IMPORTANT
Action required: Apply the fix for SNS firewall disks.
Please follow the procedure described in the How to update my SSD Firmware - Stormshield Knowledge Base article (authentication required).
Automation
SN VPN Client Exclusive can perform automated actions for each VPN tunnel, such as switching to a fallback tunnel, opening the tunnel automatically if certain criteria are met, running batches or scripts at various stages while opening or closing a tunnel, etc.
These automated actions can be performed on any type of tunnel: IKEv2 and SSL.
These automated actions are configured for each tunnel type on the Automation tab of the corresponding tunnel: Child SA (IKEv2) or TLS (SSL).
Tunnel fallback
Refer to chapter Fallback tunnel.
Automatic Open mode
|
Automatically open this tunnel when VPN Client starts after logon |
The tunnel will automatically open when the VPN Client is started. |
|
Automatically open this tunnel when USB stick is inserted |
If the tunnel is part of a configuration on a USB drive (see chapter USB mode), it will automatically be opened when the USB drive is inserted. If the tunnel is configured with a certificate stored on a smart card or token, it will automatically be opened when the smart card or token is inserted. |
|
Automatically open this tunnel on traffic detection |
The tunnel will automatically open when traffic is detected that is heading towards an IP address on the remote network. |
GINA mode
|
Enable before Windows logon |
This option specifies that the VPN connection can be opened before the Windows logon: it appears in the GINA connections window (refer to chapter GINA mode below). |
|
Automatically open this tunnel when GINA starts at logon |
When this option is enabled, the tunnel will automatically open before the Windows logon. This option is enabled if the option Enable before Windows logon is selected. |
Scripts
|
Before tunnel opens |
The specified command line is executed before the tunnel opens. |
|
When tunnel is opened |
The specified command line is executed as soon as the tunnel is open. |
|
Before tunnel closes |
The specified command line is executed before the tunnel closes. |
|
After tunnel is closed |
The specified command line is executed as soon as the tunnel is closed. |
The command lines can be as follows:
-
Calling a “batch” file, e.g. C:\vpn\batch\script.bat
-
Running a program, e.g. C:\Windows\notepad.exe
-
Opening a web page, e.g. https://my.site
-
etc.
There are many possible applications, such as the following:
-
Creating a semaphore file when the tunnel is open, so that a third-party application can detect the instant when the tunnel is open
-
Opening one of the company’s intranet servers automatically once the tunnel is open
-
Cleaning or checking a configuration before opening the tunnel
-
Checking the workstation (antivirus is up-to-date, correct versions of applications, etc.) before opening the tunnel
-
Automatic cleaning (file deletion) of a workspace on the workstation before closing the tunnel
-
Application for counting openings, closings, and durations of VPN tunnels
-
Changing the network configuration, once the tunnel has been opened, then restoring the initial network configuration once the tunnel has been closed
-
etc.
NOTE
Scripts cannot be configured for a tunnel configured in GINA mode. Data entry fields are disabled.