Security Restrictions with IIS

[craizie11]

I know in IIS directory security you can allow and disallow computers depending on their IP address.
Is there a method in IIS where i can allow certain IP address to have access to a website, while users who don't fall under the allowed IP range to have to go through an windows authentication procedure?

Thanks.

 

[FaiTHLeSS]

If one person have to authenicate i would make them all, if the IP gets spoofed then unwanted people could access your site. Just tick the remember password box. Also what your asking i dont think is possible people either get granted access with a deny list or Denied access with granted list.

 

[craizie11]

Thanks for the help. Actually what i did instead was create a script that checks the ip address of the user's computer and if it is a trusted IP Address then we redirect them to the proper page. If it's an unaccepted IP Address, then redirect the user to a logon page.

 

[GlenJohnson]

Faithless is correct. It's to easy now for an ip address to get spoofed. Your leaving yourself wide open for a hacker. You might think twice about what you've done. Good luck.

Glen A. Johnson
If you're from Northern Illinois/Southern Wisconsin check out Tek-Tips in Chicago, Illinois Forum.

TTinChicago

http://www.johnsoncomputers.us