Approved LDAP Authentication List

Administration > IWSVA Configuration > User Identification | Approved LDAP Authentication List

Approved Authentication List

After enabling LDAP authentication, all users must provide a username and a password except that whose IP addresses fall within your company’s Approved Authentication List. You can define this list with a particular IP address, IP Range, or an IP Mask.

There may be clients that you want to exempt from LDAP authentication. For example, a back-end authenticated server to access the network. You can add client IP addresses to the approved LDAP authentication list. IWSVA will only apply IP address-based policy settings and bypass client host/group name checking.

The following rules apply:

2. IP entries should be in a.b.c.d format.  

3. Masks can be in a.b.c.d format or specified as number of bits (0-32).

4. For entries where the mask is omitted, a default mask of 255.255.255.255 is assumed.

Formats:

• IP

• IP start range to end range

• IP/IP mask

Examples:

• 192.168.0.150
  # Only the machine whose IP address is 192.168.0.150

• 192.168.0.10-192.168.0.20  
  # Covers machines whose IP falls in the range 192.168.0.10 to 192.168.0.20

• 192.168.1.0/24
  # An alternate of all the machines in 192.168.1.x