09-05-2025 10:29 AM
Hi,
I’m planning to enable the IP restriction (Approved IP Ranges / Allowed Sessions) feature for Cortex XDR console access. I already know where the option is located, but I’d like to hear from others who have enabled it.
What was your experience when setting it up?
Did you face any challenges (for example, avoiding admin lockout)?
What best practices would you recommend when adding IP ranges?
Can someone share their experience with enabling this feature?
Thanks in advance!
09-08-2025 10:46 AM
Hi @OrkhanM
With the allowed sessions option, you can control who can login into the xdr tenant.
For example, adding your organization's domain in allowed domains, just users accessing from that domain will be allowed to login.
Allowed Ips will restrict logins by ip address ranges.
If you enable both, then it consider as an AND operator the combination of domain and ip range. That is, a user has to be in the configured domain and connecting from one of the IPs allowed to connect. Both things at the same time.
Please check the doc.
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-3.x-Documentation/Configure-securit...
If you feel this has answered your query, please let us know by clicking like and on "mark this as a Solution". Thank you.
KR,
Luis
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
