Create Network Ranges to define the IP addresses from which users can log in. You add the network ranges you create to specific identity provider instances and to access policy rules.

One network range, called ALL RANGES, is created as the default. This network range includes every IP address available on the Internet, to Even if your deployment has a single identity provider instance, you can change the IP address range and add other ranges to exclude or include specific IP addresses to the default network range. You can create other network ranges with specific IP addreses that you can apply for specific purpose.


The default network range, ALL RANGES, and its description, "a network for all ranges," are editable. You can edit the name and description, including changing the text to a different language, using the Edit feature on the Network Ranges page.

Define network ranges for your VMware Identity Manager deployment based on your network topology.

When View is enabled in the service, you specify the View URL on a per Network Range basis. To add a network range when the View module is enabled, take note of the Horizon Client access URL and port number for the network range. See View documentation for more information.


In the administration console, go to Identity & Access Management tab.


Select Setup > Network Ranges.


Edit an existing network range or add a new network range.



Edit an existing range

Click the network range name to edit.

Add a range

Click Add Network Range to add a new range.


Complete the form.

Form Item



Enter a name for the network range.


Enter a description for the Network Range.

View Pods

The View Pods option only appears when the View module is enabled.

Client Access URL Host. Enter the correct Horizon Client access URL for the network range.

Client Access Port. Enter the correct Horizon Client access port number for the network range.

See Setting Up Resources in VMware Identity Manager, Providing Access To View Desktop Pools and Application chapter.

IP Ranges

Edit or add IP ranges until all desired and no undesired IP addresses are included.

Associate each network range with an identity provider instance.

Associate network ranges with access policy rule as appropriate. See Managing Access Policies.