Approved LDAP Authentication List Parent topic

Administration > IWSVA Configuration > User Identification | Approved LDAP Authentication List
Approved Authentication List
After enabling LDAP authentication, all users must provide a username and a password except that whose IP addresses fall within your company’s Approved Authentication List. You can define this list with a particular IP address, IP Range, or an IP Mask.
There may be clients that you want to exempt from LDAP authentication. For example, a back-end authenticated server to access the network. You can add client IP addresses to the approved LDAP authentication list. IWSVA will only apply IP address-based policy settings and bypass client host/group name checking.
The following rules apply:
  1. IP entries should be in a.b.c.d format.
  2. Masks can be in a.b.c.d format or specified as number of bits (0-32).
  3. For entries where the mask is omitted, a default mask of 255.255.255.255 is assumed.
Formats:
  • IP
  • IP start range to end range
  • IP/IP mask
Examples:
  • 192.168.0.150
    # Only the machine whose IP address is 192.168.0.150
  • 192.168.0.10-192.168.0.20
    # Covers machines whose IP falls in the range 192.168.0.10 to 192.168.0.20
  • 192.168.1.0/24
    # An alternate of all the machines in 192.168.1.x