When I set up a server volume with this configuration with both IP and user/password authentication, access to the volume is permitted based on the source IP address only. Is there a way of requiring both IP address AND user/password authentication? (IP authentication is insecure, since it can be spoofed from the local network, but login authentication is worse, since it can be used.) (I suspect the answer is no at the moment, judging by the code...) As a more general question, can multiple authentication methods be required for a server? # config snippet ... volume server type protocol/server option transport-type tcp/server subvolumes brick option auth.ip.brick.allow 192.168.0.19 # Allow access to "brick" volume option auth.login.brick.allow john option auth.login.joe.password bigsecret end-volume