locked
UAG. Custom SSLVPNTemplates.xml RRS feed

  • Question

  • Hello,

    I need to run a script on a client when SSL tunnel is disconnected. Basically I need to do some clean up of end-point settings. Right now I'm able to run script when SSL tunnel is connected.

    Does anybody has documentation of flags attribute in exec and config-file nodes? It seems that flags attribute is responsible how execution of configuration is handled on client.

     

    Thanks.

     

    Tuesday, August 2, 2011 6:55 PM

Answers

  • Yes, the scripts will become deleted when the user logs off.

    If you need the clean up script after logoff, then you have to create a copy on the client and move the execution to this new script (script arguments can be used as differentiator).

    -Kai

    • Marked as answer by Erez Benari Friday, August 26, 2011 10:45 PM
    Tuesday, August 2, 2011 8:03 PM

All replies

  • Hi Dima,

    i'm using those two files to run custom scripts on the clients.

    SSLVPNTemplates.xml

    <config> 
    <templates version="3" use-lsp="1"> 
    <template name="SomeScripts" userrights="0" use-with-lsp="yes" win="yes">
    <port id="0" flags="1" ip2relay="1.3.3.7" remoteport="1337"/>
    <config-file flags="1" path="%Temp%\Script.vbs" use-with-lsp="yes">
    
    <![CDATA[
    
    MsgBox "Hello World!", 32, "The answer is 42!"
    
    ]]>
    
    </config-file> 
    <exec exe='WScript.exe %Temp%\Script.vbs' flags="4" param=""/>
    </template> 
    </templates> 
    </config>
    

    WizardDefaultParam.ini

    [Application_List] 
    NumOfApps=1 
    App1=SomeScripts
    
    [SomeScripts]
    Name=Some Scripts
    AppType=1
    InternalApp=0
    Types=1,2
    Image=images/AppIcons/GenericHTTP.gif
    SSLVpnTemplate=SomeScripts
    CanBeInitialApp=0
    AutoLaunch=0 
    CreateEntryLink=1
    ActivateSmugglingProtection=0
    MaxHTTPBodySize=49152
    ContentTypeList=application/x-www-form-urlencoded|multipart/form-data
    

    I figured out those settings a while ago by sniffing the predefined templates and doing a lot of trial and errors. It works nicely, but i still dont the meanings of every flag... :(

    -Kai

     

    Tuesday, August 2, 2011 7:23 PM
  • Hi Dima,

    i'm using those two files to run custom scripts on the clients.

    SSLVPNTemplates.xml

    <config> 
    <templates version="3" use-lsp="1"> 
    <template name="SomeScripts" userrights="0" use-with-lsp="yes" win="yes">
    <port id="0" flags="1" ip2relay="1.3.3.7" remoteport="1337"/>
    <config-file flags="1" path="%Temp%\Script.vbs" use-with-lsp="yes">
    
    <![CDATA[
    
    MsgBox "Hello World!", 32, "The answer is 42!"
    
    ]]>
    
    </config-file> 
    <exec exe='WScript.exe %Temp%\Script.vbs' flags="4" param=""/>
    </template> 
    </templates> 
    </config>
    

    WizardDefaultParam.ini

    [Application_List] 
    NumOfApps=1 
    App1=SomeScripts
    
    [SomeScripts]
    Name=Some Scripts
    AppType=1
    InternalApp=0
    Types=1,2
    Image=images/AppIcons/GenericHTTP.gif
    SSLVpnTemplate=SomeScripts
    CanBeInitialApp=0
    AutoLaunch=0 
    CreateEntryLink=1
    ActivateSmugglingProtection=0
    MaxHTTPBodySize=49152
    ContentTypeList=application/x-www-form-urlencoded|multipart/form-data
    

    I figured out those settings a while ago by sniffing the predefined templates and doing a lot of trial and errors. It works nicely, but i still dont the meanings of every flag... :(

    -Kai

     

    That doesn't solve my need. I need to run a script on disconnect.

    The above code runs script when SSL tunnel is connected. Or I'm wrong?

    Tuesday, August 2, 2011 7:30 PM
  • Hi Dima,

    i'm not aware of a method to trigger scripts while disconnects.

    But you may also start the script before the VPN is launched. Let the script sleep for some seconds, monitor if connection was getting active, sleep some time, monitor if connection was getting disconnected, run the commands to clean up the maschine. 

    -Kai

    • Proposed as answer by Kai Wilke Sunday, August 14, 2011 12:04 AM
    Tuesday, August 2, 2011 7:44 PM
  • Hi Dima,

    i'm not aware of a method to trigger scripts while disconnects.

    But you may also start the script before the VPN is launched. Let the script sleep for some seconds, monitor if connection was getting active, sleep some time, monitor if connection was getting disconnected, run the commands to clean up the maschine. 

    -Kai

    Thanks for the idea.

    I've not tried that in a field, but was thinking about the same approach. I will try it definitely.

    But from my first investigations I see that script is deleted when client is disconnected.

    Tuesday, August 2, 2011 7:50 PM
  • Yes, the scripts will become deleted when the user logs off.

    If you need the clean up script after logoff, then you have to create a copy on the client and move the execution to this new script (script arguments can be used as differentiator).

    -Kai

    • Marked as answer by Erez Benari Friday, August 26, 2011 10:45 PM
    Tuesday, August 2, 2011 8:03 PM