IP Based Access Control
The IP Access section in erm4sn allows administrators to configure and manage IP-based access restrictions. This ensures that only specified IP ranges can access the system, adding an extra layer of security.
Configuring IP Access Rules
-
Open the IP Access Settings
- Navigate to the IP Access section in the admin panel.
- View the list of existing IP rules.
-
Add a New IP Restriction
- Click "Create New Rule" to define an IP access rule.
-
Enter the Customer's Public IP Range (CIDR Format)
- Specify the public IP range of your organization in CIDR notation (e.g.,
203.0.113.0/24). - This should be the external (public) IP address assigned by your ISP, not an internal/private IP.
- To find your public IP, you can visit WhatIsMyIP or check with your network administrator.
- Specify the public IP range of your organization in CIDR notation (e.g.,
-
Choose Access Type: Allow or Deny
- Allow - Grants access to the specified IP range.
- Deny - Blocks access from the specified IP range.
-
Add a Description (Optional)
- Enter a meaningful description to identify the purpose of this rule.
Important Considerations
- You cannot deny access to the IP address from which you are currently connected to erm4sn.
- Ensure that at least one allowed IP range remains configured to prevent accidental lockouts.
Make sure to use your public IP address (e.g., 203.0.113.0/24). Private/internal IP ranges (such as 192.168.x.x, 10.x.x.x, or 172.16.x.x) will not work, as they will not be exposed to the internet.
Best Practice
Use narrow CIDR ranges (e.g., /32 for a single IP) to minimize security risks while maintaining controlled access.
For example, 203.0.113.25/32 allows only one specific IP.