Elglide
Book a demo

Direct connection — IP allowlist

The simplest way to connect. If your firewall lets you allowlist our static egress IPs, your source database can accept our connections directly — no SSH bastion to run, no agent to install. We always initiate the connection outbound from us to your database host, so there are no inbound rules on our side for your team to manage. This is the fastest path to a working evaluation.

Where to find the IPs. The exact egress IPs to allow are shown to signed-in tenants at Help → IP allowlist in the portal — filtered to your tenant's home region, with one-click copy and a containing CIDR. We keep the list there (rather than on this public page) so it always reflects your account's current region and never drifts from what we actually use. Hand that portal page to your security team.

When to use it

  • Your firewall can allowlist a small, stable set of source IPs for outbound connections to your database.
  • You'd rather not stand up an SSH bastion or run an in-network agent.
  • You're evaluating Elglide and want the quickest path to a first successful sync.

What you'll need to allow

A single outbound rule from your tenant database host:

  • Source: our static egress IPs (the list in the portal — see the note above).
  • Destination port: your source database's listening port — e.g. 1433 for SQL Server, 5432 for PostgreSQL, 3306 for MySQL / MariaDB, 1521 for Oracle.

Because we always initiate the TCP connection, you do not need to open any inbound ports toward Elglide. The same egress IPs apply whether you connect directly or through an SSH bastion.

Change notice

These IPs are pinned and rotate only on infrastructure moves. We commit to 30 days' notice before any change to the published list, and the portal page always shows the date it last changed.

Set up the connection

Once your firewall allows our IPs, create the source from Connections (sign-in required) → Edit / Create, leave Connectivity set to Direct, and click Diagnose to run the connection test (network → database → permissions).

Can't allowlist our IPs? Connect through an SSH bastion, or keep source data entirely on your LAN with the in-network hybrid agent.