-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Customizing a Connect Tunnel Initialization File vs. Installing from WorkPlace
03/26/2020 
37 People found this article helpful
486,544 Views
Description
Instructions in Chapter 10 of the Administration Guide explain how to customize an .ini file for installing Connect tunnel, but the file is incomplete: it cannot include certain items—such as authentication type and custom prompts—until a connection has been made to the VPN appliance. This means that first-time users are presented with dimmed authentication prompts unless they install from WorkPlace. There is a workaround explaining how to get the complete configuration file so that the user authentication prompts will not be dimmed. This article describes the differences between the two .ini files.
Resolution
Connect tunnel initialization file: ngsetup.ini
By editing a file named ngsetup.ini, you can customize the Connect tunnel client setup package and preconfigure certain settings, such as the host name or IP address of the appliance, and the realm you want your users to log in to. (If you don't include an .ini file, users are guided through the configuration process by the Setup Wizard.)
1. When the user runs ngsetup_<xx>.exe with the following .ini file, for example, he or she is presented with "Accounting" as the default realm:
[Connectoid 1]
ConnectionName=Aventail VPN Connection
VpnServer=192.168.200.120
StartMenuIcon=1
DesktopIcon=1
UserRealm=Accounting
StatusDlg=1
Taskbar=1
RunAtStartup=0
[InstallSettings]
ProductCode={A2A78788-2792-49BF-AF22-5E9296E568F3}
PackageCode={2D1C06E9-91C7-4BE0-9388-2291D7918D36}
InstallFile=ngclient.msi
UILevel=BASIC
FileSize=963072
ProductVersion=8.90.157
Language=en-US
Installation of the Connect Tunnel client will succeed, but the authentication prompts in the client will be dimmed the first time the user runs the program, as explained above.
2. The client is interrogated and placed in the community that corresponds to its device profile.
3. After a successful login, settings are recorded in the registry on the user's computer: the name of the community into which the device is categorized, for example, and the wording for any customized authentication server prompts.
Installing Connect tunnel from WorkPlace
When Connect tunnel is installed from WorkPlace, its settings are written to the registry using information that the user provides during login. For example, the ngsetup.ini file described above offers a default realm, but it's possible that the user could choose a different realm. When installing from WorkPlace, on the other hand, the realm the user selected is already known, as are any customized login prompts.
During the install process, the following .ini file is temporarily created on the user's device. Its settings are written to the registry and the .ini file is deleted when the browser session is closed. Here are the contents of a sample file—note the addition of the authentication server type (Active Directory), community name, and authentication prompts (all in bold)
-note change "activeDirectoryAuth" with the name of you Active Directory Authentication server :
[Connectoid 1]
ConnectionName="Aventail VPN Connection"
VpnServer="193.169.100.130"
DesktopIcon=1
RunAtStartup=0
CommunityName="Trusted"
UserRealm="Employees"
UserAuth="activeDirectoryAuth"
AuthVersion=2
AuthTitle="IDS_AUTHENTICATION_DIALOG_TITLE",16384
AuthMessage1="IDS_AUTHENTICATION_DIALOG_MESSAGE",16384
AuthField1="IDS_AUTHENTICATION_PROMPT_USERNAME",81921
AuthField2="IDS_AUTHENTICATION_PROMPT_PASSWORD",147458
AuthButtons=35
[InstallSettings]
ProductCode={A2A78788-2792-49BF-AF22-5E9296E568F3}
PackageCode={370755A8-8634-42EF-8C39-D5D835BF92F1}
InstallFile=ngclient.msi
UILevel=BASIC
FileSize=768000
ProductVersion=8.80.191
Language=en-US
The bolded lines above represent the variables that are missing from the ngsetup.ini file in 8.8.0 and 8.8.1.
ISSUE ID:
34423
Related Articles
- How to Set Timeout for Inactive Tunnel Connections
- Commands for silent installation of NetExtender via CMD line
- Users on Netextender 10.3.0 version failing to connect with the following error message " Cannot get a response from the server "
YES
NO