Restricting MVC site to an IP Range

At times it may become necessary to restrict a website to a particular set of IP addresses sometimes know as IP filtering.  I recently deployed an internal application for a company on the Azure platform hosted my Microsoft.  Deploying the app is content for a different article, but being that it is a internal site for the company in question, I wanted to restrict its access.  After some research, a simple config change can accomplish this in MVC, and Azure supports it.
      <!-- this line blocks everybody, except those listed below -->
      <ipSecurity allowUnlisted="false" denyAction="NotFound">
        <!-- removes all upstream restrictions -->
        <!-- allow requests from the local machine -->
        <add ipAddress="" allowed="true"/>
        <!--allow network to>
        <add ipAddress="" subnetMask="" allowed="true"/>
        <!-- allow the specific IP of  -->
        <add ipAddress="" allowed="true"/>
This can be used to either restrict ip ranges or grant depending on the ipsecurity tag's denyAccess flag is set.  In the example I allow access only to localhost, our network's IP range, and the public facing IP for the business.  Luckily we only have 1, so it was simple, if you have a range, one would just put the 0 in to cover all sets.