App Control: Checking for IP and Domain Restrictions
Article ID: 291115
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
- When limiting specific IP addresses to access the console, API communication can break on some pages
- Errors displayed in the site show:
HTTP Error 403.503 - Forbidden You do not have permission to view this directory or page.
Environment
- App Control Server: 8.0 and Higher
- Microsoft Internet Information Services (IIS): 6.0 and Higher
Cause
- Missing IPv6
- DNS routing
Resolution
- Open up the IIS Management Console
- Navigate to the Server Name and open up IP Address and Domain Restrictions
- Confirm if any restrictions are added, If there are entries then skip to step 4
- If this is empty
- click Edit Feature Settings
- Confirm "Access for unspecified clients" is set to Allow, then skip to step 6
- If there are any allowed entries, add the loopback and IPv6 (Link-local IPv6 Address found with ipconfig /all)
- Confirm the Applications servers FQDN is resolved by DNS to the IP address entered
- Restart IIS Services
Additional Information
- Both the Server Name and Parity Console Web section can have their own IP Address and Domain Restrictions
- Most commonly seen with SoftwareRules.php and Files.php pages
Feedback
Yes
No
Powered by
