Part of Setup.INI, in your installation folder.
This property is not part of the Application Configuration dialog.
If present, then only the IP addresses and subnet ranges listed will be permitted to connect to this machine, and this machine will only issue connection attempts to the IP addresses and subnet ranges listed.
The [RPCManager-AllowIP] section is evaluated before the [RPCManager-ExcludeIP] section (see following topic), therefore, any addresses found in the Exclude section will only have effect if they are also permitted by the Allow section - in effect, first being permitted, then finally, being denied.
The effect of the AllowIP section is to provide security by only permitting connections to and from a set of known IP addresses. . This means that if your VTScada system can connect to different subnets, VTScada RPC traffic can be restricted to one of the subnets. This also provides the benefit of allowing you to exclude connections between a development system and a live system.
[RPCManager-ExcludeIP] has no effect unless [RPCManager-AllowIP] has been defined and is not empty.
Example:
[RPCManager-AllowIP]
IP = 192.168.1.5
; Single IPv4 address
IP = fe80::2063:0bf4:32c4:43ad
; Single IPv6 address
IP = 192.168.0.0/24
; IPv4 subnet range
IP = 2046:470:1f2c:b56/32
; IPv6 subnet rangeRPCManager
[RPCManager-ExcludeIP] IP = 192.168.0.22
This will allow the individual IPs 192.168.1.5 and fe80::2063:0bf4:32c4:43ad to be used for RPC connections and any computer on the 2046:470:1f2c:b56/32 subnet and any computer in the IPv4 address range 192.168.0.0->192.168.0.255 except for 192.168.0.22.
To refuse all inbound RPC connections and prevent all outbound connections, set only the local machine's IP address in the AllowIP section:
[RPCManager-AllowIP]
IP = 127.0.0.1
