When you are deploying security applications such as FaceTime, you want to ensure that your users connect to their home IBM
® Sametime Community servers or home clusters. Preventing users from connecting to remote servers is done by specifying trusted IP addresses and rejecting forwarded logins during the login process.
About this task
For users that must log in through FaceTime or similar proxies, the Sametime Community Server should allow them to connect through the home server only. The Sametime Community Mux Server should accept connections that come from Facetime IP addresses only. You must dedicate a specific Mux to a specific server, and limit users to connecting to that Mux through FaceTime only. This applies to local Muxes, as well as standalone Muxes. The following settings should be set on all Muxes in your deployment.
Parent topic: Assigning users to a home Sametime Community Server
- Use a text editor to open the sametime.ini file located in the Sametime Community server installation directory (for example, root/lotus/domino).
- In the Connectivity section, add or create a comma-separated list of trusted IP addresses of proxies.
This setting controls which clients are allowed to connect by assigning a comma separated list of IP addresses. An empty list of trusted addresses (default) means the feature is turned off, and that clients from all IP addresses can connect.
- Create or edit the VP_REJECT_FORWARDED_LOGINS setting so that forwarded logins are rejected.
When that setting is set to 1, users must connect to their assigned home servers. This is essential when users must connect through FaceTime.
- Save the sametime.ini file.