<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content

Define Okta Network Zones Based on ASN

Okta Classic Engine
Okta Identity Engine
Network Zones

Overview

Administrators define dynamic network zones using an ASN to manage tenant access and blocklists. The ASN Dynamic Zone feature must be activated by Okta Support before configuring dynamic zone settings in the Admin Console.

Applies To

  • Okta Identity Engine (OIE)
  • Okta Classic Engine
  • Autonomous System Number (ASN)
  • Network Zones
  • Blocklists
  • Access Policies

Solution

What steps define network zones based on an ASN?

 

Follow the steps in the video below to define network zones based on an ASN.

Request the ASN Dynamic Zone feature from Okta Support, locate the ASN using a network tool, and configure the dynamic zone settings in the Admin Console. Contact Okta Support to enable the ASN Dynamic Zone feature and consult the Okta Account Executive for license requirements.

Once the feature is enabled, follow these steps:

  1. Navigate to Security > Networks.
  2. Select Add Zone > Dynamic Zone.
  3. Enter an appropriate zone name.
  4. Select the IP type and location based on the specific use case.
  5. Select Blocklist to prevent access to the tenant from the specified network.
  6. Locate the ASN using a network tool and enter the value into the ISP ASNs field.

NOTE: Okta automatically removes the "AS" prefix if it is entered.

  1. Select Save.

Related References

Loading
Okta Support - Define Okta Network Zones Based on ASN