I’m facing a curious situation with two Orthanc instances configured in my environment. Here’s the scenario:
General Setup:
Instance 1: Responsible for modifying the patient ID, compressing the exams, and forwarding the data to Instance 2.
Instance 2: Serves solely as storage and is configured to accept connections exclusively from Instance 1 and the HOROS software.
Observed Behavior: When configuring the PACS in HOROS, I noticed that Orthanc accepts connections based only on the IP and port, completely ignoring the AE Title.For example:
I can connect to Instance 1 using Instance 2’s connection details (and vice versa), as long as the IP and port are correct, regardless of the AE Title provided.
This behavior was also observed when testing with other PACS software.
Question: What could be causing this behavior? Does Orthanc ignore the AE Title in its configuration by default? Is there an additional parameter that needs to be set to validate the AE Title for incoming connections?
I’d appreciate any insights or experiences you can share to help understand or resolve this behavior.
{
// Whether the Orthanc SCP allows incoming C-ECHO requests, even
// from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above). Orthanc 1.3.0
// is the only version to behave as if this argument were set to "false".
"DicomAlwaysAllowEcho" : true,
// Whether the Orthanc SCP allows incoming C-STORE requests, even
// from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above)
"DicomAlwaysAllowStore" : true,
// Whether the Orthanc SCP allows incoming C-FIND requests, even
// from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above). Setting this
// option to "true" implies security risks. (new in Orthanc 1.9.0)
// Note: From Orthanc 1.10.0, this option only applies to C-FIND
// requests for patients/studies/series/instances. Use option
// "DicomAlwaysAllowFindWorklist" for worklists.
"DicomAlwaysAllowFind" : false,
// Whether the Orthanc SCP allows incoming C-FIND requests for worklists,
// even from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above). Setting this
// option to "true" implies security risks. (new in Orthanc 1.10.0)
"DicomAlwaysAllowFindWorklist" : false,
// Whether the Orthanc SCP allows incoming C-GET requests, even
// from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above). Setting this
// option to "true" implies security risks. (new in Orthanc 1.9.0)
"DicomAlwaysAllowGet" : false,
// Whether the Orthanc SCP allows incoming C-MOVE requests, even
// from SCU modalities it does not know about (i.e. that are not
// listed in the "DicomModalities" option above). Setting this
// option to "true" implies security risks. (new in Orthanc 1.9.7)
"DicomAlwaysAllowMove" : false,
// Whether Orthanc checks the IP/hostname address of the remote
// modality initiating a DICOM connection (as listed in the
// "DicomModalities" option above). If this option is set to
// "false", Orthanc only checks the AET of the remote modality.
"DicomCheckModalityHost" : false,
}