diff --git a/ldap.go b/ldap.go
index c59ffb6..c3f65f1 100644
--- a/ldap.go
+++ b/ldap.go
@@ -34,11 +34,12 @@ func (l *ldapConfig) addIPRange(s string) error {
 	if len(ips) != 2 {
 		return errors.New("invalid IPs")
 	}
-	if ip := net.ParseIP(ips[0]); ip != nil {
-		l.ipMin = ip
-	}
-	if ip := net.ParseIP(ips[1]); ip != nil {
-		l.ipMax = ip
+	for k, v := range []*net.IP{&(l.ipMin), &(l.ipMax)} {
+		if ip := net.ParseIP(strings.Trim(ips[k], " ")); ip == nil {
+			return errors.New(fmt.Sprintf("invalid IP '%s'", ips[k]))
+		} else {
+			*v = ip
+		}
 	}
 	return nil
 }
diff --git a/main.go b/main.go
index 7c9631b..1405587 100644
--- a/main.go
+++ b/main.go
@@ -76,7 +76,10 @@ func main() {
 			certAuth:     config.GetString(profile+".cert", "optionnal"),
 			upgradeFrom:  config.GetString(profile+".upgradeFrom", ""),
 		}
-		ldapConf.addIPRange(config.GetString(profile+".IPRange", ""))
+		if err := ldapConf.addIPRange(config.GetString(profile+".IPRange", "")); err != nil {
+			log.Println(err)
+			os.Exit(1)
+		}
 
 		if len(ldapConf.servers) > 0 && len(ldapConf.attributes) < 2 {
 			log.Println("valud ldap configuration must have 2 attributes")