Configuring IP Address Restrictions

This article is for those who started the free trial on or after September 8, 2019. If you started the free trial before September 8, 2019, see Configuring IP Address Restrictions and Basic Authentication. For details on the start date, see How to Check the Trial Start Date.

IP address restrictions let you grant access within specific IP address ranges. Once you configure IP  address restrictions, access to Kintone is denied if a computer is not in the IP address range that you specified.

Depending on the way you access to Kintone, we recommend the following two settings.

Access to Kintone with fixed IP addresses (mobile phones are not used)

  • IP address restrictions: Select Allow specific IP addresses  and enter all the global IP addresses assigned to your company.

Access to Kintone with dynamic (not fixed) IP addresses including mobile phones

  • IP address restrictions: Select Allow all and we recommend each user to enable two-factor authentication to enhance security. For further details, see Configuring Two-Factor Authentication.

To configure IP address restrictions in the Access Control page

  1. Navigate to the Access Control page by clicking the gear wheel gear_wheel.PNG, selecting Users & System Administration, and clicking Access Control under Security
  2. Select the desired option. When you select Allow specific IP addresses, enter all the office network IP addresses. You can add or edit IP addresses later. It may take some time for the IP address restrictions to be reflected to Kintone.
    • To specify a range of IP addresses, for example from 210.128.234.192 to 210.128.234.255, use the CIDR notation.
    • When the number of the IP addresses to be specified is small, leave the CIDR field blank and enter one IP address per field.

Failed to configure IP address restrictions and cannot access to Kintone ?

An email is sent to the email address of the administrator's account each time the IP address restrictions are changed.  You can reset the IP address restrictions from the reset URL written in the email. The reset URL is valid for an hour, so if you want to reset after an hour from the configuration, contact us.

To further enhance security, we recommend that you configure password policy.
For details on how to configure password policy, see the following topic:

Was this article helpful?
3 out of 3 found this helpful

Comments

0 comments

Please sign in to leave a comment.