Skip to main content

Overview

To allow TextQL to connect to your database, you need to whitelist the following IP addresses in your database’s firewall or security group settings:
  • 44.229.62.69
  • 54.69.138.147
These IP addresses are used by TextQL’s backend services to establish connections to your databases.
Important: This IP whitelisting requirement does not apply to VPC, on-premises, or single-tenant deployments. If you have a custom deployment arrangement, contact your TextQL representative for specific network configuration requirements.

Configuration by Database Provider

AWS (RDS, Aurora, Redshift)

  1. Go to your database in the RDS Console
  2. Click the Connectivity & Security tab
  3. Click on the VPC security group link
  4. Click Inbound rules and then Edit inbound rules
Add rules based on your database engine: For MySQL/Aurora MySQL:
  • Add rule: Type=MYSQL/Aurora, Port=3306, Source=44.229.62.69/32
  • Add rule: Type=MYSQL/Aurora, Port=3306, Source=54.69.138.147/32
For PostgreSQL/Aurora PostgreSQL:
  • Add rule: Type=PostgreSQL, Port=5432, Source=44.229.62.69/32
  • Add rule: Type=PostgreSQL, Port=5432, Source=54.69.138.147/32
For Redshift:
  • Add rule: Type=Redshift, Port=5439, Source=44.229.62.69/32
  • Add rule: Type=Redshift, Port=5439, Source=54.69.138.147/32
  1. Click Save rules

Azure (Synapse, SQL Database, PostgreSQL)

  1. Go to your database or workspace in the Azure portal
  2. Navigate to Networking in the left menu
  3. Under Firewalls, click Add firewall rule
  4. Add rule: Name=TextQL-IP-1, Start IP=44.229.62.69, End IP=44.229.62.69
  5. Add rule: Name=TextQL-IP-2, Start IP=54.69.138.147, End IP=54.69.138.147
  6. Click Save to apply the changes

Google Cloud (BigQuery, Cloud SQL)

For Cloud SQL:
  1. Go to your Cloud SQL instance in the Google Cloud Console
  2. Click Connections in the left menu
  3. Under Authorized networks, click Add network
  4. Add network: Name=TextQL-IP-1, Network=44.229.62.69/32
  5. Add network: Name=TextQL-IP-2, Network=54.69.138.147/32
  6. Click Done and then Save
For BigQuery: BigQuery typically doesn’t require IP whitelisting as it uses OAuth authentication. Follow the BigQuery connector setup guide for authentication steps.

Databricks

  1. Go to your Databricks workspace settings
  2. Navigate to IP Access Lists
  3. Click Add to create a new IP access list
  4. Add IP: 44.229.62.69/32
  5. Add IP: 54.69.138.147/32
  6. Enable the IP access list

Other Database Providers

For databases hosted on other platforms, add the TextQL IP addresses to your firewall or network security settings according to your provider’s documentation. The general principle is the same: allow inbound connections from the two IP addresses listed above.

Troubleshooting

TextQL Cannot Connect After Adding IPs

Verify the following:
  1. IP addresses entered correctly: 44.229.62.69 and 54.69.138.147
  2. Correct port is open for your database type:
    • MySQL/Aurora MySQL: 3306
    • PostgreSQL/Aurora PostgreSQL: 5432
    • Redshift: 5439
    • SQL Server/Azure Synapse: 1433
    • Snowflake: 443
  3. Database credentials are correct
  4. Database is publicly accessible (or appropriately configured for external connections)
  5. VPC or subnet configurations allow external traffic
  6. Multiple layers of firewalls (network ACLs, security groups, etc.) all need updating

Connection Timeout

Possible causes:
  • Firewall rules not applied yet (may take a few minutes)
  • Incorrect host URL or port
  • Database server not running
  • Network connectivity issues

Authentication Errors

These are not network issues:
  • Verify username and password
  • Check user permissions
  • Ensure user can connect from external IPs

Security Best Practices

Principle of Least Privilege

  • Create a dedicated read-only user for TextQL
  • Grant access only to necessary schemas/tables
  • Use strong passwords
  • Rotate credentials regularly

Monitoring and Auditing

  • Enable query logging
  • Monitor connection attempts
  • Set up alerts for unusual activity
  • Review access logs regularly

Data Protection

  • Use SSL/TLS for connections (enabled by default)
  • Encrypt sensitive data at rest
  • Implement row-level security where appropriate
  • Mask sensitive columns

VPC and Private Network Deployments

Enterprise Deployment Options: The IP whitelisting instructions above are for standard cloud deployments. If you require VPC peering, on-premises connectivity, or single-tenant deployment, different network configuration applies.
For organizations requiring private network connectivity:
  • VPC Peering: Available for dedicated deployments
  • AWS PrivateLink: Supported for AWS customers
  • Azure Private Endpoints: Available for Azure customers
  • On-Premises Connectivity: Custom network configuration required
  • Single-Tenant Deployments: Dedicated infrastructure with custom networking
Contact TextQL Support:
  • Email: [email protected]
  • Subject: Enterprise Network Configuration
  • Include: Your deployment type and network requirements