Enable source IP address binding

Suggest Edits

You can use source IP address binding to restrict the source IP address of traffic after it’s scanned by SIA Proxy. Akamai maintains a stable list of IP addresses in CIDR blocks that are used for this feature. After traffic is scanned by the SIA Proxy, any IP address from the list of CIDRs is used for the source IP address.

You can use the list of CIDRs to define a firewall. For example, you can require that traffic only arrives from IP addresses included in this list. This ensures that regardless of what device or location a request originated from, the traffic that’s scanned by the proxy is always trusted.

📘
Source IP address binding isn’t a substitute for authentication. To ensure you’re using the proper security, use it in combination with other authentication methods. Talk to your Akamai account team about other methods you can use.

Source IP addresses

SIA uses any one of these CIDRs for the source IP address. Use them to define a firewall.

IPv4 IPv6

IPv4	IPv6
`2.16.0.0/13 23.0.0.0/12 23.192.0.0/11 23.32.0.0/11 95.100.0.0/15 184.24.0.0/13`	`2a02:26f0::/32 2600:1400::/24 2405:9600::/32`
Downloads Download these values as separate files. IPv4/IPv6 lists as .txt files IPv4/IPv6 lists as .csv files

2.16.0.0/13  
23.0.0.0/12  
23.192.0.0/11  
23.32.0.0/11  
95.100.0.0/15  
184.24.0.0/13

2a02:26f0::/32  
2600:1400::/24  
2405:9600::/32

Downloads

Download these values as separate files.

Enable Source IP Binding

Complete this procedure to enable source IP address binding. If the proxy is not set up or enabled in a policy, this feature does not apply.

To enable source IP binding:

In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Info.
Turn on the toggle for Enable Source IP Binding.
Click Save. If you want to save and deploy this update, click Save and Deploy.

Next Steps

If you haven't deployed this update, see Deploy configuration changes.

Search for a CIDR block in the list

You can perform this procedure to check whether a CIDR is in the source IP address list.

To search for a CIDR in the list:

In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Info.
In the Search by CIDR block field, enter the CIDR block. As you type, the CIDR appears in the list. If it doesn’t appear, it’s not included in the list of CIDRs used for source IP address binding.

Updated 2 months ago