Hi Timmy You need to use CIDR form in your pg_hba.conf. So: host all testuser 111.222.333.444/32 md5 Most likely you would probably want to ensure ssl connection if coming over untrusted network. So, at minimum, this is better: hostssl all testuser 111.222.333.444/32 md5 This is better still: hostssl testdb testuser 111.222.333.444/32 md5 Better still (IMHO) is to keep it local and use ssh tunnel, but I understand that might be difficult and not necessarily desirable, depending on the context. Regards Bob On Wed, 9 Oct 2019 at 13:34, Timmy Siu <timmy.siu@xxxxxxx> wrote: > > Dear All Users, > > How do I allow an external client IP address access to my pgsql server? > > According to my own experience and test, if I set the external client IP address to, for example, 111.222.333.444 in the file /etc/postgresql/11/main/pg_hba.conf, it will not be able to connect to the server: > #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? ?????? METHOD > host?????? all?????? ?????? ?????? testuser ???? ?????? 111.222.333.444?????? md5 > > I must set "address" to "any" as in the following: > #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? METHOD > host?????? all?????? ?????? ?????? testuser ???? ?????? 0.0.0.0/0?????? ?? md5 > > > Can I limit access to my pgsql server through TCP Wrapper? What is the related executable? > > > Regards, > Timmy > > ??
