Limitations
This topic contains the following subtopics:
Single User Limitations
You can set different limitations only for a particular user.
Step 1
Navigate to Users tab and click "Limitations" .
Step 2
Modify the user's limitations. You can set the following limitations:
- Account (enable/disable the user account)
- Max active sessions (set the maximum number of active sessions)
- Desktop sharing (enable/disable desktop sharing)
- File transfer (enable/disable the file transfer)
- Video plugin (enable/disable the video plugin)
- Audio plugin (enable/disable the audio plugin)
- Remote printing (enable/disable the remote printing)
- ISL Light IP/MAC filter (set IP/MAC filters for connection)
Step 3
Click "Set limitations" button when you are finished modifying the limitations.
Step 4
You can view the user's current limitations by hovering over "info" icon next to the user's name.
Multiple Users Limitations (Domain Limitations)
You can set certain limitations for multiple users (domain members) by modifying the domain limitations.
Step 1
Click "Limitations" from "DOMAIN SETTINGS" drop-down menu.
Step 2
Modify the domain's limitations. You can set the following limitations:
- ISL Light IP/MAC Filter (set IP/MAC filters for connection)
Each filter definition consists of pairs of filter name and filter descriptions. Pairs are delimited with a new line or using the ; character.
Filter syntax:
(allow_|deny_)(all|ip|mac) <filter description> [;(allow_|deny_)(ip|mac) <filter description 1> ...]
First part of the pair begins with allow_ or deny_ and is followed by ip or mac (applying IP or MAC filtering). The second part (filter_description) depends on the filtering type - either an IP address/subnet/... or a MAC address using the aa-bb-cc-dd-ee format.
Example:
deny_ip 192.168.0.14
allow_ip 192.168.0.13/255.255.255.0
allow_mac 00-19-d1-06-c9
This will allow connections from any IP in the 192.168.0.* subnet -except a connection coming from 192.168.0.14 or from the 00-19-d1-06-c9 MAC address with any IP.
When accessing a computer, its access rules are read from the top down and stop immediately, when a rule is matched (whether it is allow or deny). If it gets to the bottom of the list, deny_all is implicitly used - i.e. if all the rules fail to match and it gets to the bottom of the list, access is denied. This means that you do not need to append deny_all to your list.
Important: IP and MAC addresses can be spoofed, so filters alone are not a substitute for a strong access password!
For more information about how to write filters please check the manual.
Step 3
Click "Set limitations" button when you are finished modifying the limitations.
Step 4
The restricted user (e.g for example user with IP address 192.168.0.14) should not be able to connect.