You can use specific security schemes for individual client machines based on their IP address (either full or partial). The Windchill RV&S server selects the security scheme based on the IP address the user is coming from. If you specify a partial IP address, every client in the subnet (up to 256 machines) with an IP address that starts with the same three entries as the partial IP address uses the specified security scheme.

Specify the security scheme for individual client machines in the following properties:

For example, if the client’s IP address is 10.0.08.24 and you want to use a Windows private security policy, you would specify the following:

You can specify multiple comma-separated security policies for each IP address, for example:

The client’s IP address is compared against the specified policies in the order of most specific to least specific. For example, if you specified the following security policies:

then a client with IP address 10.0.8.24 is validated against the MKS Domain using an encrypted transport protocol.

FSA does not support client authentication by IP address on the host Windchill RV&S server. Authentication by IP address must be set on the proxy. For more information on FSA, see “Understanding Federated Server Architecture”.

If you change security realms on a remote server, connecting clients and proxies must be restarted to log in successfully.