cancel
Showing results for 
Search instead for 
Did you mean: 
0range
Level 7

Can you do an IP range or netmask in the Allowed Clients whitelist?

Jump to solution

In the MWG 7.2 appliance, under the "Global Whitelist" Rule Set, I can add individual IPs in the "Client IP is in Allowed Clients" rule.  But it won't let me add IP ranges. 

for example, I tried all these but they won't save since they're "invalid IP's"

172.17.123.*

172.17.123.0/24

172.17.123.0/255.255.255.0

Now, I can do wildcards in the other whitelist rule "URL Host Matches in List Global Whitelist"

Do I need to create a custom rule to allow client IP ranges? 

This seems like a basic function, so maybe I'm really just missing something obvious.

0 Kudos
1 Solution

Accepted Solutions
eelsasser
Level 15

Re: Can you do an IP range or netmask in the Allowed Clients whitelist?

Jump to solution

Yes you can.

But you must use an IPRange list.

I have rules like this:

Capture.jpg

And the IPRange list looks like this:

Capture2.jpg

And when you need a single IP, just enter like this:

Capture3.jpg

My recommendtation is to always use the IPRange list over the IP list when possible.

Message was edited by: eelsasser on 8/23/12 9:26:25 AM EDT
0 Kudos
2 Replies
eelsasser
Level 15

Re: Can you do an IP range or netmask in the Allowed Clients whitelist?

Jump to solution

Yes you can.

But you must use an IPRange list.

I have rules like this:

Capture.jpg

And the IPRange list looks like this:

Capture2.jpg

And when you need a single IP, just enter like this:

Capture3.jpg

My recommendtation is to always use the IPRange list over the IP list when possible.

Message was edited by: eelsasser on 8/23/12 9:26:25 AM EDT
0 Kudos
0range
Level 7

Re: Can you do an IP range or netmask in the Allowed Clients whitelist?

Jump to solution

Yes, that worked. I created a new rule. I called it "Client IP in Range in Allowed Client IPs" so then the rule automatically created the link to the "Allowed Client IPs" list.  Property is Client.IP, Operator "is in range list", Operand is "Allowed Client IPs" and the Action is Stop Cycle.  Worked perfectly. Thanks.

0 Kudos