Additional client IP addresses

A client may exhibit behaviour where multiple IP addresses are observed (or may be) as part of the authentication request. Situations such as:

Internal IP addresses (eg: 10.0.x.x / RFC1918), should the Server be externally hosted.
Round-robin IP address assignment as part of CGNat masquerading, sometimes seen for stateless protocols.
Varying source/client IP addresses for stateful (eg: SSH, RDP) protocols versus stateless (eg: HTTP/HTTPS) or ports such as 443/tcp.

Another example may be where a Knocknoc Server is hosted and directly accessible via an internal (eg: RFC1918, 192.168.x) IP address, but you want certain ACLs to receive the external IP address - not just an internal address.

Alternatively you may cloud/externally host the Knocknoc server, but still want to capture internal IP addresses for internal grants.

Knocknoc has support for this within the ACL structure via the "Include additional IP addresses" option.

To enable this, the Admin setting must be enabled to collect any additional IP address information from the client user after they have logged in.

The additional IP addresses observed can then be added to the grant list, only if the option is enabled per ACL. This allows you to only expand the IP addresses for a particular ACL.

You can develop and host your own component that fits the expected IP address response, eg: a Microsoft .Net, Java or Node/Go/PHP microservice/function, and configure Knocknoc to use this to capture the relevant IP addresses in the parts of your organisation that matter. Get in touch to talk to us about this option.