®

PowerTerm
WebConnect
Integration Instructions
with Aventail SSL VPN

Version 1.2 March 12, 2008

 Ericom – Aventail SSL VPN Integration Manual

Notice
This document is subject to the following conditions and restrictions:
®
The proprietary information belongs to Ericom Software. In this document is supplied solely for the purpose
of assisting explicitly and property authorized parties. No part of its contents may be used for any purpose,
disclosed to any person or firm, or reproduced by any means, electronic and mechanical, without the
®
express prior written permission of Ericom Software. The text and graphics are for the purpose of
illustration and reference only. The specifications on which they are based are subject to change without
notice. Corporate and individual names, and data used in examples herein are fictitious unless otherwise
noted.

Copyright © 2005 Ericom Software. Ericom and PowerTerm are registered trademarks of Ericom Software.
Other company brands, products, and service names are trademarks or registered trademarks of their
respective holders.

Ericom – Aventail Integration Manual

 Ericom – Aventail SSL VPN Integration Manual

Table of Contents
1. Overview 4
2. WebConnect Configuration 5
3. SSL VPN Configuration 6
4. Single Sign-On 9
5. About Ericom 13

Ericom – Aventail Integration Manual

 Ericom – Aventail SSL VPN Integration Manual

1.Overview
This document explains the configuration required to access and run PowerTerm WebConnect
through an Aventail Secure Remote Access Gateway.
The test platform used for this Integration Guide was a Virtual Machine running PowerTerm
WebConnect v5.6.0.4000 and an Aventail EX-1500 Secure Remote Access Gateway running
firmware version 8.9.

Ericom – Aventail Integration Manual 4

 Ericom – Aventail SSL VPN Integration Manual

2.WebConnect Configuration
2.1. In order for integration of the WebConnect Portal and the Aventail appliance to interoperate
properly, the WebConnect Portal must know the location of the WebConnect Server.
2.1.1. Browse to “x:\ Program Files\Ericom Software\WebConnect 5.6\web\portal\windows”,
where “x” is the drive letter in which WebConnect is installed.
2.1.2. In this folder, you will find the files “Clients.asp” and “RunClientsGlobal.asp”.
2.1.3. Make a copy of these 2 files and rename to “Clients2.asp” and
“RunClientsGlobal2.asp” respectively.
2.1.4. Open “Clients2.asp” in Notepad and look for the text “RunClientsGlobal.asp” and
change it to “RunClientsGlobal2.asp”.
2.1.5. Open “RunClientsGlobal2.asp” in Notepad and look for the text “<WebServer>” and
change it to the IP address or DNS name of the WebConnect Server.

Ex 1: If your WebConnect Server is 192.168.1.110, then you replace “<WebServer>”

with “192.168.1.110”.

Ex 2: If your WebConnect Server is “WebConnect.testdomain.local”, then you replace

“<WebServer>” with “WebConnect.testdomain.local”.

2.1.6. Browse to “x:\ Program Files\Ericom Software\WebConnect 5.6\ComPortal”, where “x”

is the drive letter in which WebConnect is installed.
2.1.7. Open “ComPortal.ini” and look for the text “CustomAddress=”.
2.1.8. Add your Aventail’s external IP or DNS address to this line. Save this file. (Example:
“CustomAddress=Aventail.testdomain.com”
2.1.9. Reset IIS. (Start/Run: IISRESET)
2.1.10. Browse to your WebConnect DataBase folder. (Usually in “x:\Program
Files\Ericom Software\WebConnect 5.6\DataBase”, where “x” is the drive letter in
which WebConnect is installed.)
2.1.11. Open “PtServer.ini” and search for “Machines=localhost”.
2.1.12. Add your server address to this line (Example:
“Machines=localhost;Aventail.testdomain.com”)
2.1.13. Restart the “PowerTerm WebConnect Server 5.6” service.

Ericom – Aventail Integration Manual 5

 Ericom – Aventail SSL VPN Integration Manual

3.SSL VPN Configuration

3.1. Launch the Aventail Management Console (AMC).

3.2. Define WebConnect Resources.

3.2.1. From the AMC, select Resources.
3.2.2. Create a new URL Resource for the WebConnect Portal:
Description: WebConnect URL
URL: “http://192.168.1.110” (IP address or hostname of the WebConnect Server)
Alias: ericom

3.2.3. Create a new Host Resource for the WebConnect Server.

Description: WebConnect Server
Hostname or IP address: enter the local hostname/ip of the WebConnect Server

Ericom – Aventail Integration Manual 6

 Ericom – Aventail SSL VPN Integration Manual

3.3. Define a WorkPlace Shortcut.

3.3.1. From the AMC, select Aventail WorkPlace.
3.3.2. Create a new Web Shortcut.
Resource: WebConnect URL
Link Text: WebConnect Portal
Description: Access published applications via WebConnect

3.3.3. Go to Advanced options and set Start Page: “webconnect/portal/windows/index.asp”

Ericom – Aventail Integration Manual 7

 Ericom – Aventail SSL VPN Integration Manual

3.4. Create a new access control rule to permit the appropriate user or group access to both the
WebConnect URL and Host Resource.
3.4.1. From the AMC, select Access Control
3.4.2. Create a new rule
Permit | Any | WebConnect URL, WebConnect Server

3.5. Provision OnDemand in the User Community

3.5.1. Check the appropriate Community definition to ensure that either OnDemand Dynamic
or OnDemand Tunnel is being deployed to the WebConnect web based users. Details
for modifying Community definitions and customizing OnDemand agents can be found
in the Aventail Administrator Guide.

3.6. Apply changes and test

3.6.1. From the AMC, apply all changes then test access to the WebConnect Portal and
published applications through the Aventail WorkPlace.

Ericom – Aventail Integration Manual 8

 Ericom – Aventail SSL VPN Integration Manual

4.Single Sign-On
4.1. Since the WebConnect Application Portal is a web based logon form, a Single Sign-On from
the Aventail WorkPlace to the Portal can be supported using the Forms Based Single Sign-
On Adapter:

4.2. Modify WebConnect WorkPlace Shortcut.

4.2.1. From the AMC, select Aventail WorkPlace.

4.2.2. Open the current WebConnect Web Shortcut.

4.2.3. Select Advanced tab and modify the Start Page to be

“webconnect/portal/windows/Clients2.asp”.

Ericom – Aventail Integration Manual 9

 Ericom – Aventail SSL VPN Integration Manual

4.3. Create a Single SignOn Profile to define the parameters to pass to the WebConnect web
logon form.

4.3.1. Select Services -> Web Proxy Service -> Configure.

Ericom – Aventail Integration Manual 10

 Ericom – Aventail SSL VPN Integration Manual

4.3.2. Create a new Single Sign-On Profile with the following parameters:

Name: WebConnect

Application URL: “http://x.x.x.x/webconnect/portal/windows/Clients2.asp”, where “x.x.x.x” is

the host name or IP address of the WebConnect server.

Cookie Name: AppPortal

Form Element: username Mapped to this value: Username

Form Element: password Mapped to this value: Password

Form Element: domain Mapped to this value: NTLM Domain Name

Form Element: Login Mapped to this value: Other… Value: Login

(NOTE: Form elements are case sensitive.)

Ericom – Aventail Integration Manual 11

 Ericom – Aventail SSL VPN Integration Manual

4.4. Create a Web Application Profile to enable credential forwarding.

4.4.1. From the AMC, select Resources.
4.4.2. Open the URL Resource for the WebConnect Portal.
4.4.3. On the Advanced pull-down, change the Web Application Profile selection to use the
new WebConnect/SSO profile and save this Resource.

4.5. Apply changes and test.

Ericom – Aventail Integration Manual 12

 Ericom – Aventail SSL VPN Integration Manual

5.About Ericom
Ericom® Software is a leading provider of Enterprise-Wide Application Access Solutions.
Since 1993, Ericom has been helping users access enterprise mission-critical
applications. More than a decade later, Ericom continues to focus on its core business,
while enabling access to applications running on a broad range of Microsoft® Windows®
Terminal Servers, legacy and other systems; and helping organizations realize the
benefits of their IT investments. With over 6 million installations in 45 countries, Ericom
has offices in the United States and EMEA, and a worldwide network of distributors,
strategic partners, and OEM partners.

For more information on our products and services, contact us at the location nearest to you.
And visit our web site: http://www.ericom.com

North America Western Europe International

Ericom Software Inc.
231 Herbert Avenue, Bldg. #4
Closter, NJ 07624 USA
Tel +1 (201) 767 2210
Fax +1 (201) 767 2205
Toll-free 1 (888) 769 7876
Email info@ericom.com
Ericom Software (UK) Ltd.
11a Victoria Square
Droitwich, Worcestershire
WR9 8DE United Kingdom
Tel +44 (0) 870 2000 176
Fax +44 (0) 870 2000 179
Email info@ericom.co.uk
Ericom Software Ltd.
8 Hamarpeh Street
Har Hotzvim Technology Park
Jerusalem 91450 Israel
Tel +972 (2) 591 1700
Fax +972 (2) 571 4737
Email info@ericom.com

Ericom – Aventail Integration Manual 13