IP whitelisting in Google Workspace allows administrators to restrict user logins to specific IP addresses, enhancing security by ensuring that users can only access their accounts from trusted networks. This guide will walk you through the steps to configure IP whitelisting using Google Workspace security settings.
Requirements:
- Admin access to the Google Admin Console.
- A list of trusted IP addresses or IP ranges that should be allowed access.
Step-by-Step Guide:
Step 1: Log into the Google Admin Console
- Open your browser and navigate to https://admin.google.com.
- Sign in using your administrator credentials.
Step 2: Access Security Settings
- In the Admin Console, go to Security > Access and Data Control > Context-Aware Access.
- Click on Access levels to define IP-based access control.
Step 3: Create a New Access Level Policy
- Click Create access level and give it a descriptive name (e.g., “Office Network Only”).
- Select New Condition and choose IP Subnet.
- Enter the trusted IP addresses or ranges (e.g.,
192.168.1.0/24). - Click Save to apply the condition.
Step 4: Apply the Access Level to Users
- Navigate back to Context-Aware Access and go to Assign Access Levels.
- Choose which apps the policy should apply to (e.g., Gmail, Drive, Admin Console).
- Assign the access level to specific organizational units or all users.
- Click Save to enforce the policy.
Step 5: Test the Configuration
- Have a user attempt to log in from an unauthorized IP to confirm the restriction is working.
- Test login from an authorized network to verify that access remains functional.
Step 6: Monitor and Adjust
- Check Security Reports under Admin Console > Reports > Security to monitor login attempts.
- Adjust whitelisted IPs as needed when adding new office locations or VPN connections.
Best Practices:
✅ Use VPNs for Remote Access: If employees work remotely, require them to connect via a company VPN with a whitelisted IP.
✅ Avoid Blocking Admin Access: Always ensure at least one admin can log in from an alternate network in case of misconfiguration.
✅ Regularly Review IP Lists: Remove old or unused IP addresses to maintain security.