mfa is enabled for all users authentication policy not working

Debasis Pati · yesterday

Hello All,

In my instance mfs is enfocred for local logins and i have a requirement below.
A break glass user should be only allowed to instance if tried to access the instance within iprange outside ip range it should not allow.

Now i ahve created a policy to do so and also added the authentication scheme,Part of break glass group & ip ranges -also in ip ranges i have added my start and end ip range.
Now i created one user added to the groupand tried to do local login to the instance outside ip range but it allowed the user to login.
Not sure why.

@Ankur Bawiskar any idea?

Tanushree Maiti · 2 hours ago

Hi @Debasis Pati

Make sure under the IP address Access Control (Navigate to System Security > IP Address Access Control)

Along with Allow rule, you have defined Deny rule properly.

Share your policy screen shot- it will be helpful to debug your issue in more efficient way.

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:

Debasis Pati · an hour ago

i do not have System Security > IP Address Access Control) but i have it in adaptive authentication >>> Ip address filter criteria

and i have created a policy