MFA Rules Based on IPv4/IPv6 Subnets for Internal Network Access
1 vote
Hello,
Here is our requirement:
We need to allow authentication requests without MFA from within the company’s internal network. MFA should only be required when accessing from outside the organization or from unsecured networks.
In Devolutions Server, it does not seem possible to create MFA rules based on IP ranges or subnets.
Could you implement the ability to authorize IPv4 and IPv6 subnets in the MFA rules?
Examples:
- 1.1.1.0/24
- 172.30.20.0/24
- 2001:67c:11c8::/64
Thank you in advance.
All Comments (2)
Hello,
Good news, this is already supported in Devolutions Server! You can find the instructions here:
https://docs.devolutions.net/server/web-interface/administration/configuration/server-settings/security/conditional-access-policies/#configure-multifactor-authentication-from-the-web-interface We support IP addresses as rule.
I hope that helps. Let us know if you have any further questions!
Best regards,
François Dubois
Hello GTeam,
There is a small confusion here. Although IP masks are supported, we do not currently support CIDR masks, only dotted-decimal masks.
Your feedback is noted and will be prioritized internally.
Regards,
Benoît Sansregret