Hi Marco,
I implemented a similar feature using riskMinder. It allows to create rules OOTB, able to discriminate if a user is coming from internal or external network.
This approach does not require you to change the AFP pages...even if I guess you found a valid solution.
regards
Franco
Original Message:
Sent: 08-28-2020 08:41 AM
From: Marco Trucillo
Subject: Advance Auth - Restict IP allowed for Enrollnment
Hi,
I solved it modifing /arcotafm/core/include.jsp checking request for "IP address" and presence of "aotpprovisioningsteps.jsp" or "migrationmessage.jsp"
It work!
Original Message:
Sent: 08-06-2020 08:54 AM
From: Namish Tiwari
Subject: Advance Auth - Restict IP allowed for Enrollnment
Hi Marco,
If all those IP's are coming from same subnet you may be able to restrict them from network perspective so only those have access to the Application for enrollment, Product does not provide this capability OOTB so this is something you may need to explore at the network level.
Original Message:
Sent: 08-05-2020 06:39 AM
From: Marco Trucillo
Subject: Advance Auth - Restict IP allowed for Enrollnment
Hello,
Is it possible in some way to tighten the IPs that can do the enrollment?
Let me explain:
I wish that only those who have already done the enrollment can enter from outside the intranet.
Alternatively, is it possible to make a profile without issuance ?
Thanks in advance
Marco