Destination Connection Options
Destination connection options/methods define how Fivetran connects to your destination (for example, protocol, authentication). For example, a connection to a PostgreSQL destination might use SSH Tunnel as the connection method, while another connection to the same destination might use AWS PrivateLink.
In Fivetran, a connection is a complete data pipeline from source to destination. In this section, connection methods refer only to the way Fivetran establishes access to your destination. For definitions of connection and connector, see our Glossary section.
We support the following methods for connecting Fivetran to your destination:
Direct Connection - Fivetran connects directly to your destination by safelisting our IP addresses in your firewall or security group. Use this when you can expose your destination port and want a simple, fast setup.
SSH Tunnel - Fivetran connects through an SSH tunnel server within your network. Use this when direct IP access isn’t possible or when you need an added layer of security. For more information, see our SSH Tunnel documentation.
Reverse SSH Tunnel - Fivetran connects through a reverse SSH tunnel initiated by your server to Fivetran. Use this when inbound connections to your network are blocked or restricted. For more information, see our Reverse SSH Tunnel documentation.
Private Networking - Fivetran connects privately over cloud provider networks (AWS, Azure, or Google) without traversing the public internet. Use this when maximum security and compliance are required. We support the following private networking methods:
AWS PrivateLink - Fivetran connects to your AWS-hosted destination using AWS PrivateLink. Use this when your destination is hosted on AWS and you want a private, VPC-to-VPC connection. For more information, see our AWS PrivateLink documentation.
Azure Private Link - Fivetran connects to your Azure-hosted destination through Azure Private Link. Use this when your destination is on Azure and you want a private, region-scoped endpoint connection. For more information, see our Azure Private Link documentation.
Google Cloud Private Service Connect - Fivetran connects to your destination using Google Cloud Private Service Connect for internal networking. Use this when your destination is hosted on Google Cloud and you want a secure, private connection. For more information, see our Google Cloud Private Service Connect documentation.
VPN Tunnel - Fivetran connects to your destination through a site-to-site VPN tunnel. Use this for complex network setups or when neither direct nor SSH-based methods are viable. For more information, see our VPN Tunnel documentation.
Proxy Agent - Fivetran connects through a lightweight agent that establishes a secure outbound connection from your network. Use this when inbound port access is restricted or outbound-only connections are required. For more information, see our Proxy Agent documentation.