Controlling client access to the proxy

Administrators can configure Content Gateway to allow only certain clients to use the proxy.

  • When this configuration is in place, only clients whose IP address is included in the ip_allow.config file can access the proxy.
  • By default, clients from any IP address (0.0.0.0 - 255.255.255.255 and ::- ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) can access the proxy.

To restrict client access to the proxy:

Steps

  1. In the Content Gateway manager, go to the Configure > Security > Connection Control page.
  2. Click Edit File to open the configuration file editor for the ip_allow.config file.
  3. To add a new rule:
    1. Use the IP Action drop-down list to indicate whether to allow (ip_allow) or deny (ip_deny) requests from the specified IP address or range.
    2. Enter a Source IP address or range.
    3. Click Add.
  4. To edit an existing rule:
    1. Select a rule in the list at the top of the page.
    2. Make changes as needed.
    3. Click Set.
  5. Click Apply to save the information, and then click Close.
    Note: If an unauthorized client tries to access Content Gateway, a message is displayed in their browser, indicating that the requested content cannot be obtained.