Exium IP Address Ranges and URLs

Exium IP Address Ranges and URLs

Verifying a User’s Traffic is Being Secured by the Exium Service

To check if a user’s traffic is secured by the Exium service, on the user’s device, browse to https://block.speerity.net.

  • When connected on Exium service, you will see a splash page with a notice “Access to the Website is Blocked”.
  • If a user’s traffic is not secured by the Exium service, you will see an HTTP error in your browser “This site can’t be reached”

Source IP Anchoring

Many organizations have been utilizing IP address allowlisting on their corporate cloud apps in order to ensure additional security should a user’s credentials be compromised by a malicious actor. This allowlisting is inclusive of all egress IP addresses for your data centers and remote offices. Typically for remote users, a VPN connection is required to access private applications and also their corporate cloud applications.

With Exium, the traffic flow changes when utilizing the Exium Client or the Cyber Gateway. Because the Exium Client encrypts its connections to the Exium Cybermesh, cloud/ SaaS applications and IdP providers no longer see the corporate egress IP addresses and instead see an IP addresses for Exium’s Cybermesh.

The preferred solution is to add Exium’s Cybermesh IP addresses to your IP address allowlisting for conditional access and employ multi-factor authentication (MFA) with your IdP provider. Exium also offers Dedicated Egress IP Addresses with Secure Private Access subscription.

See below for the list of Exium’s Cybermesh shared IP addresses:

When you are connected to Exium’s Cybermesh, and check your IP using, for example,  https://whatismyipaddress.com, your IP address will be one from the above lists.

Destination IP Address for Traffic from Exium Client or Cyber Gateway

Exium Client and Cyber Gateway encrypts their connections to the Cybermesh. The encrypted traffic is sent to the Cybernode the Client or Cyber Gateway is connected to. Below is a list of the “ingress” IP addresses for Exium’s Cybernodes. In cases, where the Client or Cyber Gateway traffic goes through an existing Firewall, you need to make sure the UDP ports 500 and 4500 are open for the IPSec traffic from the Cyber Gateway and the default (UDP port 51820) or custom WireGuard  port is open for the Clients.

Cybermesh Node

Destination IP address from your Client or Cyber Gateway

Dallas (2)
Mumbai (2), India
Los Angeles
Ashburn, VA
Sydney, Australia
London (2), UK
California, USA
New York
Mumbai (3),  IN
Frankfurt (2)
Hyderabad, India
Johannesburg, South Africa
Frankfurt,  Germany
Dubai (NG)
Chicago (NG)
California (2), USA
Hyderabad (2), India
London (NG)
Dallas (NG)