You can specify ranges of IP addresses, separating each range with a space. Two methods are available to specify a range. The first is to use asterisk (*) wildcards. An IP address consists of four numbers separated by periods, such as192.168.0.1. You can substitute a single asterisk character (*) for any number group to let Zendesk know that it should accept any value in that space. For example,192.*.*.*allows any IP address whose first number is 192.
The second way to specify an IP range is to useIP subnet mask syntax. For example,192.168.1.0/25specifies all the IP addresses between 192.168.1.0 and 192.168.1.127.
You cannot specify IP ranges where the CIDR (Classless Inter-Domain Routing) value is 0. For example, if you specify10.0.0.0/0,/0is invalid.
- InAdmin Center, click
账户in the sidebar, then selectSecurity > Advanced. - On theIP Restrictionstab, selectEnable IP restrictions,n enter theAllowed IP Rangesyou want to restrict.Note:Enabling IP-based access restrictions can break third-party integrations. Be sure to include all external IPs that need access to your account via the Zendesk API.
- (Optional) Select theAllow customers to bypass IP restrictionscheck box.
This option ensures that your customers can access your help center regardless of their IP address, even if their IP address is not in the range of allowed IP addresses.
Agents and administrators cannot bypass IP address restrictions.
- ClickSave.
15 Comments
Hi ZD Support,
I have multiple brands set up and would like to restrict access via IP addresses to 1 brand only. This is meant to allow only internal company employees to submit request. I know someone asked about this 4 years ago but curious if any further work was made on this? Or are there any current plans to add this capability?
Thanks,
Sharon
HiSharon,
Thank you for your message here.
I've been investigating this for you, unfortunately, I'm afraid there isn't a feature out of the box in Zendesk that will allow you to restrict IP's on a more granular level(such as brands).
However, I invite you to create a post about that for our product managers to review this possibility for the improvement of our products as your personal experience truly matters :Feedback on Support.
By using this article, our System administrator managed to accidentally block all 66 agents access. I am hoping that we gain access soon.
15 minutes
Still no access.
40 minutes and back in.
Hello@...,
Sorry to hear you ran into this loss of access on your account. I looked into the ticket you opened up with our Advocacy team, and it appears this issue has been resolved. Let us know, however, if there is anything else we can do to assist.
Best regard.
If we switch this on, and want to integrate with services that are on Amazon AWS, how would we enable those services to connect with our Zendesk instance? Since you can't whitelist all of Amazon AWS...
Hi Matthew!
Thank you for reaching out here.
I have checked this for you and understand where you are coming from but I wouldn't recommend enabling this if you are connecting Amazon AWS since you will really need to whitelist every IP address you only like to connect.
I can say it's still possible to enable and whitelist everything but it would consume huge amount of time.
Still, I invite you to create a post for our product managers to review this possibility for the improvement of our products as your personal experience is important:Feedback on Support
I'm sorry and have a good day!
Josh
我怎么禁止继续向我们的顾客?I need to ban via IP address as the customer keeps on using different email address.
Thanks for writing in! We understand that you are getting spam tickets in your Zendesk. By any chance, did you try to check the ticket channel of the spam (Where do spam tickets come from?) and use this guide to prevent them from coming in into your Zendesk? You can use this guide for SPAM prevention tips:I was hit by a spam attack. What do I do now?. We hope this helps!
I need to ban a few ticket senders from sending us a ticket using their IP addresses. These people keep spamming our support system and an agent might unintentionally answer them.
Hi亚斯明,
Unfortunately, it's not yet possible to ban users via IP address in support. There are customers who are requesting this feature as wellhere. You can up-vote that post and add your detailed use case to the conversation. Threads with a high level of engagement ultimately get flagged for product managers to review when they go through roadmap planning.
Specific examples, details about impact, and how you currently handle things are the most helpful things to share to help our product teams understand the full scope of the need when working on solutions.
We would love to see the ability to restrict individual agents by IP address or to exclude API calls from this restriction.
Context is that we want to enforce our agents being on a VPN before using the application however, we cannot add our VPN CIDR range because that would break Zapier integration since I cannot practically add the 1000+ CIDR ranges that Zapier uses (the entire AWS us-east-1 cohort of addresses) and maintain them and thus a good chunk of our external systems automation would break.
HiAnton de Young,
Is there a limit to the number of IP addresses that can be added?
The limit is not with the number of IP Addresses but rather in the number of characters the "Allowed IP ranges" field can accommodate which is 16,777,215 characters.
HiRonie Ranoy,
So technically, it can support up to 798,915 IP addresses in CIDR format? I think that probably going to be sufficient. :)
Yes, and that is already a lot.
Pleasesign into leave a comment.