Create zones for IP addresses
Create an IP zone that defines network perimeters around a set of IP addresses. An IP zone is made up of gateway and proxy IP addresses.
Before you begin
Follow these guidelines when you create an IP zone:
- Configure at least one gateway or proxy in an IP zone.
- You can add up to 1000 IPs, IP ranges, or CIDRs to a single blocked zone.
- You can add up to 25,000 IPs, IP ranges, or CIDRs across all IP zones.
- You can add up to 150 gateway IPs, proxy IPs, IP ranges, or CIDRs to a non-blocked zone.
Start this task
In the Admin Console, go to .
- From the Add Zone dialog, select IP Zone.
- In the Zone Name field, enter a name for the IP zone.
- Optional. Select Block access from IPs matching conditions listed in this zone to prevent matching IPs from accessing Okta. This includes IP addresses found in the zone and IP chains.
- Enter the Gateway IP addresses and Trusted Proxy IP addresses. Separate IP addresses and ranges with a new line or comma. You can add single IP addresses, IP ranges, or use CIDR notation.
- Click Save.
When you edit a network zone,wait approximately 60 seconds for the change to propagate across all servers and take effect.