The DMZ / Internal is the out-of-box approach when installing it allows for selecting services for DMZ and internal access
However there is another customizable approach
Attached policy export that can be used to limit OAuth manager access by IP address range (NOTE Policy AS IS)
Suggest importing policy into a temp location, then perform a copy of the “At least one assertion must evaluate to true" to Folder: OTK -> Customization -> oauth manager -> #oath manager config; this policy runs when OAuth/Manager is accessed, default is only comments
To customize access modify line 8 and enter IP Address range (example 138.42.47.0/24)
<Please see attached file for image>
