WSO Access allows us to perform conditional access based on various criteria such as device compliance status, Mobile SSO, 2FA and IP range.
IP range is not a device IP but a device connecting IP which is seen by Access.
One of the way to find out a connecting IP is by examining the Access audit log. On Access console, go to Dashboard -> Reports -> Audit Events.
You will see the connecting IP of a device in the event details screen.
You can use this IP address to create an IP range.
Go to Identity & Access Management -> Policies -> Network Ranges and create a new IP range
In your access policy, use deny access on the newly created IP range.
The same device will get blocked with the new deny policy.
Comments