Creating an IP Whitelist

You can restrict Proxy Agent connections to come only from certain IP addresses. Proxy Agent connections originate from the on-premises environment which has fixed egress IP addresses. Addresses are specified in Classless Inter-Domain Routing (CIDR) format. Currently, no changes take effect immediately. The changes are effective only for connections that are started in the future.

Note: This feature is available only for IPv4 addresses.

Points to consider

  • Organization owners and team administrators can restrict access of Proxy-Agent to only those IPv4 addresses that match the CIDR specifications. For more information, see RFC 1817 and RFC 2317.

  • The whitelist is visible to all members. However, only owners can modify the IP addresses.

  • By default, all IP addresses are allowed.

  • Requests from addresses that are not in the whitelist are rejected.

  • The whitelists are region-specific.

To create a whitelist of IP addresses:

Procedure 

1. On the Settings tab, click Proxy Agent access keys.


2. In the Inbound whitelist rules section, click Add CIDR addresses.
3. In the Add inbound whitelist rules dialog, select either My IP or Custom. Type the description and click Save.
If you select My IP, the field is auto populated with your IP address as seen by TIBCO Cloud.
If you select Custom, you can specify a CIDR address explicitly. For example, the CIDR 1.2.3.4/31 would match the IP addresses 1.2.3.4 and 1.2.3.5.