Velocity powered by Wavelink

Security Settings

The following settings are available on the Security tab of the host profile.

ClosedTE

SSL

Use SSL

Uses SSL to encrypt the information sent to the host. When this option is selected, the Port field for the host profile is changed to 992. You cannot use ConnectPro when SSL is enabled.

Certificate

Valid Certificate

Adds a valid certificate to devices for secure connections with a host. When added, all associated subject and thumbprint information is listed here. The host address shown in the certificate must match the host server location, or else the device will not trust the host.

If no certificate is attached to the host profile, then Velocity refers to the device's certificate store. In this store, certificates distributed by certificate authorities are trusted and do not need to be added to a host profile. However, if you're using a self-signed certificate you must include it as part of the Velocity console project deployment.

For security purposes, device users are not prompted to trust certificates when connecting to a host. They will only receive an error when a host is not trusted or a certificate is not attached to a host profile.

The certificate extensions supported includes .cer, .crt, and .pem.

You may only attach one certificate to a project.

SSH

Use SSH

Uses SSH to encrypt the information sent to the host. There is no additional software for SSH on the device, but the host must be configured for SSH. When this option is selected, the Auto Login User and Auto Login Password fields appear and must be filled out and the Port field is changed to 22.

This setting requires a public key to authenticate against the SSH server. The public key can only be associated with a host profile from the Velocity Console application.

You can only select this option or Use SSH Tunnel, but not both.

Use SSH Tunnel

Sets whether or not to use SSH tunneling. If you are using 5250 emulation with SSH, you must use SSH tunneling. When this option is selected, the Auto Login User, Auto Login Password, Tunnel Address, and Tunnel Port fields appear below and the Port field is changed to 22.

This setting requires a public key to authenticate against the SSH server. The public key can only be associated with a host profile from the Velocity Console application.

You can only select this option or Use SSH, but not both.

Auto Login User

The username for accessing the SSH server.

This option is only available when Use SSH or Use SSH Tunnel is selected.

Auto Login Password

The password associated with the SSH username.

This option is only available when Use SSH or Use SSH Tunnel is selected.

Known Host

The public key needed to verify the trusted host. Whereas device users can manually verify the trusted host, using this field is more secure. By entering a known host public key, this automatically stores the key information on the device when the profile is deployed to a device.

When connecting to a server, the Client then compares the stored public key against what the server provides. This bypasses the verify trusted host prompt on the Client that displays when connecting to a session for the first time.

If the public key changes, future deployments of your project will overwrite the old public key. Device users can also remove the current key by clearing the app data from the Settings app.

This field is optional.

Tunnel Address

The IP address or host name for the SSH tunnel.

This option is only available when Use SSH Tunnel is selected.

Tunnel Port

The TCP port number associated with the Tunnel Address for SSH tunneling.

This option is only available when Use SSH Tunnel is selected.

ConnectPro

Only Use ConnectPro connections

Indicates whether the Velocity Client should only connect to the host through a ConnectPro server. If you enable this checkbox, you cannot select the Use SSL setting in the SSL Settings section.

Server Type

The version number of the ConnectPro server.

Address

The IP address or host name of the server. To prompt a device user for all or part of the address, use a variable delineated by %. Variables can be used in DNS names or IP addresses. For example:

192.168.42.%Store Number%

The text that is inside the % indicators is the information that appears in the prompt on the device. In the above example, the prompt on the device would ask the user for "Store Number." If the user provides the store number 123, the Client attempts to connect to 192.168.42.123.

Port

The TCP port number on which the proxy server is listening for emulation requests from clients.

Terminate ConnectPro Session

Indicates when the ConnectPro server should terminate the connection to the host.

Possible values include:

Never. The proxy server never terminates the session established with the host. The Client is responsible for manually terminating the session.

OnNetworkError. The proxy server terminates the session with the host when a network error occurs, such as a loss of network connectivity.

OnSessionExit. The proxy server terminates the session with the host when the session is terminated by the Velocity Client. By default, this option is selected.

Always. The proxy server will terminate the session with the host on a network error or when the session is terminated.

Client Reconnects if Unexpectedly Disconnected

Specifies if the Velocity Client will attempt to reconnect if the session with the proxy server is lost and the Client has not received a disconnect message from the proxy server. By default, this is set to Yes.

Reconnect String

Specifies the reconnect string that the device should use when connecting to the host. Alternately, you may configure reconnect strings in ConnectPro.

Use SSL

Uses SSL/TLS to encrypt the information sent to the host. There is no additional software needed for SSL/TLS on Android devices, but the host must be configured for SSL/TLS.

Use Custom Encryption

Uses a Ivanti custom encryption method to encrypt the connection to the ConnectPro server. When you use custom encryption, provide an encryption key in the Key field below.

Key

Specifies a custom encryption key.


Was this article useful?    

The topic was:

Inaccurate

Incomplete

Not what I expected

Other