Create network ranges to define the IP addresses from which users can log in. You add the network ranges you create to specific identity provider instances and to access policy rules.
About this task
One network range, called ALL RANGES, is created as the default. This network range includes every IP address available on the Internet, 0.0.0.0 to 255.255.255.255. If your deployment has a single identity provider instance, you can change the IP address range and add other ranges to exclude or include specific IP addresses to the default network range. You can create other network ranges with specific IP addresses that you can apply for a specific purpose.
The default network range, ALL RANGES, and its description, "a network for all ranges," are editable. You can edit the name and description, including changing the text to a different language, using the Edit feature on the Network Ranges page.
Define network ranges for your VMware Identity Manager deployment based on your network topology.
- In the administration console Policies tab, select Network Ranges.
- Edit an existing network range or add a new network range.
Edit an existing range
Click the network range name to edit.
Add a range
Click Add Network Range to add a new range.
- Edit the Add Network Range page.
Enter a name for the network range.
Enter a description for the network range.
Edit or add IP ranges until all desired and no undesired IP addresses are included.
What to do next
Associate each network range with an identity provider instance.
Associate network ranges with an access policy rule as appropriate. See Managing Access Policies.