Only single IP addresses, and not subnet(s), are permitted in the allowlist.
In addition adding your source IP address to the firewall allowlist, you must also use the non-interactive user ID and password assigned to your organization, and not your RSA two-factor credentials.