(v12.0.9282.38904 started 2025-05-31 19:45:03 on VM2)
ClickOnce Support for VPN Clients: Only for .NET Framework builds!
This can be seen as an easy to use VPN client solution with following advantages: - Easy installation and update. - High security by using certificates. - The user can see all available connections and their status. - Central management.
Hints to configure the authentication options can be found here.
To activate ApplicGate as VPN client following parameters may be specified in the URI (for ClickOnce or network depolyment) or ApplicGate.ini (for local deployment):
Required parameter: - server=node:port... IP address or DNS name and port of the central ApplicGate server, port is optional, default is 443
For authentication one of these parameters can be selected (default is sslcc=Prompt:*): - sslcc[=sslccparameter] ... certificate selection, same parameter as for keyword SSLCC, default is "Prompt:*" -- If sslcc=None ... no certificate selection and no authentication at the server - radius=[username][!password]... use RADIUS and specify optional default values, same parameter as for keyword RADIUSC - sslcc2:sesam[=comx!pin!slot] ... se.SAM crypto processor from Sematicon AG, same as keyword SSLCC2:sesam, default is "com4!P01!0" - totp=[email][!SecurityID] ... use TOTP and specify optional default values, same parameter as for keyword TOTP - otp=[email][![SecurityID][!mode]] ... use TOTP and specify optional default values, same parameter as for keyword OTP - fido2=[email][!SecurityID]... use FIDO2 and specify optional default values, same parameter as for keyword FIDO2 - oa2[=provider] ... OAuth 2.0 authentication with the specified provider (optional), same as keyword OA2
Optional parameters: - servercheck[=issuer] ... to check the certificate of the server, same values as parameter issuer in keyword SSLTARGET - browser=browsername ... start web browser (default: browser=Edge) -- Supported browsernames are: Edge, Firefox, IE, ApplicGateWebView -- The browser will be started after the autologon session has been completed. -- If the browsername ends with the character '!': The browser will be started as soon as possible. - cifs ... same as keyword CIFS - defcmd=command ... default is uidall - log=logvalue ... one digit log level (0-4), if negativ: log will be shown in start window also (default is 1) - manage=[http[s]://]ipaddress:port ... address to manage ApplicGate (default is 127.0.0.1:12321). If OAuth 2.0 authentication or https is selected, the ipaddress must be 127.0.0.1 - proxy=node:port ... web proxy for connection - rdpd=drives ... list of drive letters, same as keyword RDPD - rulenet=rulenet ... same as keyword RULENET - scsh ... same as keyword SCSH - selacc ... force account selection when authenticating via OAuth 2.0 - title=title ... Title to display at the management interface - update=[version][!auto[restart]] ... same as keyword UPDATE, only for local deployment, ignored for network deployment because here the update feature is included automatically.
Note: Some parameters can be defined via a central policy
Example of an URI to load ApplicGate via ClickOnce: https://www.mycomp.com/publishAG/ApplicGate.application?server=rsp.mycomp.com:442&title=MyCompany_RSP ... with default setting sslcc=Prompt:* These parameters are stored in an isolated storage to be used when ApplicGate is started via the Windows start menu or desktop shortcut. They can be changed by a new load via URI or via menu "Stop & Restart", "Change ClickOnce parameters an restart".
Remark: ClickOnce is supported by the web browsers IE and Edge. When using Edge for an initial installation, ClickOnce must be enabled: Enter edge://flags/#edge-click-once into the address field of Edge.
Detailed description of ClickOnce: - The necessary files (ApplicGate.exe, manifests etc.) have to be stored in a web storage you chose. - Installation behaviour can be changed using mageui.exe (code signing certificate is necessary for update). - Installation and first start is done by entering the URI (example above) into the web browser (e.g. Edge): -- The local ApplicGate installation starts an autologon client connection: -- The user will be prompted to select a client certificate (list will be generated according to the email parameter in the URI). -- The connection to the server will be established (parameters server and port are used) and the routing entries will be downloaded (according to the privileges of the user). -- Microsoft Edge will be started and the UID List window will be shown (the title parameter can be used to define a title of the window). -- Now the user can use the remote connections. -- ApplicGate can be stopped by the stop command in the menu. - Additional starts of the ApplicGate client: -- Via the start menu or via the URI above. -- ApplicGate will be updated if there is a newer version available.
Hints for ClickOnce:
ClickOnce logfile (for debugging): Navigate to the node HKCU\Software\Classes\Software\Microsoft\Windows\CurrentVersion\Deployment. Set the string value LogFilePath to the full path and filename of your preferred custom log location. Set the string value LogVerbosityLevel to 1
Deinstallation of ApplicGate ClickOnce installation: Deinstall via Control Panel. If this does not help: 1. Run the ClickOnce Application, Open windows "Task Manager", in "Processes" tab ,find the location of your ClickOnce application. It is always under the "C:\Users\%userprofile%\AppData\Local\Apps\2.0". Then delete the ClickOnce folder. 2. Open Registry Editor, navigate to following Registry Key: HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\PackageMetadata Then delete the clickonce application Registry Key. If you find which belongs to your application, otherwise delete all. 3. Delete references to your application in HKEY_CLASSES_ROOT\Software\Microsoft\Windows\CurrentVersion\Deployment\SideBySide\2.0\Components\
