172.x.x.x is determined to be an UnTrusted IP and business-side officers cannot log in. Does this mean that this IP address is included in the UnTrusted IP list? To resolve this, should I put 172.x.x.x on the Trusted IP list and give it a higher priority than the UnTrusted IP list?
The IP address is listed under UntrustedIP rule.
Release : 9.1
Component : Risk Authentication
Risk Authentication a.k.a RiskFort uses Neustar Quova data to provide IP intelligence in the product. It has all the public IP's listed and conducts tests to identify if any fraudulent transactions had happened in the past from that and categories them, you can read more about those categories here.
Out of the box these categories are enabled in the product.
If the IP address belongs to any one of the above categories then UntrustedIP rule will trigger and that is set to DENY OOTB so the transaction will be denied, It can be set to INCREASEAUTH as well if needed. If there is a need to allow the transaction coming from that IP address, that particular IP can be added to the TrustedIP list, once the IP is added to Trusted List, Migrate to Production and server cache refresh should be performed. TrustedIP rule should be higher in order than the UntrustedIP rule to make it work.
Below API can be used to add an IP to trusted or Untrusted IP list. It can also be done from the Admin console.