AuthHosts

James ''Wez'' Weatherall jnw22 "at" cam.ac.uk
Fri, 01 Jun 2001 13:35:59 +0000


> I'm trying to use the AuthHosts directive to limit the access to a
> computer. I want to do the following:
>
> 1. If a remote user is trying to connect from a subnetwork, by example
> 192.168.1.0, allow him to connect quietly.
> 2. If a remote user is trying to connect from another subnet
(192.168.2.0),
> ask to the local user if he allows the connection.
> 3. Deny the rest.
>
> I'm using the WinVNC-3.3.3-r9 on both server and client. The server is
> installed on a Winnt4 Server with SP5. As far as I understand I should
edit
> the server registry and add the following:
>
> HKLM\Software\ORL\WinVNC3\AuthHosts (REG_SZ) = "-:?192.168.2:+192.168.1:"

This looks reasonable.

> HKLM\Software\ORL\VNC\3.3.3\AuthHosts (REG_SZ) =
"-:?192.168.2:+192.168.1:"

This is an InstallShield key.  You shouldn't put anything under it.

> HKCU\Software\ORL\WinVNC3\AuthHosts (REG_SZ) = "-:?192.168.2:+192.168.1:"

This will have no effect.  AuthHosts is a local-machine setting, not
global-user.

> HKLM\Software\ORL\WinVNC3\DebugLevel (REG_DWORD) = 0x0a (10)
> HKLM\Software\ORL\WinVNC3\DebugMode (REG_DWORD) = 0x02 (2)

What debug output do you get?  The output should indicate the contents of
the AuthHosts key.  You should make WinVNC output to a console window, so
you can see what is going on immediately.

> And I still can connect from anywhere without any restriction, and I can't
> find any WinVNC.log on the winvnc directory (or anywhere).

Strange.  Have you restarted the service?

Cheers,

James "Wez" Weatherall
--
          "The path to enlightenment is /usr/bin/enlightenment"
Laboratory for Communications Engineering, Cambridge - Tel : 766513
AT&T Labs Cambridge, UK                              - Tel : 343000
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at" uk.research.att.com
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------