Setting up local IP based filtering with OpenSSH on Ubuntu

Greetings,

the server admin for our company suddenly left, and left the rest of us IT folk somewhat clueless about Linux and setting up servers and such. The setup is as follows:

Our local server, which we use for development and as a security tunnel through which we reach our live servers in Germany, is on the first floor of our company. It has Ubuntu and OpenSSH installed. It contains our SVN repository, and our live servers update from this server. It has a dyndns set up, and works perfectly. The updating workflow is as such: Make change, Commit, SSH to local server as root user, SSH to live servers, execute update. This all works real nice through dyndns, and used to work real nice through our local network -> while we were on the first floor (with the server) we had some kind of IP based filtering. Out of 5 WAN's in the company, only ours could SSH to the server. However, we now moved to the second floor and the server acts as if it doesn't know us. I assume the local IP changed when we switched the cables from one part of the switch in the rack to the other part (are different parts of a switch on different IPs? I assume so..), and now we are unable to SSH to it locally (dyndns still works). The people that took over our abandoned office can SSH to it, just like we used to, and yet they shouldn't.

The question is this -> where and how does one set up this local-IP based filtering for SSH connections on a local server? I read several SSH tutorials and strolled through sshd_config filed and such, and could find nothing. If you can help me, please be specific, I am completely clueless about the whole process, so saying something like "generate a public key and upload it to the machine" will just confuse me :)

Thanks a bunch..

Edit:

netstat -plutn | grep sshd

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 758/sshd
tcp6 0 0 :::22 :::* LISTEN 758/sshd

iptables -n -L

Chain INPUT (policy ACCEPT) target prot opt source destination

Chain FORWARD (policy ACCEPT) target prot opt source destination

Chain OUTPUT (policy ACCEPT) target prot opt source destination

SSHD_config

HostbasedAuthentication no

IgnoreUserKnownHosts yes

ListenAddress ::

ListenAddress 0.0.0.0

Match -> not specified, line does not exist

Edit 2: Problem solved.

It was plain old human error. The guy who connected our first floor rack to the second floor didn't do that at all. He actually redirected the ethernet socket to their own switch and told us he did it. Thus, we were online, but through their network. A younger network admin for the building came in today, and when I asked him about it he just sighed in disappointment and connected everything the way it should have been connected in the first place. Now everything is perfectly fine.