Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disable SYRACOM Secure Login for internal networks

A
A
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
March 6, 2016

About Confuence 5.9:

How can I disable the SYRACOM 2-factor auth for specific networks / subnets?

Is there a whitelist we can update to add our internal networks to enforce 2-factor auth only if access occurs from external networks?

Thanks
-AM-

Answer
Watch
Like Be the first to like this
812 views

2 answers

0 votes
Norman Mähler
Norman Mähler November 11, 2019

Hey, i tried that in serveral ways, but it did not work. I tried the following possibilities:

- 172.16.0.0 /12

- 172.18.*.*,172.19.*.*,172.20.*.*,172.21.*.*

- 172.16-32.*.*

 

What did I miss?

View More Comments
Niek Neuij
Niek Neuij
Contributor
November 11, 2019

Here's an example of what I did:

syracom.png

With our public IP addresses blurred out of course.

Like Norman Mähler likes this
Norman Mähler
Norman Mähler November 11, 2019

Thank you Niek,

I have the same configuration (without the public addresses, of course) but still am asked for a PIN when coming from 172.18.21.144 but not from 172.16.22.167.

Do you have an explanation?

Like
Niek Neuij
Niek Neuij
Contributor
November 11, 2019

The format is

172.16.0.0/12

Not

172.16.0.0 /12
Like
Norman Mähler
Norman Mähler November 11, 2019

Thank you again for the fast reply, but that is exactly how i configured it, I posted it just wrong in my first answer, sorry

Bildschirmfoto vom 2019-11-11 12-45-40.png

Like
Norman Mähler
Norman Mähler November 19, 2019

Any additional suggestions?

Like
Niek Neuij
Niek Neuij
Contributor
November 19, 2019

Look at the "User sessions" page in Jira admin panel. Which IP addresses are being used by users?

The first IP address mentioned is the one Syracom uses to identify which IP address belongs to which user.

Here's what our looks like (with the IP addresses of our SSL proxies, external IP addresses, and users blurred out):

afbeelding.png

Because our whitelist filter is

172.16.0.0/12,194.█.█.█/22,185.█.█.█/22

only the user with the IP address "3.█.█.█" will get to see the Syracom 2FA.

Like Norman Mähler likes this
Norman Mähler
Norman Mähler November 26, 2019

Thank you, this information was very helpful, we could find the source of our problems lying in our network configuration so I ended up with an other IP on the server than my system has in the network.

Like
Reply
0 votes
Niek Neuij
Niek Neuij
Contributor
February 20, 2017

Yes, you can whitelist subnet(s) in the add-on's options panel, devices in those subnets bypass the add-on.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security