Adobe Creative Cloud 网络访问指南：必须放行的域名与防火墙配置

1. 为什么 Adobe Creative Cloud 经常提示地区不支持或网络异常

受网络环境、访问限制以及 Adobe 服务架构变化等因素影响，近年来 Adobe Creative Cloud App、Photoshop、Lightroom、Firefly 生成式 AI、云同步、字体同步等功能对网络环境的要求越来越高。尤其是在国内网络环境下，即使已经成功登录 Adobe Creative Cloud App，也经常出现以下问题：

• Creative Cloud 一直转圈无法登录
• Photoshop AI 生成式填充无法使用
• Lightroom 云同步失败
• Adobe Fonts 无法加载
• Firefly 提示当前地区不可用
• Creative Cloud Marketplace 无法打开
• Adobe Stock 素材无法加载
• 软件频繁提示网络连接错误

如果你在像素工坊购买了 Adobe Pro 订阅账号，在 Photoshop、Lightroom 等软件中仍然提示当前地区不可用、网络异常或服务无法访问，那么大概率并非账号本身存在问题，而是 Adobe 官方服务未能正常连接。

Adobe 官方明确要求，在受限网络、防火墙、企业网络以及代理环境中，需要允许访问指定域名和网络端点，否则相关服务将无法正常工作。(Adobe 帮助中心)

2. Adobe 官方关于网络访问的说明

根据 Adobe 官方发布的《Network Endpoints for Adobe Apps & Services》文档，Adobe 应用程序及相关服务需要通过 HTTPS（443 端口）访问多个官方域名和云服务地址。Adobe 会定期更新这些地址，因此官方建议企业和管理员持续同步最新允许列表。对于绝大多数用户而言，并不需要理解复杂的网络架构，只需要确保相关域名能够正常访问即可。

本文整理了最常见且最关键的 Adobe 服务访问域名，完整列表请以 Adobe 官方文档为准：Adobe 官方网络说明文档

3. 必须放通或代理的域名

这一部分属于 Adobe Creative Cloud 的核心服务。如果这些域名无法访问，通常会直接导致登录失败、许可证验证失败、Creative Cloud 无法连接、AI 功能不可用等问题。以下为 Adobe 官方最小允许列表中的核心服务域名：

Adobe hosted domains:

• *.adobe.com
• *.adobe.io
• *.adobecc.com
• *.adobecces.com
• *.adobeccstatic.com
• *.adobedtm.com
• *.adobeexchange.com
• *.adobegenuine.com
• *.adobegov.com
• *.adobe-identity.com
• *.adobejanus.com
• *.adobelogin.com

• *.adobedc.net
• *.adobeoobe.com
• *.adobeprojectm.com
• *.adobesc.com
• *.adobe-services.com
• *.adobess.com
• *.adobesunbreak.com
• *.adobetag.com
• *.behance.net
• *.ftcdn.net
• *.typekit.com
• *.typekit.net
• slp-statics.astockcdn.net

Amazon Web Services:

• *.s3.amazonaws.com
• s3.amazonaws.com/tron-ffc-icons-prod/
• gocart-web-prod-*.elb.amazonaws.com
• *.kinesisvideo.*.amazonaws.com
• *.s3-accelerate.amazonaws.com

Other third-party domains:

• *.cloudfront.net
• firebase-settings.crashlytics.com
• firebase*.googleapis.com
• wss://speech.platform.bing.com
• *.arkoselabs.com

这些域名主要承担以下功能：

• Adobe Identity Service 负责账号认证与登录。
• Creative Cloud Service 负责订阅状态验证与许可证检查。
• Adobe Firefly 负责生成式 AI 服务。
• Adobe Fonts 负责字体同步。
• Adobe Stock 负责素材访问。
• Creative Cloud Desktop 负责应用安装、更新以及插件市场访问。

4. 建议放通或代理的域名

除了核心业务域名之外，Adobe 还依赖大量 CDN、对象存储以及内容分发服务。部分用户能够正常登录 Adobe，但 Marketplace、Stock、插件市场、云同步等功能异常，往往就是这些辅助域名未被允许访问导致。

以下为 Adobe 官方建议允许访问的服务域名（截止 2026.06.04。由于 Adobe 持续使用云服务和 CDN 网络，部分资源可能会动态调整，因此官方建议优先采用域名放通，而不是固定 IP 白名单策略。）：

lm.licenses.adobe.com
resources.licenses.adobe.com
cs.licenses.adobe.com
exception.licenses.adobe.com
pubcerts.licenses.adobe.com
workflow.licenses.adobe.com
auth.services.adobe.com
acrs.adobe.com
adobecloudpackager.adobe.io
adminconsole.adobe.com
cc-ext-prod-pkgs.s3.amazonaws.com
ccmdls.adobe.com
ccmdl.adobe.com
ans.oobesaas.adobe.com
ars.oobesaas.adobe.com
cdn-ffc.oobesaas.adobe.com
ffc-icons.oobesaas.adobe.com
ffc-static-cdn.oobesaas.adobe.com
prod-rel-ffc-ccm.oobesaas.adobe.com
acc.adobeoobe.com
prod.acp.adobeoobe.com
mir-s3-cdn-cf.behance.net
swupmf.adobe.com
swupdl.adobe.com
oobe.adobe.com
productrouter.adobe.com
s3.amazonaws.com
s3.amazonaws.com/tron-ffc-icons-prod/
tron-prod-customized-user-packages.s3.amazonaws.com
armmf.adobe.com
ardownload.adobe.com
ardownload2.adobe.com
agsupdate.adobe.com
ims-na1.adobelogin.com
ims-prod06.adobelogin.com
ims-prod07.adobelogin.com
static.adobelogin.com
delegated.adobelogin.com
adobeid.services.adobe.com
adobeid-na1.services.adobe.com
federatedid-na1.services.adobe.com
na1e-acc.services.adobe.com
na1e.services.adobe.com
na1r.services.adobe.com
ad.adobe-identity.com
ids-proxy.account.adobe.com
lcs-cops.adobe.io
lcs-robs.adobe.io
lcs-entitlement.adobe.io
lcs-ulecs.adobe.io
ams.adobe.com
adobelogin.prod.ims.adobejanus.com
services.prod.ims.adobejanus.com
www-prod.adobesunbreak.com
genuine.adobe.com
prod.adobegenuine.com
gocart-web-prod-*.elb.amazonaws.com
http://armdl.adobe.com/
api-cna01.adobe-services.com
supportanyware.adobe.io
acc-learn.adobe.com
acc-learn.adobe.io
accounts.adobe.com
acp-ss-ue1.adobe.io
adobe-api.arkoselabs.com
adobe-verify.arkoselabs.com
api.account.adobe.com
api.typekit.com
cc-api-behance.adobe.io
cc-api-data.adobe.io
cc-api-storage.adobe.io
client-api.arkoselabs.com
client-verify.arkoselabs.com
crs.cr.adobe.com
data.typekit.net
federation-gateway.adobe.io
fonts.adobe.com
helpx.adobe.com
notify.adobe.io
p.typekit.net
p13n.adobe.io
p13n-mr.adobe.io
polka.typekit.com
prod.adobeccstatic.com
public.adobecc.com
scss.adobesc.com
ss-prod-ue1-notif-16.aws.adobess.com
sso.behance.net
sstats.adobe.com
state.typekit.net
use.typekit.net
wwwimages.adobe.com
wwwimages2.adobe.com
delegated.identity.adobe.com
www.adobe.com
a3.behance.net
a5.behance.net
account.adobe.com
acp-ss-an1.adobe.io
acp-ss-ew1.adobe.io
acp-ss.adobe.io
*.adbecrsl.com
*.adbephotos.com
adobe.ly
adobesearch.adobe.io
appregistry.adobe.io
aps-web.adobe.io
as.ftcdn.net
as1.ftcdn.net
as2.ftcdn.net
assets-cdn.adobe.com
assets-helper.adobe.io
assets.adobe.com
assets.fonts.adobe.com
audios.ftcdn.net
audio-video-api.adobe.io
awenroll.adobe.com
byof.adobe.io
cc-api-cp.adobe.io
cc-cdn.adobe.com
cc-collab.adobe.io
ccext-cdn.adobecces.com
ccext-public.adobe.io
ccext-static.adobecces.com
ccext.adobe.io
ccext.adobecces.com
cchome.adobe.io
cclibraries-defaults-cdn.adobe.com
cctypekit.adobe.io
cdn-sharing.adobecc.com
cdn.cp.adobe.io
client.messaging.adobe.com
comments.adobe.io
community.adobe.com
connect.ffc.adobeoobe.com
creativecloud.adobe.com
*.creativecloud.com
cvs.adobe.com
d32a1iuc7x840y.cloudfront.net
d3gnp5fs6fu2h7.cloudfront.net
dnzuu5synxxfk.cloudfront.net
dc-api.adobe.io
design-assets.adobeprojectm.com
ds-an1.adobe.io
ds-ew1.adobe.io
ds-ue1.adobe.io
ds.adobe.io
exchange.adobe.com
faster.typekit.net
firebase-settings.crashlytics.com
firebaseinstallations.googleapis.com
firebaselogging-pa.googleapis.com
gensoundfx.ff.adobe.io
geo.adobe.com
geo2.adobe.com
ic.adobe.io
illustrator.adobe.com
image.adobe.io
indd.adobe.com
landing.adobe.com
lightroom.adobe.com
links.adobe.io
livecreate-an1.adobe.io
livecreate-ew1.adobe.io
livecreate-ue1.adobe.io
*.macromedia.com
mail.adobegov.com
odin.adobe.com
*.omniture.com
pgc.adobe.io
photos.adobe.io
photoshop.adobe.com
platform-assets.typekit.net
platform-cs*.adobe.io
platform-cs.adobe.io
acp-*.adobe.io
presence-an1.adobe.io
presence-ew1.adobe.io
presence-ue1.adobe.io
preview.illustrator.adobe.com
prod.wam.adobe.com
psweb-cd.adobe.io
s.ftcdn.net
server.messaging.adobe.com
sensei.adobe.io
sharedcloud-production*.s3.amazonaws.com
sharedcloud-production*.s3-accelerate.amazonaws.com
aep-cs*.s3-accelerate.amazonaws.com
aep-cs*.s3.amazonaws.com
sharedcloud-production-us-east-1-data-temp.s3.amazonaws.com
slp-statics.astockcdn.net
ss-prod-an1-notif-13-aws.adobess.com
ss-prod-an1-notif-16.aws.adobess.com
ss-prod-ew1-notif-13-aws.adobess.com
ss-prod-ew1-notif-16.aws.adobess.com
ss-prod-ue1-notif-13-aws.adobess.com
ss-prod-ue1-notif-79.aws.adobess.com
static-assets.photoshop.adobe.com
stock-landing-pages.adobe.io
stock.adobe.com
translate-captions*.s3-accelerate.amazonaws.com
t3.ftcdn.net
t4.ftcdn.net
udps.adobe.com
ui.messaging.adobe.com
use.typekit.com
utut-service.adobe.com
v.ftcdn.net
video-v1.ff.adobe.io
wss://livecreate-*.adobe.io
wss://presence-*.adobe.io
wss://speech.platform.bing.com
xd-cdn.adobecces.com
xd.adobe.com
xdce.adobe.io
shared-components.adobe.com
platform-cs-edge.adobe.io
libraries.adobe.io
platform-cs-va6.adobe.io
platform-cs-edge-va6.adobe.io
platform-cs-va6c2.adobe.io
platform-cs-edge-va6c2.adobe.io
platform-cs-irl1.adobe.io
platform-cs-edge-irl1.adobe.io
platform-cs-jpn3.adobe.io
platform-cs-edge-jpn3.adobe.io
platform-cs-deu1.adobe.io
platform-cs-edge-deu1.adobe.io
ccprojects.adobe.io
ccprojects-va6.adobe.io
ccprojects-va6c2.adobe.io
ccprojects-irl1.adobe.io
ccprojects-jpn3.adobe.io
ccprojects-deu1.adobe.io
invitations.adobe.io
pps.services.adobe.com
ab.adobe-identity.com
cai.adobe.io
cai-identity.adobe.io
policy.adobe.io
cai-msb.adobe.io
cai-manifests.adobe.com
cai-settings.adobe.io
firefly-ae.adobe.io
senseicore.adobe.io
sensei-va6.adobe.io
firefly.adobe.io
firefly-clio-imaging.adobe.io
pre-signed-firefly-prod.s3-accelerate.amazonaws.com
firefly-ps.adobe.io
firefly-ai.adobe.io
firefly-acs.adobe.io
firefly.adobe.com
firefly-md.adobe.io
clio-assets.adobe.com
firefly-cliov2.adobe.com
raw.githubusercontent.com/c2pa-org
senseicore-ue1.adobe.io
sensei-ue1.adobe.io
firefly-st.adobe.io
firefly-api.adobe.io
pre-signed-firefly-prod.s3.amazonaws.com
adobemobiledev.demdex.net
adobesparkpost.app.link
assets.adobedtm.com
awcm177.awmdm.com
cai-splunk-proxy.adobe.io
ccac-cdn.adobe.com
cdn.schedule.adobe.com
cdn-prod-ccv.adobe.com
clientservices.googleapis.com
cm.everesttech.net
configuration.apple.com
detect.ffc.adobeoobe.com:15292
detect.ffc.adobeoobe.com:35691
detect.ffc.adobeoobe.com:57921
dpm.demdex.net
dq4p8hz4ypg6l.cloudfront.net
express.adobe.com
express-brand-migration.adobe.io
express-search.hz.adobe.com
gateway.icloud.com
gsp64-ssl.ls.apple.com
hbrt.adobe.com
hz-ccx-das.adobe.io
hz-telemetry.adobe.io
images-tv.adobe.com
mesu.apple.com
metrics.icloud.com
new.express.adobe.com
o1383653.ingest.sentry.io
pf-temp-repo-ue1-prod.s3.amazonaws.com
platform-cs-edge-va7.adobe.io
pps.adobe.io
schedule.adobe.io
search.adobe.io
spark-content-publish.adobe.io
spark-design-variations-v2.adobe.io
ss-prod-ue1-ns.aws.adobess.com
static.thenounproject.com
stock.adobe.io
stock-apex-images-prod-ew1.s3.eu-west-1.amazonaws.com
stocks-data-service.apple.com
uds.adobe-identity.com
video.tv.adobe.com
weather-data.apple.com
wss://prod.wam.adobe.com
braze-images.com
sdk.iad-01.braze.com
cpf-temp-repo-ue1-prod.s3.amazonaws.com
*.adobesc.com
acpprodva7apollo.blob.core.windows.net/acp-prod-va7-data*
acp-ss-*.adobe.io
*.adobess.com
cc-api-storage*.adobe.io
assets2.adobe.com
adobeexchange.com
adbemdigitalmediarebootprod2.112.2o7.net
cdn.tt.omtrdc.net
api.demandbase.com
*.ftcdn.net
*.behance.net
cc-api-image.adobe.io/createagc
cc-api-image-x.adobe.io/agctosvg
*.astockcdn.net
cc-api-assets.adobe.io
api.behance.net
adobe.demdex.net
adobe.tt.omtrdc.net
store1.adobe.com
adobe.com
bam.nr-data.net
*.adobe.io
*.s3*.amazonaws.com
bat.bing.com
c.betrad.com
c.evidon.com
googleads.g.doubleclick.net
js-agent.newrelic.com
snap.licdn.com
www.everestjs.net
www.facebook.com
www.googleadservices.com
www.googletagmanager.com
match.prod.bidr.io
scripts.demandbase.com
cdn.inpwrd.net
ct.pinterest.com
d9.flashtalking.com
pixel.quantserve.com
9212252.fls.doubleclick.net
use.edgefonts.net
adobetag.com
ans.oobesas.adobe.com
api.adobe.io
adobeexchange.com/api
*.licenses.adobe.com
amazonaws.com
adobe.io
cc-api-sharedproductions-prerelease.adobe.io
cc-api-teamprojects.adobe.io
cc-api-teamprojects-ue1.adobe.io
cc-api-teamprojects-ew1.adobe.io
cc-api-teamprojects-an1.adobe.io
docs.aws.amazon.com/general/latest/gr/
rande.html#s3_region
adobe-voice.adobe.io
adobe-voice-va7.adobe.io
adobe-voice-nld2.adobe.io
blob.core.windows.net
oz-prod-masters.s3.us-west-2.amazonaws.com
oz-prod-proxies.s3.us-west-2.amazonaws.com
oz-prod-proxies-video-1080p.s3.us-west-2.amazonaws.com
oz-prod-proxies-video-1080p-bt709.s3.us-west-2.amazonaws.com
oz-prod-proxies-video-1080p709.s3.us-west-2.amazonaws.com
oz-prod-proxies-video-360p.s3.us-west-2.amazonaws.com
oz-prod-proxies-video-fullsize.s3.us-west-2.amazonaws.com
revel-prod-us-west-2.s3.us-west-2.amazonaws.com
oz-prod-asset-aux.s3.us-west-2.amazonaws.com
oz-prod-cr-params.s3.us-west-2.amazonaws.com
directstorage.adbephotos.com
oz-prod-versions.s3.us-west-2.amazonaws.com
sensei.adobe.io/services/v2/predict
image.adobe.io/sensei/mask
image.adobe.io/utils/storage?num=2
mds-cdn.infra.adobesensei.io
senseimds.adobe.io
Windows:
Apple:
creative.adobe.com
myportfolio.com
splcloud.adobe.io
firefly-prerelease.adobe.io
firefly-cliov2.adobe.io
firefly-beta.adobe.io
firefly-balancer.adobe.io
firefly-cme-training.adobe.io
firefly-cme-inference.adobe.io
firefly-clio-imaging-prerelease.adobe.io
firefly-3di.adobe.io
aep-cs-blobstore-prod-va6-data.s3.amazonaws.com
dc-api-v2.adobe.io
platform-cs-va6-adobe.io
esp.aptrinsic.com
prosite.com
story.adobe.com
build.phonegap.com
typekit.com
polka.typekit.net
afwebcdn.fonts.adobe.com
businesscatalyst.com
digitalpublishing.acrobat.com
color.adobe.com
*.services.adobe.com
lcs-entitlement.adobe.io/v1/user
lcs-entitlement.adobe.io/v1/trial
licensing.adobe.com
store.adobe.com
store2.adobe.com
store3.adobe.com
photoshop.com
podcast.adobe.com
phonos-server.adobe.io
wss://phonos-server.adobe.io
phonos-recordings-production.s3-accelerate.amazonaws.com
phonos-recordings-production.s3.amazonaws.com
cdn.cookielaw.org
*.kinesisvideo.*.amazonaws.com
daily.co
wss.daily.co
prod-ks.pluot.blue
access.imageclub.com
play.google.com
www.flickr.com
chrome.google.com
soundcloud.com
www.freedb.org
developer.apple.com
subversion.tigris.org
www.ietf.org
framework.zend.com
windowsupdate.com
digicert.com
geotrust.com
globalsign.com
godaddy.com
twitter.com
www.microsoft.com
ftp.yourdomain.com
www.amazon.com
www.mp3licensing.com
itunes.apple.com
www.apple.com
www.python.org
jquerymobile.com
www.color.org
omniroot.com
symantec.com
symcb.com
symcd.com
www.rulesforuse.org
maps.google.com
www.eclipse.org
www.shutterfly.com
msdn.microsoft.com
www.zoomify.com
www.evidon.com
www.betrad.com
*.uservoice.com
thawte.com
verisign.com
api.mapbox.com
worldsecuresystems.com
adobe-oobe-prod-data-store-ue1.s3.amazonaws.com
encoded-videos-0.s3.amazonaws.com
fotolia-prod-3dobjects.s3.amazonaws.com
fotolia-prod-audios-originals.s3.amazonaws.com
fotolia-prod-templates.s3.amazonaws.com
fotolia-prod-videos-0.s3.eu-west-1.amazonaws.com
fotolia-prod-vectors.s3.eu-west-1.amazonaws.com
sharedcloud-production-us-east-1-data-asset.s3.amazonaws.com
stock-vip-processed-prod-irl1.s3.eu-west-1.amazonaws.com
thumbs-0.s3.amazonaws.com
videos-0.s3-eu-central-1.amazonaws.com
cc-ext-prod-pkgs.s3.amazonaws.com/Extensions/**

这些地址主要用于：

• Creative Cloud 文件同步
• Adobe Stock 资源加载
• 插件市场资源下载
• Adobe Fonts 字体下载
• Firefly 模型资源加载
• Creative Cloud 更新下载
• 应用安装包分发

5. 在 Windows 防火墙中放通 Adobe 服务

正常情况下，Windows Defender 防火墙并不会主动拦截 Adobe 官方域名。但是部分企业环境、第三方安全软件、终端安全管理平台或者网络管控软件可能会对 Adobe 的网络请求进行限制。如果你发现 Adobe Creative Cloud 登录失败或 AI 功能不可用，可以优先检查以下项目：

• 确认 Windows Defender 防火墙没有针对 Adobe 软件创建出站阻止规则。
• 确认没有使用网络管控软件限制 Adobe 程序联网。
• 确认 Hosts 文件没有屏蔽 Adobe 域名。
• 确认 DNS 服务能够正常解析 Adobe 官方域名。

对于企业环境，建议由网络管理员直接在出口防火墙或安全网关中配置允许策略，从源头解决访问问题。

6. 在代理工具中加入 Adobe 规则

如果你的网络环境需要通过代理访问 Adobe 服务，那么还需要确保相关域名进入代理规则。以 Clash Verge 为例，可以在规则集或者全局扩展脚本中，将 Adobe 官方域名、Adobe AI 服务域名以及相关 CDN 地址加入代理策略。使得：

• Creative Cloud 正常登录
• Photoshop AI 功能正常使用
• Firefly 正常生成内容
• Lightroom 云同步正常运行
• Adobe Fonts 正常加载
• 插件市场正常访问

由于不同代理工具配置方式差异较大，且涉及具体网络环境配置问题，本文不展开详细说明。如需进一步配置，可参考相关代理工具官方文档自行设置，或者联系像素工坊提供远程协助。

7. Adobe 官方域名列表会持续更新

需要特别注意的是，Adobe 官方网络端点并非固定不变。随着 Firefly、Adobe Express、灵感版等新服务不断上线，Adobe 会持续增加新的访问地址。Adobe 官方文档最近仍在更新相关网络端点，并新增了部分服务访问要求。

因此，如果你发现某些 Adobe 功能突然无法使用，建议优先查看 Adobe 官方最新网络端点文档，并同步更新防火墙和代理配置规则。对于长期使用 Photoshop AI、Lightroom 云同步以及 Firefly 生成式 AI 的用户，建议定期关注 Adobe 官方发布的网络访问列表，以避免因为域名变化导致功能异常。