An “Access Control” page is available in the Global section of Client Preferences Manager for managing IP access control - applies to IP addresses in the US and Canada only.
- IP addresses outside of the US and Canada cannot be provided access via this page only.
- To access the system from outside of the US and Canada, it is recommended to use a proxy or VPN that will reroute your internet traffic through a US or Canada IP address. There are many options available, like NordVPN, Express VPN, CyberGhost (at time of this article's publish). ASF does not have an official recommendation for any specific service.
- In some cases, it is possible for ASF to whitelist an IP address outside of the US and Canada - please be aware that this can request may require 2-3 weeks to complete - please contact Client Support to make this request.
Role and User Level Access Control
IP Access Control Enablement
For System Admin users, this page displays a toggle option to enable limiting site access based on IP address.
- Note: The toggle option is available only to System Admin users at this time for feature piloting. This will be made available to all client users with access to this page when this feature is released as generally available.
If the toggle is set to Inactive (default setting), then client users with access to this page see a message that limiting site access based on IP address is not available . If the toggle is set to Active, then client users with access to this page see an allowed IP addresses table where IP addresses can be added and managed.
Client user access to this page is based on the permission, “Settings - Global Preferences - Can Access"
Allowed IP Address Management
IP addresses are added with the following information:
- IP Address: this can be a single address or a range, using the “/” convention to denote the range
- Type: Single or Range
- Description: this is recommended to be used to describe the location of the IP address for quick identification
Role and User Level Access Control
To block a client user from accessing the site from any IP address not specified in the allowed list, un-check the “Can Access via Any IP Address” user or role permission. This is defaulted to checked, meaning that, by default, users are assumed to be able to access the site from any IP address and are not limited to only those IP addresses specified in the allowed list.
- Note: Client Admins are assumed to be able to access the site from any IP address, therefore this permission cannot be un-checked for Client Admin users. If a Client Admin should had limited access, consider changing their role to a non Client Admin role.
When client users with limited access attempt to log into the site from an IP address not on the allowed list, an error page is displayed letting them know that the site is not accessible and directing them to contact the club or ASF Support.
