The IP Restrictions wizard allows you to restrict groups from accessing the system unless they are located within a set of defined whitelisted IP address ranges. This can be helpful in cases where you want to ensure that employees are using the system from within the office, or using a company VPN. You can also whitelist users to permit those who might be part of the restricted groups to access the system. 

To configure IP address restrictions...

  1. Navigate to Setup > Access > IP Restrictions.

  2. In the Groups to be Restricted section, select all the groups that should be restricted by default. Any groups not selected will be permitted to access the system from any IP address.
  3. In the Whitelisted IP Ranges section, add a set of IP address ranges to whitelist for the selected groups.
  4. To whitelist individual users apart from groups, click the Whitelisted Users lookup and add users. This will allow these users to access the system even if they are behind a restricted IP address.

When a user belonging to a restricted group attempts to access the system outside of a whitelisted IP address, the following error message appears:

If a user belongs to multiple groups, and one of them is included in the restricted groups list, they will still be checked and restricted from access if they are outside of the permitted address range, unless they are in the Whitelisted Users list. 


For more information on the permitted syntax when defining IP ranges, refer to IPAddress Java library site.

Related articles