# Networking To ensure optimal security when connecting to your environments, DinMo offers two secure access methods: **SSH tunneling** and **IP whitelisting**. SSH tunneling allows us to establish a secure, encrypted connection through a bastion host, ensuring that your data remains protected in transit. In addition, you can whitelist our static IP addresses to restrict access strictly to DinMo’s services. {% hint style="success" %} Both methods limit exposure to external threats and comply with enterprise-grade security standards. {% endhint %} Of course, you can use both methods. Choosing the right approach depends on your internal policies and infrastructure. We recommend **collaborating with your security team** to implement the method that best fits your requirements. ### IP Addresses To enhance network security and ensure seamless connectivity with DinMo, we provide specific IP addresses that you can whitelist. By doing so, you will allow uninterrupted access to DinMo's services while protecting your network from unauthorized access. **IP Addresses for Whitelisting** To optimize your network security and ensure reliable communication with DinMo, please whitelist the following GCP IP address `34.38.245.85` *(europe-west1)* ### SSH Tunneling {% hint style="info" %} This feature is only supported for [Amazon Redshift](/integrations/data-sources/aws-redshift.md) for now.\ If you need SSH Tunneling for another data source, do not hesitate to reach out to our product team. {% endhint %} #### How it works SSH tunnel requires an `sshd` service running on a bastion host that is accessible from the public internet. Our systems initiate an SSH connection to this bastion and then forward traffic from there to the private service you define. #### Setup {% hint style="info" %} (Optional) You may need to whitelist DinMo's IP addresses to let our systems connect to your bastion host. Refer to the [above section](#ip-addresses) to learn more about IP addresses. {% endhint %} 1. When creating a new source, select **“SSH Tunnel”** as the connection type. 2. Fill out the SSH Host or IP and the SSH Port * These are the connection details for your public-facing bastion server host. * The port is most likely 22, standard for `sshd`. The field is filled with this information by default 3. Enter a username for this SSH connection 4. Click on **"Generate SSH Tunnel"** and copy the public key which is generated. Add this to the `~/.ssh/authorized_keys` file for the user you've just filled in. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.dinmo.io/security-and-privacy/networking.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.