IP address settings

To help prevent unauthorized access to N-sight RMM, you can configure IP address security settings using one of the following two options.

Auto-detect new IP addresses and approve with email verification (default)

When a user logs in from an unrecognized IP address, N-sight RMM sends a verification email to their registered email address. The user must verify their identity by selecting the link in the email before they can access the system.

The verification link expires after two hours. If it expires, the user must attempt to log in again to receive a new email.
Once verified, the IP address range (e.g., 1.2.3.0/254) is automatically added to the approved list.
Future logins from that range do not require re-verification.

This verification step occurs before the Two-Factor Authentication (2FA) prompt.

If a user logs in from a new IP address while setting up 2FA, the IP address is automatically approved as part of the verification process.

Ensure all usernames in the system are active and valid email addresses to support this feature.

Restrict Dashboard access with IP address allowlist

This option allows access only from IP addresses explicitly listed in the Approved IP Addresses list.

Each approved IP address includes:

The date and time it was added.
The date and time it was last accessed.
The username of the last user to access it.

Use this information to monitor usage and remove outdated entries (for example, IPs not used in the last 6 months).

Maintain session connections with IP address allowlist

N-sight RMM maintains session connections even if a user’s IP address changes during a session—provided the new IP address is included in the Approved IP Addresses list.

This allows users to stay signed in when switching networks, without compromising security. For example, you can allow IP addresses used when:

Working from multiple locations, such as home, office, or public networks
Using VPNs or proxy servers that frequently change IP addresses
Switching between different internet service providers or mobile data networks
Accessing the dashboard from various devices with different IP addresses

Adding these relevant IP addresses to the allowlist helps ensure a consistent and uninterrupted connection. See Add IP addresses to the allowlist.

If a user's IP address changes to one that isn't on the allowlist, the session ends and the user must sign in again.

Optional: Allow Remote Access features with IP verification

If a user logs in from a verified IP address and Two-Factor Authentication (2FA) is enabled, you can allow them to use Take Control and Remote Background Management without entering a security code.

Audit logging

All changes to the IP Address Restriction settings are recorded as Security events in the User Audit Report.