Ericom PowerTerm WebConnect

From Swivel Knowledgebase
Revision as of 12:52, 11 May 2017 by Admin (talk | contribs) (1 revision imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Introduction

This article describes how to integrate Swivel with the PowerTerm WebConnect by Ericom using SMS, Mobile Client and the Taskbar utility. It is not possible to embed the Single Channel within the login page.


Prerequisites

Swivel 3.3

PowerTerm WebConnect


Baseline

Swivel 3.9


Architecture

Ericom PowerTerm WebConnect authenticates users by using RADIUS authentication against Swivel.


Installation

Swivel Integration Configuration

Configuring the RADIUS server

Configure the RADIUS settings using the RADIUS configuration page in the Swivel Administration console by selecting RADIUS Server. To turn on RADIUS authentication set Server Enabled to YES. The Host or IP address is the interface which will accept RADIUS requests, leave this blank (or use 0.0.0.0) to allow RADIUS requests on any interface.

For troubleshooting RADIUS debug can be enabled together with the debug log option, see Debug how to guide

Note: for appliances, the Swivel VIP should not be used as the server IP address, see VIP on PINsafe Appliances


PINsafe36RADIUSserver.JPG


Setting up the RADIUS NAS

Set up the NAS using the Network Access Servers page in the Swivel Administration console. Enter a name for the VPN server. The IP address has been set to the IP of the VPN appliance, and the secret ‘secret’ assigned that will be used on both the Swivel server and VPN RADIUS configuration.


PINsafe 36 generic RADIUS NAS.JPG


You can specify an EAP protocol if required, others CHAP, PAP and MSCHAP are supported. All users will be able to authenticate via this NAS unless authentication is restricted to a specific repository group.


Ericom PowerTerm WebConnect Integration

RADIUS Server Configuration

Launch the PowerTerm WebConnect Administration Console and go to the Main Configuration (Files | Configuration | Main).

In the [ConnectionPoint=Internet] section set the option AuthenticationMethod=Radius.

This setting specifies that connections to this Connection Point will be authenticated with RADIUS.

Configure settings for the RADIUS connection

Radius_server Address of the Swivel RADIUS server

Radius_port (UDP) port that the Radius server is listening on. Default: 1812

Radius_sec_timeout timeout to wait for response from the Radius server. Default: 2

Radius_retries number of times to retry sending of the authentication request if a timeout occur. Default: 3

Radius_secret RADIUS server‘s secret password as entered in the NAS section of Swivel.

Restart the PowerTerm WebConnect Server service.


Configuring Applications

Go to applicable published application‘s Advanced section (applicable applications are those that will be used by users authenticating with RADIUS). Uncheck the option Use WebConnect User Credentials. Place %u in the Username field, and %X”Network Password” in the Password field.

Uncheck the option “Use Default Domain”

NOTE: Network Password should be entered exactly as is, do not replace the text with a user’s password. There needs to be a space between - ”Network” and “Password”

Ericom PowerTerm WebConnect Application Publishing Advanced Settings.png


Additional Installation Options

Verifying the Installation

When users launch the Application Zone they will see the following screen, should log in with their username and Swivel One Time Code.


Ericom PowerTerm WebConnect Login.png


If the authentication is successful, the Application Zone will open displaying the users applications.


Ericom PowerTerm WebConnect Application Zone.png


The first time the user launched an application, they will be prompted for their network password, as shown below.


Ericom PowerTerm WebConnect Network Password Authentication.png


The application will then open.


Uninstalling the Swivel Integration

Remove the RADIUS authentication for applications, check the option Use WebConnect User Credentials and remove the RADIUS server settings.


Troubleshooting

Known Issues and Limitations

Additional Information