VPNs, internal addresses and access
You may want to limit the ability to access a Knoc, depending on where your user is logging in to Knocknoc from.
For example, an internal subnet should only be opened up if the user is connecting from an internal IP address range, or if they are connected to a VPN and have an internal IP address. Knocknoc allows this through a Knoc option, with IP address ranges configured as either an allow-list, deny-list or RFC1918 set.
By default "Anywhere" is selected, however selecting RFC1918 will enable the Knoc only if the logging-in user has an IP within those ranges.
Alternatively, IP addresses can be entered in either an Allow or Deny list form.
Only when the user is connecting from these addresses will the Knoc be enabled and perform the grant process.
When a Knoc is disabled, it will still be shown to the connecting user with a note to contact their administrator.