home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
chilidog.highland.cc.ks.us
/
chilidog.highland.cc.ks.us.zip
/
chilidog.highland.cc.ks.us
/
backup
/
bradford.20110214.bsc-VPN.tar.gz
/
bradford.20110214.bsc-VPN.tar
/
bsc
/
VPN
/
vpn
/
Readme
< prev
next >
Wrap
Text File
|
2008-04-07
|
4KB
|
66 lines
*******************************************************************************
Note: The only file that needs to be edited is index2.html
*******************************************************************************
index2.html:
- Replace "Hostname" in the line <base href="http://Hostname/vpn/"> with
the appropriate name for the vpn context.
- Replace "Hostname" in the line
<input type="hidden" name="defaultUrl" value="http://Hostname/vpn/Success.html" >
with the appropriate host for the vpn context.
The above changes will be made automatically through use of the
"Portal Configuration" view.
The first link sets the base of the page such that subsequent page
accesses from this page will resolve correctly. The second link, also
automatically set by the portal configuration function, specifies the full URL
of the success page.
As the network administrator, you may change the text in files index.html and
index2.html to customize them for your particular installation. If you choose
to do so, there are a few items that you should take into consideration:
index.html specifies a refresh delay of 5 seconds that delays the redirection
to the VPN redirect page. This delay is to allow sufficient time for the
VPN concentrator to complete the connection for a newly connected client and
for NAC Director/Campus Manager to read and process the connection data. If
this delay is insufficient then the web page redirection occurs prior to the
remote client creation, resulting in the web browser being redirected to
the registration page. Other timing situations can also occur,
such as when users disconnect and reconnect again quickly, whereby stale
clients exist for a short time and cause redirection to a different page
based on the state of the stale client. That is why it is important to specify
a refresh timer interval that is long enought to avoid these timing-related
problems.
You may modify the textual content of index.html to provide sufficient
information to the VPN user about the delay before the redirection.
The error.html page may be displayed under the following circumstances:
1) A VPN client connects, successfully identifies itself and passes any
optional scans. If the VPN user intentionally navigates to the vpn portal page,
the page redirection logic will determine that the remote endstation is a safe,
registered client and will forward the remote user's browser to the error page.
2) A VPN client with a dissolvable agent disconnects and reconnects before
NAC Director has detected and reacted to the change. If the remote user
navigates to a page, there may be a stale client present for some period of
time that appears to be a safe client. If this is the case, it is possible the
user's browser will be redirected to the vpn portal page and the remote
endstation will be considered a safe client for a short period of
time until the system reacts to the change. If so, the user will be forwarded
to the error page, although now the remote endstation is not really safe.
Subsequent refreshes of the page will eventually redirect the user to the
correct Agent Download page.
3) A client with a persistent agent disconnects and reconnects before NAC
Director has detected and reacted to the change. This can also lead to
a race condition that may forward the remote user to the error page temporarily.
For all these reasons,the error page text should instruct the the user
to wait for a few seconds ments and attempt yo browse to a different location
to correct the problem.
You may also customize the Success.html page to reflect that the remote user
now has access to your company network.
