Overview
This article explains how to configure IP-based access control for Support Links in Splashtop Secure Workspace (SSW). This ensures that vendors can only access internal applications via Support Links if they are connecting from approved IP addresses.
Step 1: Create an Application Policy with IP Restrictions
To restrict vendor access based on IP, create an Application Policy with a source IP condition.
Navigation
Applications → Policies → Add Policy
📝 Configuration
-
Policy Name:
Vendor Support IP Policy -
Default Action:
Deny -
Condition Type:
Source IP -
Allowed IPs:
10.0.0.0/24203.0.113.5/32198.51.100.0/24
-
Then Action:
Allow
.png)
Click Save to create the policy.
Step 2: Allow Policy Use in Support Link Configuration
Once the policy is created, you need to enable it for use with Support Links.
Navigation
Edit the target Application → Support Link section
Configuration
-
Enable Support Link
-
Set Allow group(s) & users who can create links
-
Under Allowed Policies for Support Links, add:
Vendor Support IP Policy
.png)
Click Save.
Step 3: Create a Support Link Using the IP Policy
When a user creates a Support Link, they can now select the allowed policy.
Navigation
From the Application action → Create Support Link
📝 Fields
| Field | Value |
|---|---|
| Application | Auto-filled |
| Public Title | e.g., AWS VM Win-chrome |
| Usage Limit | 1 (or as required) |
| Expiration | Choose expiration date/time |
| Policy | Vendor Support IP Policy |
.png)
Click Create.
Access Behavior
Access to the Support Link is now controlled by the selected IP policy.
| Source IP | Access Result |
|---|---|
10.0.0.12 |
Allowed |
203.0.113.5 |
Allowed |
192.168.1.10 |
Blocked |