Symptoms
Provider or reseller wants to restrict access to control panel for own staff members so that they may log into BA CP only from trusted networks.
Resolution
Vendor may restrict access to BA control panel for their staff members by specifying IP addresses or networks logging in to CP is allowed from. The list of trusted IP addresses and/or ranges may be configured per user.
To configure assess control list for a specific user do the following:
- Go to Home > System > Users, the list of users already created in your account appears on the screen.
- Select a user, user settings appear on the screen.
- Switch to the tab 'Access Control List', the list of trusted IP addresses/networks (if any) appears on the screen.
- To add a new IP address or range, click 'Add New ACL Rule'. Fill the form that appears: enter the trusted IP address or range (in the form IP/mask) into the field 'IP Address/Range'.
- Click 'Save'.
Please be careful when editing access control list because incorrect configuration may lead to the situation when access to control panel for a specific staff member(s) will be denied.
There is a feature request with id #PBA-66378 either to have a single restriction for both OA and BA panels (as in OA there is a differently configured policy (System> Settings> Security> Setup > Allowed Networks) or to have some ACL setting in BA which will be applied per role, not per single user.