Restricting IP Addresses that Can Connect to a Port

Controlling IP Access to All Ports (Globally)

Allow Inbound Requests from Specified Hosts (Deny All Others)

Deny Inbound Requests from Specified Hosts (Allow All Others)

If You Inadvertently Deny IP Access to All Hosts

For any given port, you can specify IP access one of two ways:

Deny by Default. Set up the port to deny requests from all hosts except for ones you explicitly allow. Use this approach if you want to deny most hosts and allow a few.

Allow by Default. Set up the port to allow requests from all hosts except for ones you explicitly deny. Use this approach if you want to allow most hosts and deny a few.

You can specify these settings globally (for all ports) or individually (for one port).

Note:
If the port is an Enterprise Gateway external port and the server is licensed for webMethods Enterprise Gateway, an IP address can be further restricted by Enterprise Gateway rules. When a request from an IP address violates a rule, the server adds the IP address to a deny list that Enterprise Gateway maintains.

The following table shows where to find information about assigning the different types of IP access:

Type of access	Where to look for instructions
Controlling IP Access Globally
Deny by Default	Allow Inbound Connections from Specified Hosts (Deny All Others)
Allow by Default	Deny Inbound Connections from Specified Hosts (Allow All Others)
Controlling IP Access of Individual Ports
Deny by Default	Allow Inbound Requests from Specified Hosts (Deny All Others)
Allow by Default	Deny Inbound Requests from Specified Hosts (Allow All Others)

Note:
In Software AG Command Central, the ability to control the IP access to a port is referred to as IP Access Restrictions.