Rejecting Forward Logins
When you deploy secure applications that allow users to connect to Sametime, ensure that your users connect to their home Sametime Community Servers or home clusters. You can prevent users from connecting to remote servers by specifying trusted IP addresses and rejecting forwarded log-ins during the log-in process.
About this task
For users that must log in through a secure application, the Sametime Community Server should allow them to connect only through the home server. The Sametime Community Mux Server should only accept connections that come from the application's IP addresses. You must dedicate a specific Community Mux to a specific Sametime Community Server, and limit users to connecting to that Mux through the secure application. This applies to local Community Mux services hosted on the Sametime Community Server, as well as to stand-alone Community Mux servers.
Use the following settings on all Sametime Community Servers and Sametime Community Mux servers in your deployment.