mulesoft · luanamulesoft · Jun 26, 2025 · Jun 25, 2025 · Jun 25, 2025 · Jun 25, 2025
@@ -401,7 +401,7 @@ transports:
   rest.agent.transport:
     enabled: false
   websocket.transport:
-    consoleUri: wss://mule-manager.anypoint.mulesoft.com:443/mule
+    consoleUri: wss://runtime-manager.anypoint.mulesoft.com:443/mule
     handshake:
       enabled: true
       body:

@@ -13,21 +13,16 @@ These tables show you the ports or IP addresses and hostnames to add to your all
 
 Because the following endpoints use mutual TLS authentication, to establish the connection, you must configure SSL passthrough to allow the certificates:
 
-* mule-manager.anypoint.mulesoft.com
-* mule-manager.eu1.anypoint.mulesoft.com
 * runtime-manager.anypoint.mulesoft.com
 * runtime-manager.eu1.anypoint.mulesoft.com
 * runtime-manager.gov.anypoint.mulesoft.com
-* arm-auth-proxy.prod.cloudhub.io
 * data-authenticator.anypoint.mulesoft.com
 * data-authenticator.gov.anypoint.mulesoft.com
 * us1.ingest.mulesoft.com 
 * eu1.ingest.mulesoft.com 
 
 In addition, the following endpoints use WebSockets:
 
-* mule-manager.anypoint.mulesoft.com
-* mule-manager.eu1.anypoint.mulesoft.com
 * runtime-manager.anypoint.mulesoft.com
 * runtime-manager.eu1.anypoint.mulesoft.com
 * runtime-manager.gov.anypoint.mulesoft.com
@@ -41,10 +36,8 @@ Ports, IP addresses, and hostnames are required for outbound connectivity. Inbou
 |===
 |Region |Name |Port
 |*US*|anypoint.mulesoft.com | 443
-|*US*|mule-manager.anypoint.mulesoft.com | 443
 |*US*|runtime-manager.anypoint.mulesoft.com | 443
 |*US*|analytics-ingest.anypoint.mulesoft.com |  443
-|*US*|arm-auth-proxy.prod.cloudhub.io |  443
 |*US*|data-authenticator.anypoint.mulesoft.com |  443
 |*US*|exchange-files.anypoint.mulesoft.com | 443
 |*US*|exchange2-asset-manager-kprod.s3.amazonaws.com |  443
@@ -55,10 +48,8 @@ Ports, IP addresses, and hostnames are required for outbound connectivity. Inbou
 |*US-GOV*|exchange-files.gov.anypoint.mulesoft.com | 443
 |*US-GOV*|exchange2-asset-manager-kgprod.s3.us-gov-west-1.amazonaws.com | 443
 |*EU*|eu1.anypoint.mulesoft.com | 443
-|*EU*|mule-manager.eu1.anypoint.mulesoft.com | 443
 |*EU*|runtime-manager.eu1.anypoint.mulesoft.com | 443
 |*EU*|analytics-ingest.eu1.anypoint.mulesoft.com |  443
-|*EU*|arm-auth-proxy.prod-eu.msap.io |  443
 |*EU*|data-authenticator.eu1.anypoint.mulesoft.com |  443
 |*EU*|exchange2-asset-manager-kprod-eu.s3.eu-central-1.amazonaws.com |  443
 |*EU*|eu1.ingest.mulesoft.com |  8443
@@ -70,18 +61,6 @@ Ports, IP addresses, and hostnames are required for outbound connectivity. Inbou
 [NOTE]
 As part of our continuous infrastructure improvement, MuleSoft introduces a new set of static IP addresses in Runtime Manager to augment existing ones. To avoid service disruption, allow the IP addresses or domains, depending on your network policy, through your organization's firewall before February 1st, 2024, as listed below. For more information, visit https://help.mulesoft.com/s/article/New-IP-addresses-in-Runtime-Manager-2024-February[KB: New IP addresses in Runtime Manager 2024 February ^].
 
-* Allowlist these static IPs in the `US` region to access the `mule-manager` hosts:
-+
-[%header,cols="10a,60a,30a"]
-|===
-|Region |Name |IP Address
-|*US*|mule-manager.anypoint.mulesoft.com |52.201.174.72
-|*US*|mule-manager.anypoint.mulesoft.com |52.201.67.218
-|*US*|mule-manager.anypoint.mulesoft.com |44.196.243.83 (Starting Feb 2024)
-|*US*|mule-manager.anypoint.mulesoft.com |3.223.189.76 (Starting Feb 2024)
-|*US*|mule-manager.anypoint.mulesoft.com |18.210.198.109 (Starting Feb 2024)
-|===
-
 * Allowlist these static IPs in the `US` region to access the `runtime-manager` hosts:
 +
 [%header,cols="10a,60a,30a"]
@@ -94,16 +73,6 @@ As part of our continuous infrastructure improvement, MuleSoft introduces a new
 |*US*|runtime-manager.anypoint.mulesoft.com |44.209.29.79 (Starting Feb 2024)
 |===
 
-* Allowlist these static IPs in the `EU` region to access the `mule-manager` hosts:
-+
-[%header,cols="10a,60a,30a"]
-|===
-|Region |Name |IP Address
-|*EU*|mule-manager.eu1.anypoint.mulesoft.com |18.195.19.18
-|*EU*|mule-manager.eu1.anypoint.mulesoft.com |18.194.245.32
-|*EU*|mule-manager.eu1.anypoint.mulesoft.com |18.193.248.250 (Starting Feb 2024)
-|===
-
 * Allowlist these static IPs in the `EU` region to access the `runtime-manager` hosts:
 +
 [%header,cols="10a,60a,30a"]
@@ -127,31 +96,20 @@ Include the following fully qualified hostnames in your Layer 7 firewall rules:
 |Region |Hostname
 |*US*|anypoint.mulesoft.com
 |*US*|analytics-ingest.anypoint.mulesoft.com
-|*US*|arm-auth-proxy.prod.cloudhub.io
 |*US*|data-authenticator.anypoint.mulesoft.com
 |*US*| us1.ingest.mulesoft.com
 |*US-GOV*|runtime-manager.gov.anypoint.mulesoft.com
 |*US-GOV*|data-authenticator.gov.anypoint.mulesoft.com
 |*US-GOV*|gov.anypoint.mulesoft.com
 |*EU*|eu1.anypoint.mulesoft.com
 |*EU*|analytics-ingest.eu1.anypoint.mulesoft.com
-|*EU*|arm-auth-proxy.prod-eu.msap.io
 |*EU*|data-authenticator.eu1.anypoint.mulesoft.com
 |*EU*|eu1.ingest.mulesoft.com  
 |===
 
 === Allowlist
 
-Allowlist the following URLs only if you are using Agent versions earlier than 1.12.0 (in Mule 3.x) and 2.2.0 (in Mule 4.x):
-
-[%header,cols="30a,60a"]
-|===
-|URL |Description
-|mule-manager.anypoint.mulesoft.com| Connection for ARM management capabilities (*self-signed agents*)
-|arm-auth-proxy.prod.cloudhub.io| Connection to the metrics ingestion service of arm-monitoring stack (*self-signed agents*)
-|===
-
-Allowlist the following URLs only if you are using Agent versions 1.12.0 (in Mule 3.x) and 2.2.0 (in Mule 4.x) or higher:
+Allowlist the following URLs, the valid Agents are only 1.12.0+ (in Mule 3.x) and 2.2.0+ (in Mule 4.x):
 
 [%header,cols="30a,60a"]
 |===

@@ -40,7 +40,7 @@ transports:
     enabled: false
   websocket.transport:
     enabled: true
-    consoleUri: wss://mule-manager.anypoint.mulesoft.com:443/mule
+    consoleUri: wss://runtime-manager.anypoint.mulesoft.com:443/mule
     handshake:
       enabled: true
       body: null
@@ -50,7 +50,7 @@ globalConfiguration:
     keyStoreAlias: agent
     keyStoreAliasPassword: keyStoreAliasPass
   authenticationProxy:
-    endpoint: https://arm-auth-proxy.cloudhub.io
+    endpoint: https://data-authenticator.anypoint.mulesoft.com:443
 internalHandlers:
   mule.agent.tracking.handler.analytics:
     enabled: false
@@ -77,7 +77,7 @@ To run both transports, modify the `mule-agent.yml` file with the following valu
 ----
 transports:
   websocket.transport:
-    consoleUri: wss://mule-manager.anypoint.mulesoft.com:443/mule
+    consoleUri: wss://runtime-manager.anypoint.mulesoft.com:443/mule
     security:
       keyStorePassword: _password_
       keyStoreAlias: agent

@@ -121,23 +121,6 @@ subject=/C=US/ST=California/L=San Francisco/O=salesforce.com, inc./CN=runtime-ma
 ----
 --
 
-* Agent versions earlier than 1.12.0 and 2.2.0:
-+
---
-[source,console,linenums]
-----
-echo -e "GET / HTTP/1.0\r\n" | openssl s_client -connect mule-manager.anypoint.mulesoft.com:443 -ign_eof
-----
-
-The output of this command should include the following information:
-
-[source,console,linenums]
-----
------END CERTIFICATE-----
-subject=/C=US/ST=CA/L=San Francisco/O=Mulesoft/OU=Mulesoft/CN=mule-manager.anypoint.mulesoft.com/emailAddress=devops@mulesoft.com issuer=/C=US/ST=CA/L=San Francisco/O=Mulesoft/OU=Mulesoft/CN=Mulesoft/emailAddress=devops@mulesoft.com
-----
---
-
 If the expected information does not appear in the output,
 contact your networking team with the `openssl` command's output.
 

@@ -11,15 +11,8 @@ The certificate ensures secure communication between Runtime Manager and the Run
 
 When a server certificate expires, Runtime Manager displays `Disconnected` in the *Status* column
 for the server on the *Servers* page.
-The `mule_agent.log` file displays a message like the following:
-
-* For Mule 3:
-
-----
-com.mulesoft.agent.transport.WSConnection: Failed attempt to connect nro. 1 to the web socket client at mule-manager.anypoint.mulesoft.com: Connection refused.
-----
 
-* For Mule 4:
+The `mule_agent.log` file displays a message like the following:
 
 ----
 com.mulesoft.agent.transport.WSConnection: Failed attempt to connect nro. 1 to the web socket client at runtime-manager.anypoint.mulesoft.com: Connection refused.