how to configure a policy in gateway level to allow access for specific IP addresses to call APIs in wso2 APIM 3.2.0?

Question

i want a solution to apply in gateway to allow access for specific IP addresses that only these IPs could call all APIs I created.in which step of Message Flow in the API Manager Gateway I must add this functionality : The handlers or Mediation extensions or In sequence and out sequence?

Answer 1

This question is a bit different from the old ones you asked, do you need a global policy to apply across all APIs? In that case, you can simply create Deny Policies, which will block access to all the APIs for specific IP(s).

Going further you can even add a Firewall rule in the GW server to restrict access. (This is the most efficient and the most secure way, to block the connection even before reaching the server)

iptables -A INPUT -m iprange –src-range [START]-[END] -j DROP