Security Zones settings would be able to solve your purpose. Do something like this and add the ip address you were trying to add. do not forget to select the webservice checkbox as you only want a webservice only access.
The 403 error comes mainly because of two reasons.
1>. Username / password is incorrect
2>. IP address not authorized.
To rule out issues with username /password , can you generate a session token using the logon method of xtk:session schema. If you are able to successfully generate a sessionToken your user password is valid.
After that add the public IP from which you are making the SOAP call in the security zone. If it's hosted , raise a ticket to Adobe.