Documentation

Resolving connection timeout errors with dedicated egress IP in AEM as a Cloud Service

Last update: Thu May 22 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

This article addresses connection timeout errors when configuring a dedicated egress IP in Adobe Experience Manager as a Cloud Service (AEMaaCS) to securely route external API calls. The issue occurs when outbound traffic defaults to Adobe’s shared IP pool instead of using the configured dedicated egress IP. To fix the issue, ensure that outbound traffic uses the configured dedicated egress IP.

Description description

Environment

Product: Adobe Experience Manager as a Cloud Service (AEMaaCS)
Feature: Dedicated Egress IP configuration
Networking: Advanced networking with HTTP/HTTPS proxying

Issue/Symptoms

  • External API calls through the dedicated egress IP result in connection timeout errors.
  • Network logs show no traffic routed through the dedicated egress IP.
  • Publicly accessible external API endpoints succeed but use a shared IP address.
  • System.getenv("AEM_HTTP_PROXY_PORT") returns null, preventing proper proxy configuration.

Resolution resolution

To resolve this issue, follow these steps:

  1. Confirm the Dedicated Egress IP Address  is in a Ready  state within Cloud Manager under Services > Network Infrastructures.

  2. Ensure advanced networking is enabled for the relevant environment under Environments > Advanced Networking Configuration.

  3. Use port 3128 as the default proxy port for routing HTTP/HTTPS traffic through the dedicated egress IP. Update your application code to explicitly configure the proxy host and port, ensuring all HTTP/HTTPS requests use the following proxy configuration:

    code language-none 
    String proxyHost = System.getenv("AEM_PROXY_HOST"); // Example: "proxy.tunnel"
int proxyPort = Integer.parseInt(System.getenv().getOrDefault("AEM_HTTP_PROXY_PORT", "3128"));

  4. Remove unnecessary port forwarding rules for standard HTTP/HTTPS ports (80 and 443), as they are not required. Remove any existing configurations under Advanced Networking if they conflict with this setup.

  5. Test connectivity by validating that API calls successfully route through the dedicated egress IP, monitoring network logs or testing against whitelisted endpoints.

  6. Implement fallback logic in your code to dynamically retrieve or default to port 3128 if System.getenv("AEM_HTTP_PROXY_PORT") returns null. Additionally, monitor Adobe documentation for updates on default proxy configurations or changes to networking behavior.

Following these steps ensures that external API calls are securely and reliably routed through your configured dedicated egress IP.

Dedicated egress IP address

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f