Web Server - Allow users to connect from different subnet but not WAN

[ShawnM]

I have multiple subnets managed by a SonicWall, with full interface trust between the subnets. That being the case, I have no problem reaching the BI Web Server using the LAN address; however, in order to log in, I need to remove the "LAN only" flag from the user.

My issue is that I want some users to be able to access the web server from the other local subnet, but NOT externally. Does anyone have any suggestions on how best to accomplish this?

 

[TonyR]

You may consider reading in Blue Iris' built-in "Help" in this following chapter:
REMOTE ACCESS ==>> OTHER ADVANCED WEB SERVER TOPICS ==>>AUTHENTICATION

It explains how you can create a *"whitelist" of allowed IP addresses. This assumes you know the LAN IP's of allowable user machines and that they are static.

*This term's days are likely numbered.

 

[ShawnM]

Thanks for the reply. I noticed the whitelist, but I don't think it will do what I need it to do, unless I'm not understanding correctly. If I limit by IP address, it would also affect my WAN connections, correct? In my case, the LAN connections can be kept static and potentially white-listed, but not the WAN.

I don't think it's possible in BI, but it would be ideal if we could have a white list of addresses (preferably allowing whole subnets as well) by user - e.g. User A can connect from a list of IPs/IP Ranges, User B has no limits by IP address. This would solve my issue and allow me to have User A connect only from local subnets and User B can connect from any LAN/WAN address

 

[bp2008]

You'd need to ask Blue Iris support if this is something he would add. But given the small audience of users who would use such a feature, I wouldn't hold my breath on it.