diff --git a/scaleway/resource_instance_security_group.go b/scaleway/resource_instance_security_group.go
index 4a1c93047..3050e6eb0 100644
--- a/scaleway/resource_instance_security_group.go
+++ b/scaleway/resource_instance_security_group.go
@@ -417,7 +417,7 @@ func securityGroupRuleSchema() *schema.Resource {
 			"ip_range": {
 				Type:         schema.TypeString,
 				Optional:     true,
-				ValidateFunc: validation.CIDRNetwork(0, 32),
+				ValidateFunc: validation.CIDRNetwork(0, 128),
 				Description:  "Ip range for this rule (e.g: 192.168.1.0/24). Only one of ip or ip_range should be provided",
 			},
 		},
diff --git a/scaleway/resource_instance_security_group_rules_test.go b/scaleway/resource_instance_security_group_rules_test.go
index b829a2e01..ce347ceca 100644
--- a/scaleway/resource_instance_security_group_rules_test.go
+++ b/scaleway/resource_instance_security_group_rules_test.go
@@ -195,4 +195,72 @@ func TestAccScalewayInstanceSecurityGroupRules(t *testing.T) {
 			},
 		})
 	})
+	t.Run("IP Ranges", func(t *testing.T) {
+		config := `
+			resource scaleway_instance_security_group sg01 {
+				external_rules = true
+			}
+			resource scaleway_instance_security_group_rules sgrs01 {
+				security_group_id = scaleway_instance_security_group.sg01.id
+				inbound_rule {
+					action = "accept"
+					port = 80
+					ip_range = "0.0.0.0/0"
+				}
+				inbound_rule {
+					action = "drop"
+					port = 443
+					ip_range = "1.2.0.0/16"
+				}
+				outbound_rule {
+					action = "accept"
+					port = 80
+					ip_range = "1.2.3.0/32"
+				}
+				outbound_rule {
+					action = "drop"
+					port = 443
+					ip_range = "2002::/24"
+				}
+				outbound_rule {
+					action = "drop"
+					port = 443
+					ip_range = "2002:0:0:1234::/64"
+				}
+				outbound_rule {
+					action = "drop"
+					port = 443
+					ip_range = "2002::1234:abcd:ffff:c0a8:101/128"
+				}
+
+			}
+		`
+
+		resource.Test(t, resource.TestCase{
+			PreCheck:     func() { testAccPreCheck(t) },
+			Providers:    testAccProviders,
+			CheckDestroy: testAccCheckScalewayInstanceSecurityGroupDestroy,
+			Steps: []resource.TestStep{
+				{
+					Config: config,
+				},
+				{
+					ImportState:  true,
+					ResourceName: "scaleway_instance_security_group_rules.sgrs01",
+					Config:       config,
+					Check: resource.ComposeTestCheckFunc(
+						testAccCheckScalewayInstanceSecurityGroupExists("scaleway_instance_security_group.sg01"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "inbound_rule.#", "6"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "inbound_rule.0.ip_range", "0.0.0.0/0"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "inbound_rule.1.ip_range", "1.2.0.0/16"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "outbound_rule.0.ip_range", "1.2.3.0/32"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "outbound_rule.1.ip_range", "2002::/24"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "outbound_rule.1.ip_range", "2002:0:0:1234::/64"),
+						resource.TestCheckResourceAttr("scaleway_instance_security_group_rules.sgrs01", "outbound_rule.1.ip_range", "2002::1234:abcd:ffff:c0a8:101/128"),
+					),
+				},
+			},
+		})
+	})
+
 }