Specifying the From Host

You can restrict access to the Administration Server based on which computer the request comes from.

The following elements are displayed for From Host on the Access Control Rules For page in the user interface:

• Anyplace allows access to all users and systems

• Only From enables you to restrict access to specific host names or IP addresses

If the Only From option is selected, type a wildcard pattern or a comma-separated list in the Host Names or IP Addresses fields. Restricting by host name is more flexible than by restricting by IP address. If a user’s IP address changes, you do not need to update this list. Restricting by IP address, however, is more reliable. If a DNS lookup fails for a connected client, host name restriction cannot be used.

You can only use the * wildcard notation for wildcard patterns that match the computers’ host names or IP addresses. For example, to allow or deny all computers in a specific domain, you would enter a wildcard pattern that matches all hosts from that domain, such as *.example.com. You can set different host names and IP addresses for superusers accessing the Administration Server.

For host names, the * must replace an entire component of the name, that is, *.example.com is acceptable, but *users.example.com is not. When the * appears in a host name, it must be the leftmost character. For example, *.example.com is acceptable, but users.*.com is not.

For the IP address, the * must replace an entire byte in the address, for example, 198.95.251.* is acceptable, but 198.95.251.3* is not. When the * appears in an IP address, it must be the rightmost character. For example, 198.* is acceptable, but 198.*.251.30. is not.