NATS4 IP Address Filtering
NATS4 has the ability to restrict access to administration sections based on the user's Internet Protocol (IP) address. This is a simple, yet powerful way to create an additional security measure to protect against outside users accessing your Admin areas.
To set up IP address restrictions, go to the Configuration Admin and select "Security" from the Current Section drop-down menu.
On the Security Configuration page, go to the Admin IPs section and fill in the three top fields with the IP addresses you want to allow access for. Make sure you separate multiple IP addresses with commas.
In addition to the Configuration Admin, you can also filter IP addresses by using a netmask. A netmask gives the ability to either allow or block an entire range of IP addresses in one shot. You can enable a netmask by appending a slash ("/") followed by a digit between 1 and 32 at the end of the IP address.
For example, to allow admin access from all IP addresses that start with 192.168.34, input: 192.168.34.0/24
The /24 in the above example makes NATS look at only the first 24 bits and see if they match the IP address. Since each number field, separated by dots, represents 8 bits, /24 will match the first three fields. In the example above, any IP address between 192.168.34.0 and 192.168.34.255 will be allowed to access the administration interface.
To further restrict your IP ranges, you may narrow the range to any power of 2 (2, 4, 8, 16 .... 256, etc.) by specifying a different number following the slash (/31, /30, /29, /28 .... /24, etc.).
- The Wikipedia article on Binary Subnet Masks