User Policies in SA540

Answered Question
Feb 18th, 2010

Under the "User Policy By Source IP Address" is there anyway to define an IP address range?

Example:  Some of my remote users don't have static IP's from their ISP however their Dynamic IP's tend to stay pretty constant, so as an added level of security in my current setup I am able to restrict their access to the range of IP's they may receive from their ISP by using a range of lets say 225.80.1.1 to 225.80.255.255.  Is their anyway to accomplish this in the SA540?  I see the option to define a source IP address under the User Policy option but it only lets me put one address in there, not a range like I would like to.

I have this problem too.
0 votes
Correct Answer by Steven Smith about 6 years 9 months ago

5.5.0.1 is what you should put in.  Techinically, it should be 5.5.0.0, but it looks like there is some data verification that isn't correct.

Correct Answer by Steven Smith about 6 years 9 months ago

In that case, it would be 16.

Each octet is 8 bits.  It would be a 16 bit mask since you want to cover 2 octets.

255.0.0.0 = 8

255.255.0.0 = 16

255.255.255.0 = 24

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Steven Smith Thu, 02/18/2010 - 14:01

If you change the option to network, it will allow you to put in a subnet.

Swoopman_2000 Thu, 02/18/2010 - 14:06

Any chance you could go into more detail.

When I change the option to IP Network it still only has room for a single IP address but it also allows me to change the Mask Length.  Sadly I'm not sure what Mask Length means.

Let's say I want to limit access to only IP addresses in the range of 5.5.1.1 to 5.5.255.255.  What would I put in the Network Address/IP Address field and what value would the Mask Length be?

Correct Answer
Steven Smith Thu, 02/18/2010 - 14:09

In that case, it would be 16.

Each octet is 8 bits.  It would be a 16 bit mask since you want to cover 2 octets.

255.0.0.0 = 8

255.255.0.0 = 16

255.255.255.0 = 24

Swoopman_2000 Thu, 02/18/2010 - 14:33

So using my last example.

In the IP network field I would put 5.5.1.1  and in the mask I would put 16?  or would it be 5.5.0.0 and 16 for the mask?

Correct Answer
Steven Smith Thu, 02/18/2010 - 14:37

5.5.0.1 is what you should put in.  Techinically, it should be 5.5.0.0, but it looks like there is some data verification that isn't correct.

Actions

This Discussion