IP Address Restriction
To prevent unauthorized N-sight RMM Dashboard access, there are two IP Address Restriction options:
- Auto-detect new IP addresses during login and approve with email verification (default)
- Restrict Dashboard access by IP address
If a user accesses the N-sight RMM Dashboard from a verified IP address and Two-Factor Authentication is enabled at the account or user level, the configurable option to Allow use of remote access features with IP address verification allows the user to establish a remote session from the N-sight RMM Dashboard (using Take Control or Remote Background Management) without additional security code authentication.
All changes to the IP Address Restriction settings are recorded as Dashboard Security events in the User Audit Report.
If a user attempts to access the N-sight RMM Dashboard from a new unknown IP address, a verification email is sent to their username (email address) requiring validation of their username before they can log in.
The verification link in the email expires after 2 hours. If the link expires, the user must repeat the login process to generate a new verification email.
Once verified, the IP address range is automatically added to our approved list and any users accessing the N-sight RMM Dashboard from this authorized range do not go through the email verification process.
For example, if someone attempts to log in from the new IP address 184.108.40.206, they receive a verification email. Once verified, we automatically add the range 220.127.116.11/254 covering 18.104.22.168 through 22.214.171.124 to our list. If a login request comes in later from 126.96.36.199, the user can log directly into the N-sight RMM Dashboard without verifying this specific address.
As Two-Factor Authentication (2FA) is activated for all users, the IP address verification step occurs before the 2FA security code prompt.
If a user logs in to the N-sight RMM Dashboard from a new IP address to setup 2FA, then the IP address is automatically added to the approved list as part of the verification process for 2FA.
As this security feature requires the user to verify their username (email address), ensure all usernames in the system are active and valid email addresses.
When you select the option to Restrict Dashboard access by IP address, the N-sight RMM Dashboard prevents access from IP addresses not on the Approved IP Addresses list.
Each IP address in the Approved IP Addresses list includes the date and time it was added, the date and time it was last accessed , and the username of who had last access. Using this information you can identify IP address usage and take any required action. For example, you may want to remove IP addresses that are not used in the last 6 months.
What do you want to do?