OpenAthens administration and end-user access all occurs over https. If you are restricting secure traffic, you will need to allow certain hostnames. See: What are the hostnames I need to allow my users to connect to from within my network
IP addresses are also checked on admin sign-ins so changes to your externally facing address(es) could affect your colleagues' access. Configuring those functions with a range of addresses is possible and usually mitigates this. The interface does not use CIDR notation, so please pass addresses to the library as ranges - e.g.
Email generated by the system may come from either of these domains.
If your end-users get email via your own email servers, then bulk creation of accounts by the library may see hundreds or thousands of emails being sent to your domain over a short period of time. You may need to white-list domains, or ask the library to limit bulk creation to smaller batches.