We have introduced static IP addresses for the Rublon API endpoint core.rublon.net. This change makes firewall and network configuration for Rublon MFA simpler and more predictable. It is especially important for customers who previously configured their firewalls to account for dynamic AWS IP ranges.
What Changed
Previously, customers who needed strict firewall allowlisting were advised to account for changing AWS IP ranges and, in some cases, use the “AWS IP ranges JSON” file to maintain firewall rules for Rublon API connectivity. The old guidance reflected the fact that Rublon MFA’s IP addresses could change over time.
Now, core.rublon.net uses two static IP addresses:
- 15.197.196.218
- 3.33.239.9
Customers who use firewall allowlists can now rely on these fixed addresses rather than maintaining rules based on dynamic AWS IP ranges for access to the Rublon API endpoint.
What You Should Do
- If your organization allows outbound TCP port 443 traffic broadly and does not maintain restrictive firewall rules for Rublon MFA, you do not need to change anything.
- If your firewall or proxy was previously configured to support Rublon MFA by allowing dynamic AWS IP ranges, review and simplify that configuration. We recommend the following:
- Remove broader AWS-based dynamic IP rules
- Allow outbound communication to core.rublon.net over TCP port 443
- If your firewall uses IP allowlisting, allow 15.197.196.218 and 3.33.239.9
- If your network policy supports FQDN allowlisting, allow core.rublon.net
Why This Change Is Beneficial
Moving to static IP addresses for the Rublon API brings several practical benefits.
Simpler Firewall Management
Security teams no longer need to maintain firewall rules based on dynamic AWS IP ranges just to ensure communication with the Rublon API endpoint. This means fewer moving parts and less administrative overhead.
Easier Troubleshooting
Known, fixed IP addresses make it easier to verify whether traffic is being allowed correctly and to diagnose firewall or proxy-related connectivity issues.
More Predictable Network Configuration
Static IP addresses provide a stable target for network and security teams. This makes internal documentation, firewall reviews, and change management processes easier to maintain over time.
Where to Find Updated Information
We have updated the following Rublon Help materials to reflect this change:
- What are Rublon MFA’s IP ranges?
- How should I configure my firewall for Rublon MFA?
- Allow List Information for Rublon
If you previously configured your firewall based on older AWS IP range guidance, this is a good time to review your current rules and update them to use the new static IP configuration for core.rublon.net.