Enable source IP address binding

Source IP address binding allows you to restrict the source IP address of traffic after it’s scanned by ​SIA​ Proxy. ​SIA​ offers a list of CIDR blocks that are used for this feature. After traffic is scanned by the proxy, any IP address from the list of CIDRs is used for the source IP address.

You can download this list of CIDRs in ​SIA​ and use it to control access to services on the Internet. You can also use this list to define a firewall. For example, you can require that traffic only arrives from IP addresses included in this list. This ensures that regardless of what device or location a request originated from, the traffic that’s scanned by the proxy is always trusted.

Source IP addresses

​SIA​ uses any one of these CIDRs for the source IP address. You can also download the list of CIDR blocks in a separate CSV file. To download the list, see Download list of source IP addresses.

📘

These CIDRs are owned by ​Akamai​ and are restricted to machines that run only ​Akamai​ services.

Internet Protocol VersionCIDR Block
IPv4
  • 104.64.0.0/10
  • 23.32.0.0/11
  • 23.192.0.0/11
  • 23.0.0.0/12
  • 172.232.0.0/13
  • 2.16.0.0/13
  • 23.72.0.0/13
  • 184.24.0.0/13
  • 23.64.0.0/14
  • 184.84.0.0/14
  • 72.246.0.0/15
  • 92.122.0.0/15
  • 95.100.0.0/15
  • 96.6.0.0/15
  • 96.16.0.0/15
  • 173.222.0.0/15
  • 184.50.0.0/15
  • 69.192.0.0/16
  • 88.221.0.0/16
  • 118.214.0.0/16
IPv6
  • 2405:9600::/32
  • 2600:1400::/24
  • 2a02:26f0::/32

Enable Source IP Binding

Complete this procedure to enable source IP address binding. If the proxy is not set up or enabled in a policy, this feature does not apply.

To enable source IP binding:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Info.

  2. Turn on the toggle for Enable Source IP Binding.

  3. Click Save. If you want to save and deploy this update, click Save and Deploy.

Next Steps

  1. If you haven't deployed this update, see Deploy configuration changes.

  2. To download the list of CIDRs that are used for the source IP address, see Download list of source IP addresses.

Download list of source IP addresses

You can download a list of CIDRs that ​SIA​ uses for the source IP address.

To download a list of source IP addresses:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Info.

  2. Beside the search field for Enable Source IP Binding, click the download icon. The CSV file with the source IP addresses is saved wherever your browser saves downloaded files.

Search for a CIDR block in the list

You can perform this procedure to check whether a CIDR is in the source IP address list.

To search for a CIDR in the list:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Info.

  2. In the Search by CIDR block field, enter the CIDR block. As you type, the CIDR appears in the list. If it doesn’t appear, it’s not included in the list of CIDRs used for source IP address binding.