(v12.0.9326.37868 started 2025-07-14 19:06:32 on VM2)
VPN Clients
Configuration, distribution and update is simplified and there is no license necessary. There are two options: - ClickOnce - Local deployment In this VPN client mode there is no groups table and the routing table will be constructed using start paramters. Both options are configured using the same parameters and they can use a central policy.
Hints to configure the authentication options can be found here.
To activate ApplicGate as VPN client following parameters may be specified in the URI (for ClickOnce or network depolyment) or ApplicGate.ini (for local deployment):
Required parameter: - server=node:port... IP address or DNS name and port of the central ApplicGate server, port is optional, default is 443
For authentication one of these parameters can be selected (default is sslcc=Prompt:*): - sslcc[=sslccparameter] ... certificate selection, same parameter as for keyword SSLCC, default is "Prompt:*" -- If sslcc=None ... no certificate selection and no authentication at the server - radius=[username][!password]... use RADIUS and specify optional default values, same parameter as for keyword RADIUSC - sslcc2:sesam[=comx!pin!slot] ... se.SAM crypto processor from Sematicon AG, same as keyword SSLCC2:sesam, default is "com4!P01!0" - totp=[email][!SecurityID] ... use TOTP and specify optional default values, same parameter as for keyword TOTP - otp=[email][![SecurityID][!mode]] ... use TOTP and specify optional default values, same parameter as for keyword OTP - fido2=[email][!SecurityID]... use FIDO2 and specify optional default values, same parameter as for keyword FIDO2 - oa2[=provider] ... OAuth 2.0 authentication with the specified provider (optional), same as keyword OA2
Optional parameters: - servercheck[=issuer] ... to check the certificate of the server, same values as parameter issuer in keyword SSLTARGET - browser=browsername ... start web browser (default: browser=Edge) -- Supported browsernames are: Edge, Firefox, IE, ApplicGateWebView -- The browser will be started after the autologon session has been completed. -- If the browsername ends with the character '!': The browser will be started as soon as possible. - cifs ... same as keyword CIFS - defcmd=command ... default is uidall, use uidallb for brief display of UID list - log=logvalue ... one digit log level (0-4), if negativ: log will be shown in start window also (default is 1) - manage=[http[s]://]ipaddress:port ... address to manage ApplicGate (default is 127.0.0.1:12321). If OAuth 2.0 authentication or https is selected, the ipaddress must be 127.0.0.1 - proxy=node:port ... web proxy for connection - rdpd=drives ... list of drive letters, same as keyword RDPD - rulenet=rulenet ... same as keyword RULENET - scsh ... same as keyword SCSH - selacc ... force account selection when authenticating via OAuth 2.0 - title=title ... Title to display at the management interface - update=[version][!auto[restart]] ... same as keyword UPDATE, only for local deployment, ignored for network deployment because here the update feature is included automatically.
Note: Some parameters can be defined via a central policy
