Yes you are correct. I have an intranet that users can view a "intranet" website. So what I am attempting to do is state if the request comes from anything other than the 10.0.0.0/8 network then use the .htpasswd file to request authentication or a login page whatever is easier.
if the origin IP is not internal network then direct to login page.
it depends on what you mean by a "login page". if HTTP Basic authentication is sufficient, you could do something like this: <RequireAny> Require ip 10 Require valid-user </RequireAny> and also your AuthType and other required authentication directives.
if you need a login web page then you could use mod_rewrite to redirect the visitor to the login page.
Oh, I see. In 2.2 "Require" is only a directive. In 2.4 it's also an envelope, with "RequireAll" and "RequireAny" options. And it's all shifted from core to a named mod. At this point it's probably safe to assume 2.2 though.