Restricting VNC on V90 - AuthHosts

Restricting VNC on V90 - AuthHosts

FYI: by adding the string AuthHosts to registry key HKLM\Software\ORL\WinVNC3 you can limit which machines can connect to the Wyse terminal through VNC. From the RealVNC documentation:

AuthHosts

The AuthHosts setting is, unlike the other settings, a REG_SZ string. It is used to specify a set of IP address templates which incoming connections must match in order to be accepted. By default, the template is empty and connections from all hosts are accepted. The template is of the form:

+[ip-address-template]
?[ip-address-template]
-[ip-address-template]

In the above, [ip-address-template] represents the leftmost bytes of the desired stringified IP-address.For example, +192.168 would match both 192.168.12.10 and 192.168.14.2.Multiple match terms may be specified, delimited by the ":" character. Terms appearing later in the template take precedence over earlier ones.e.g. -:+192.168: would filter out all incoming connections except those beginning with 192.168. Terms beginning with the "?" character are treated by default as indicating hosts from whom connections must be accepted at the server side via a dialog box. The QuerySetting option determines the precise behaviour of the three AuthHosts options. Local machine-specific setting.

The important thing to note is that if you set the value to "+192.168.1.1" this will not limit the connection to just this single machine, you need to set the value to "-:192.168.1.1", the logic being you remove for all "-" and then add back "+" the authorised host(s).

Obvious really but caused a bit of head scratching until I realised this.