Access Control Lists: Portal ACLs

Use the Security > Access Control Lists > Portal ACLsoptions to further restrict access to various portals within Ivanti EPMM.

This section includes the following topics:

Enabling an ACL Portal


  1. Log into System Manager.
  2. Go to Security > Access Control Lists > Portal ACLs.
  3. Select the portal you want to enable.

    Refer to Portal ACLs window for details.

  4. Enter the IP address or network/mask pair to specify servers or networks that may access this component. Separate the entries with spaces.



    You must use the expanded form of the mask. Do not specify an entry similar to

    If your Ivanti EPMM is behind a NAT, enter the IP of the NAT network.

    Remember that the Sentry must be able to access Ivanti EPMM. If it does not have access, then the ActiveSync Devices page will not display devices.

  5. Click Apply > OK.

Portal ACLs window

The following table summarizes fields and descriptions in the Portal ACLs window:

Table 29.  Portal ACLs Fields



User Portal

Enables device users to register their devices, view device information, and manage their devices.

Admin Portal

The Admin Portal.

System Manager Portal

The System Manager.

Sentry Connection

The Sentry installed for ActiveSync access control.

API Connection

The Web Services API.


The iOS MDM service for profile management.

iOS iReg URL

The iReg service that enables provisioning iOS devices without installing the MI Go app.


Enables or disables the OAuth API. You can control access to the OAuth API by defining IP addresses, ranges of IP addresses and subnets based on the values they enter into the field. Addresses can be internal (non-routable) or external (routable). With this control, you can limit access to OAuth API from routable IP addresses or restrict access to specific machines for security reasons.

App Storefront Connection

The app management service for iOS.