Difference between revisions of "Login IP Address Restrictions"

From AgileApps Support Wiki
imported>Aeric
imported>Aeric
Line 16: Line 16:


;Enforcement:
;Enforcement:
:*If the user belongs to multiple teams, the role associated with the user's primary team will be used for enforcement {{TBD|Does this apply?}}
:*If the user belongs to multiple teams, the role associated with the user's primary team will be used for enforcement<br>{{TBD|Does this apply?}}
:* When a user attempts to log in, the IP address of the system the request originated from is checked against the configured settings. If the address is in the allowed range, the user can continue the login process. Otherwise, login is denied.
:* When a user attempts to log in, the IP address of the system the request originated from is checked against the configured settings. If the address is in the allowed range, the user can continue the login process. Otherwise, login is denied.
:* Access violations are recorded in the audit log, identifying both the user and the IP address from which the login attempt originated
:* Access violations are recorded in the audit log, identifying both the user and the IP address from which the login attempt originated
:* Login restrictions apply to all user logins - using a web browser, Email Edition, mobile access, or REST APIs.
:* Login restrictions apply to all user logins - using a web browser, Email Edition, mobile access, or REST APIs.
:* The enforcement does not apply to Customer Support logins
:* The enforcement does not apply to Customer Support logins

Revision as of 01:07, 7 June 2012

Use this feature to restrict user Logins to a limited IP address range. If a user attempts to login from a computer on a network outside of the specified range, access to the platform is denied.

Lock-tiny.gif

Users that have the Access Control/User Management permission can specify the range of IP addresses from which user logins are allowed 
To configure an IP address range
  1. Click Settings > Administration > Access Profiles
  2. Select the Access Profile of interest, or create a new one
  3. Enter an IP address range in the text area, following these guidelines:
    • A maximum of 25 IP address ranges can be specified
    • Enter one range per row in the text area
    • Add, Modify and Delete the entries, as needed
    • Accepted format is xxx.xxx.xxx.xxx - yyy.yyy.yyy.yyy, where:
      • xxx and yyy are numbers in the range 0-255
      • xxx.xxx.xxx.xxx is less than or equal to yyy.yyy.yyy.yyy
    • To specify a single IP address, use the same IP address for the start and endpoint of the range: 192.168.1.10 - 192.168.1.10
Enforcement
  • If the user belongs to multiple teams, the role associated with the user's primary team will be used for enforcement
    __TBD: Does this apply?__
  • When a user attempts to log in, the IP address of the system the request originated from is checked against the configured settings. If the address is in the allowed range, the user can continue the login process. Otherwise, login is denied.
  • Access violations are recorded in the audit log, identifying both the user and the IP address from which the login attempt originated
  • Login restrictions apply to all user logins - using a web browser, Email Edition, mobile access, or REST APIs.
  • The enforcement does not apply to Customer Support logins