IP Address Restrictions

Article Number:02045

IP Address Restrictions is a feature to restrict access using source IP addresses.
For example, you can allow access to Kintone to just IP addresses of your offices, and deny accesses from external sources.
By limiting access locations and blocking accesses from external sources, you can effectively prevent unauthorized accesses from external third parties.

Overview of IP address restrictions

Users Who Can Configure IP Address Restrictions

  • Kintone Users & System Administrator

For details, refer to "Types of Administrators".

Procedure

To configure IP Address Restrictions, specify the "global IP address" of the network from which you want to allow the access.
For the global IP address of your network, contact your network administrator or Internet service provider. You can specify multiple global IP addresses.

If Configured by Kintone Users & System Administrators

  1. Click gear shaped administration menu icon in the header.

  2. Click "Users & System Administration".

  3. Click Access Control.
    Example of menu

  4. Click "Allow specific IP addresses".
    By default, "Allow all" is selected.

  5. Allow access from specific IP addresses.

    • IP Address:
      Specify global IP addresses of the network from which you want to allow the access. You can specify up to 1,000 IP addresses.
      Only IPv4 addresses can be specified. IPv6 addresses cannot be specified.
    • CIDR:
      CIDR must be filled in only when you want to specify a range of IP addresses.
      Example of items
  6. Click Save.
    It may take some time until the settings are applied.
    Once the configuration completes, an e-mail is sent to the e-mail address of the administrator.

If You Made Some Mistakes on Setting and Lost Access to the Service

If You made a mistake on setting IP Address Restrictions and lost access to Kintone, try one of the followings:

  • Click Reset URL in the e-mail you received when the setting was completed.
    This Reset URL expires after one hour.
  • Use Contact Us link to make an inquiry.

Settings Needed for Enabling Access While on a Business Trip or Working Remotely

Confirm the types of networks users are using while they are on business trips or working remotely.
Described below are typical use cases.
Note that accesses are made from addresses other than the allowed IP addresses in the following examples.

  • Using a public wireless LAN or a hotel's guest LAN during the business trip
  • Using a home network when working remotely
  • Using a mobile network (such as 4G) outside the office

Following settings are required to allow the above-mentioned accesses.

  • Select "Allow all" for IP Address Restrictions
    This allows the use of mobile networks (such as 4G).
  • Enable the Two-Factor Authentication (for all users)
    If you select "Allow all" for IP Address Restrictions, security level becomes low.
    In order to prevent unauthorized accesses, we recommend all users to use the Two-Factor Authentication.

For details, refer to the section describing the access from dynamic IP addresses on the "Using Two-Factor Authentication" page.

Enhancing Security

By improving the password strength, you can enhance the security of your services.
You should do this if accesses are made from networks other than allowed networks.
For details, refer to "Specifying Password Complexity and Password Expiration".