Define Okta Network Zones Based on ASN
Last Updated:
Overview
Administrators define dynamic network zones using an ASN to manage tenant access and blocklists. The ASN Dynamic Zone feature must be activated by Okta Support before configuring dynamic zone settings in the Admin Console.
Applies To
- Okta Identity Engine (OIE)
- Okta Classic Engine
- Autonomous System Number (ASN)
- Network Zones
- Blocklists
- Access Policies
Solution
What steps define network zones based on an ASN?
Follow the steps in the video below to define network zones based on an ASN.
Request the ASN Dynamic Zone feature from Okta Support, locate the ASN using a network tool, and configure the dynamic zone settings in the Admin Console. Contact Okta Support to enable the ASN Dynamic Zone feature and consult the Okta Account Executive for license requirements.
Once the feature is enabled, follow these steps:
- Navigate to Security > Networks.
- Select Add Zone > Dynamic Zone.
- Enter an appropriate zone name.
- Select the IP type and location based on the specific use case.
- Select Blocklist to prevent access to the tenant from the specified network.
- Locate the ASN using a network tool and enter the value into the ISP ASNs field.
NOTE: Okta automatically removes the "AS" prefix if it is entered.
- Select Save.
