diff --git a/pkg/ip/checker.go b/pkg/ip/checker.go
index c51df036c..eb2728a12 100644
--- a/pkg/ip/checker.go
+++ b/pkg/ip/checker.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"net"
+	"net/netip"
 	"strings"
 )
 
@@ -91,10 +92,11 @@ func (ip *Checker) ContainsIP(addr net.IP) bool {
 }
 
 func parseIP(addr string) (net.IP, error) {
-	userIP := net.ParseIP(addr)
-	if userIP == nil {
+	parsedAddr, err := netip.ParseAddr(addr)
+	if err != nil {
 		return nil, fmt.Errorf("can't parse IP from address %s", addr)
 	}
 
-	return userIP, nil
+	ip := parsedAddr.As16()
+	return ip[:], nil
 }
diff --git a/pkg/ip/checker_test.go b/pkg/ip/checker_test.go
index 53bcb1311..5893c9ef5 100644
--- a/pkg/ip/checker_test.go
+++ b/pkg/ip/checker_test.go
@@ -258,6 +258,7 @@ func TestContainsIsAllowed(t *testing.T) {
 				"2a03:4000:6:d080::42",
 				"fe80::1",
 				"fe80:aa00:00bb:4232:ff00:eeee:00ff:1111",
+				"fe80:aa00:00bb:4232:ff00:eeee:00ff:1111%vEthernet",
 				"fe80::fe80",
 				"1.2.3.1",
 				"1.2.3.32",
@@ -271,6 +272,7 @@ func TestContainsIsAllowed(t *testing.T) {
 			rejectIPs: []string{
 				"2a03:4000:7:d080::",
 				"2a03:4000:7:d080::1",
+				"2a03:4000:7:d080::1%vmnet1",
 				"4242::1",
 				"1.2.16.1",
 				"1.2.32.1",