<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Define Network Zones Based on Autonomous System Number (ASN)
Mar 3, 2026
Okta Classic Engine
Okta Identity Engine
Network Zones
Overview

This article describes how to define network zones based on Autonomous System Number (ASN).

Applies To
  • Autonomous System Number (ASN)
  • Network Zones
  • Blocklists
  • Access policies
Solution

Please follow the below video or steps: 




To define network zones based on ASN, please ask support to enable the ASN Dynamic Zone feature (please consult the Okta Account Executive for license requirements)

Once the feature is enabled, follow these steps:

  1. Navigate to Security > Networks.

  2. Select Add Zone > Dynamic Zone.

  3. Enter an appropriate zone name.

  4. Select the IP type and location based on the specific use case.

    • Select Blocklist to prevent access to the tenant from the specified network.

  5. Locate the ASN using a third-party tool and enter the value into the ISP ASNs field.

    • NOTE: Okta automatically removes the "AS" prefix if it is entered.

  6. Click Save.

Related References

Recommended content

Still looking for help?
Loading
Define Network Zones Based on Autonomous System Number (ASN)