're stuck.
Use this list of endpoints to be whitelisted in your firewall settings:
https://helpx.adobe.com/enterprise/kb/network-endpoints.html
Copy link to clipboard
Copied
Note: the co-editing feature is still in "beta", so if anything goes wrong, Adobe is in no way liable for any damages. Please refrain from using such software or features if you're not sure about the implications of your use and the consequences of any possible bugs or errors.
Copy link to clipboard
Copied
Thank you Peter for your detailed reply.
Do you think coediting will be using proxy features after the beta?
Unfortunately for the whitelisting, our firewall is not aple to add string wildcards but only whitelist IPs.
Copy link to clipboard
Copied
I have no idea. The reasons for Adobe to (technically) design and facilitate certain services is totally up to them. And whether it will be following the user's needs and requests, or their own privacy and security policies, or just mimicks whatever any competing app is doing in the marketplace, that's a mystery...