PowerTerm WebConnect - Ericom Software · Ericom – Aventail SSL VPN Integration Manual Ericom – Aventail Integration Manual 4 1.Overview This document explains the configuration

PowerTerm®

WebConnectIntegration Instructions with Aventail SSL VPN

Version 1.2 March 12, 2008

Ericom – Aventail SSL VPN Integration Manual

Ericom – Aventail Integration Manual

Notice This document is subject to the following conditions and restrictions:

The proprietary information belongs to Ericom® Software. In this document is supplied solely for the purpose of assisting explicitly and property authorized parties. No part of its contents may be used for any purpose, disclosed to any person or firm, or reproduced by any means, electronic and mechanical, without the express prior written permission of Ericom® Software. The text and graphics are for the purpose of illustration and reference only. The specifications on which they are based are subject to change without notice. Corporate and individual names, and data used in examples herein are fictitious unless otherwise noted.

Copyright © 2005 Ericom Software. Ericom and PowerTerm are registered trademarks of Ericom Software. Other company brands, products, and service names are trademarks or registered trademarks of their respective holders.


Ericom – Aventail Integration Manual

Table of Contents1. Overview 4

2. WebConnect Configuration 5

3. SSL VPN Configuration 6

4. Single Sign-On 9

5. About Ericom 13


Ericom – Aventail Integration Manual 4

1.OverviewThis document explains the configuration required to access and run PowerTerm WebConnect through an Aventail Secure Remote Access Gateway.

The test platform used for this Integration Guide was a Virtual Machine running PowerTerm WebConnect v5.6.0.4000 and an Aventail EX-1500 Secure Remote Access Gateway running firmware version 8.9.



2.WebConnect Configuration2.1. In order for integration of the WebConnect Portal and the Aventail appliance to interoperate

properly, the WebConnect Portal must know the location of the WebConnect Server.

2.1.1. Browse to “x:\ Program Files\Ericom Software\WebConnect 5.6\web\portal\windows”, where “x” is the drive letter in which WebConnect is installed.

2.1.2. In this folder, you will find the files “Clients.asp” and “RunClientsGlobal.asp”.

2.1.3. Make a copy of these 2 files and rename to “Clients2.asp” and “RunClientsGlobal2.asp” respectively.

2.1.4. Open “Clients2.asp” in Notepad and look for the text “RunClientsGlobal.asp” and change it to “RunClientsGlobal2.asp”.

2.1.5. Open “RunClientsGlobal2.asp” in Notepad and look for the text “<WebServer>” and change it to the IP address or DNS name of the WebConnect Server.

Ex 1: If your WebConnect Server is 192.168.1.110, then you replace “<WebServer>” with “192.168.1.110”.

Ex 2: If your WebConnect Server is “WebConnect.testdomain.local”, then you replace “<WebServer>” with “WebConnect.testdomain.local”.

2.1.6. Browse to “x:\ Program Files\Ericom Software\WebConnect 5.6\ComPortal”, where “x” is the drive letter in which WebConnect is installed.

2.1.7. Open “ComPortal.ini” and look for the text “CustomAddress=”.

2.1.8. Add your Aventail’s external IP or DNS address to this line. Save this file. (Example: “CustomAddress=Aventail.testdomain.com”

2.1.9. Reset IIS. (Start/Run: IISRESET)

2.1.10. Browse to your WebConnect DataBase folder. (Usually in “x:\Program Files\Ericom Software\WebConnect 5.6\DataBase”, where “x” is the drive letter in which WebConnect is installed.)

2.1.11. Open “PtServer.ini” and search for “Machines=localhost”.

2.1.12. Add your server address to this line (Example: “Machines=localhost;Aventail.testdomain.com”)

2.1.13. Restart the “PowerTerm WebConnect Server 5.6” service.



3.SSL VPN Configuration3.1. Launch the Aventail Management Console (AMC).

3.2. Define WebConnect Resources.

3.2.1. From the AMC, select Resources.

3.2.2. Create a new URL Resource for the WebConnect Portal:

Description: WebConnect URL

URL: “http://192.168.1.110” (IP address or hostname of the WebConnect Server)

Alias: ericom

3.2.3. Create a new Host Resource for the WebConnect Server.

Description: WebConnect Server

Hostname or IP address: enter the local hostname/ip of the WebConnect Server



3.3. Define a WorkPlace Shortcut.

3.3.1. From the AMC, select Aventail WorkPlace.

3.3.2. Create a new Web Shortcut.

Resource: WebConnect URL

Link Text: WebConnect Portal

Description: Access published applications via WebConnect

3.3.3. Go to Advanced options and set Start Page: “webconnect/portal/windows/index.asp”



3.4. Create a new access control rule to permit the appropriate user or group access to both the WebConnect URL and Host Resource.

3.4.1. From the AMC, select Access Control

3.4.2. Create a new rule

Permit | Any | WebConnect URL, WebConnect Server

3.5. Provision OnDemand in the User Community

3.5.1. Check the appropriate Community definition to ensure that either OnDemand Dynamic or OnDemand Tunnel is being deployed to the WebConnect web based users. Details for modifying Community definitions and customizing OnDemand agents can be found in the Aventail Administrator Guide.

3.6. Apply changes and test

3.6.1. From the AMC, apply all changes then test access to the WebConnect Portal and published applications through the Aventail WorkPlace.



4.Single Sign-On4.1. Since the WebConnect Application Portal is a web based logon form, a Single Sign-On from

the Aventail WorkPlace to the Portal can be supported using the Forms Based Single Sign-On Adapter:

4.2. Modify WebConnect WorkPlace Shortcut.

4.2.1. From the AMC, select Aventail WorkPlace.

4.2.2. Open the current WebConnect Web Shortcut.

4.2.3. Select Advanced tab and modify the Start Page to be “webconnect/portal/windows/Clients2.asp”.



4.3. Create a Single SignOn Profile to define the parameters to pass to the WebConnect web logon form.

4.3.1. Select Services -> Web Proxy Service -> Configure.



4.3.2. Create a new Single Sign-On Profile with the following parameters:

Name: WebConnect

Application URL: “http://x.x.x.x/webconnect/portal/windows/Clients2.asp”, where “x.x.x.x” is the host name or IP address of the WebConnect server.

Cookie Name: AppPortal

Form Element: username Mapped to this value: Username

Form Element: password Mapped to this value: Password

Form Element: domain Mapped to this value: NTLM Domain Name

Form Element: Login Mapped to this value: Other… Value: Login

(NOTE: Form elements are case sensitive.)



4.4. Create a Web Application Profile to enable credential forwarding.

4.4.1. From the AMC, select Resources.

4.4.2. Open the URL Resource for the WebConnect Portal.

4.4.3. On the Advanced pull-down, change the Web Application Profile selection to use the new WebConnect/SSO profile and save this Resource.

4.5. Apply changes and test.



5.About EricomEricom® Software is a leading provider of Enterprise-Wide Application Access Solutions. Since 1993, Ericom has been helping users access enterprise mission-critical applications. More than a decade later, Ericom continues to focus on its core business, while enabling access to applications running on a broad range of Microsoft® Windows® Terminal Servers, legacy and other systems; and helping organizations realize the benefits of their IT investments. With over 6 million installations in 45 countries, Ericom has offices in the United States and EMEA, and a worldwide network of distributors, strategic partners, and OEM partners.

For more information on our products and services, contact us at the location nearest to you.And visit our web site: http://www.ericom.com

North America Western Europe InternationalEricom Software Inc. Ericom Software (UK) Ltd. Ericom Software Ltd.231 Herbert Avenue, Bldg. #4 11a Victoria Square 8 Hamarpeh StreetCloster, NJ 07624 USA Droitwich, Worcestershire Har Hotzvim Technology ParkTel +1 (201) 767 2210 WR9 8DE United Kingdom Jerusalem 91450 Israel Fax +1 (201) 767 2205 Tel +44 (0) 870 2000 176 Tel +972 (2) 591 1700Toll-free 1 (888) 769 7876 Fax +44 (0) 870 2000 179 Fax +972 (2) 571 4737Email [email protected] Email [email protected] Email [email protected]

Documents

PowerTerm WebConnect - Ericom Software · Ericom – Aventail SSL VPN Integration Manual Ericom – Aventail Integration Manual 4 1.Overview This document explains the configuration