locked
How to Add IP range for Dynamic IP Restrictions IIS10? Allow and Deny RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User1687485711 posted

    I have have 2 or more IP addresses that I want to ALLOW to view a website. Nobody Else.

    Logically I should only have to add the ALLOW IP addresses and NOT the DENY addresses

    It does not make sense to need any other logic to target the DENY addresses

    eg ALLOW IP 43.245.43.33 or 202.129.142.77 and logically DENY everything else

    But this is NOT the case. Extra Logic? is required

    How do I add the "IP Address Range" in the text box (eg 0.0.0.0 - 43.245.43.32)

    What should the MASK value be here?

    Then how do I pickup from that range (eg 43.245.43.34 - 202.129.142.76)

    What should the MASK value be here?

    I would then like to DENY the end of the range eg (202.129.142.78 - 255.255.255.255)

    What should the MASK value be here?

    Is this at all possible?

    How exactly do I enter the IP range as the method above IP start - IP finish is NOT accepted by the tool.

    This feature seemed like such a good IIS feature! if only it worked with just the Allow Logic

    Sunday, December 13, 2020 9:09 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User1065476709 posted

    Hi Aaron@Geospatial.Land,

    How do I add the "IP Address Range" in the text box (eg 0.0.0.0 - 43.245.43.32)

    What should the MASK value be here?

    Then how do I pickup from that range (eg 43.245.43.34 - 202.129.142.76)

    What should the MASK value be here?

    I would then like to DENY the end of the range eg (202.129.142.78 - 255.255.255.255)

    What should the MASK value be here?

    It is possible, but you need to set the correct ip address.

    You can use the IP Address and Domain Restrictions feature page to define and manage rules that allow or deny access to content for a specific IP address, a range of IP addresses, or a domain name or names.

    About how to calculate MASK you can use the IP Subnet Calculator

    Best regards,

    Sam

    Monday, December 14, 2020 5:44 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User1687485711 posted

    Hello Sam.. thankyou for the reply, but unfortunately it doesn't work that easy.

    If you set a range as shown in my example it says the value/s is/are invalid, with or without spaces

    This was the first progress stopping issue. No matter what 2 values I put in it says invalid ip address, like it is expecting only 1 IP and not 2.  A second text box on this control for a 2nd ip might help, but it doesn't exist.

    The subnet calculator was the one I was using, but since it didn't accept the IP range there was no point using it.

    It is easy to add single 'Allows' and that is all that should be needed, but IIS doesn't see it that way.

    Monday, December 14, 2020 6:05 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User1065476709 posted

    Hi Aaron@Geospatial.Land,

    You couldn't add the range like "0.0.0.0 - 43.245.43.32" in IIS range. you should use sub mask.

    Example:

    Ban the lower half: 192.168.1.1 - "192.168.1.127

    IP Address Range: 192.168.1.0 Mask or Prefix: 255.255.255.128

    The mask 255.255.255.128 is also known as a "/25", because 25 of the first 32 bits of the address are part of the network address, and the remaining 7 bits are used for host addresses.

    You can refer to below article to understand how sub mask work with IP address: https://en.wikipedia.org/wiki/Subnetwork#Subnetting

    Best regards,

    Sam

    Monday, December 14, 2020 10:04 AM