Create an IP Zone

Create an IP Zone that define network perimeters around a set of IPs. An IP Zone is comprised of gateway IPs and proxy IPs.

Note

Note

Okta is focused on the adoption of inclusive language and communication. Some long-standing industry terminology and expressions have been updated as part of this initiative. In this topic, blacklist is now referred to as block list.

Before you begin

  • When configuring an IP Zone, at least one gateway or proxy is required.
  • Selecting Block access from IPs matching conditions listed in this zone will cause all requests with an IP chain containing an IP within the zone to be blocked from accessing Okta.

  • Up to 1000 IPs, IP ranges, and/or CIDRs can be added to a single blocked zone, and up to 25,000 can be added across all zones.

  • Up to 150 gateway IPs, IP ranges and/or CIDRs can be added as well as up to 150 proxy IPs, IP ranges and/or CIDRs can be added to a non-blocked zone.

To create an IP Zone:

  1. From the Admin Console, navigate to Security > Networks
  2. From the Add Zone dialog, select IP Zone.
  3. Enter a name for the zone.
  4. Enter the Gateway IP addresses and Proxy IP addresses. Separate IPs and IP ranges with a newline or comma. Single IPs, IP ranges or CIDR notation can be added.
  5. Optional: Select Block access from IPs matching conditions listed in this zone to prevent matching IPs from accessing Okta.
  6. Click Save.