In this article we will illustrate how to use and configure switchboard applications.
There are some built-in applications (RDP,VNC,SSH,Telnet,HTTP,HTTPS) that could be used directly from the Switchboard web portal (client-less VPN) or the Endian Connect APP, and others (Custom) that can run software installed locally on the host where the Endian Connect APP is installed on.
On Endian Switchboard there are some pre-configured Applications and Profiles that you can find under the APPLICATIONS menu.
Two tabs are present when you add or edit an application: Application and Advanced parameters. The latter appears only for some of the Application type available.
There are two important parameters available Open external application and Enable integrated application:
- Open external application parameter could be used when you want to run a software installed locally on the host where the Endian Connect APP is installed on (default when application type is Custom).
- Enable integrated application parameter could be used when you want to run a built-in (RDP,VNC,SSH,Telnet,HTTP,HTTPS) switchboard application from the Endian Connect APP.
You can use some placeholders in the Command path and Command arguments fields.
To know which are available see here.
Custom applications can't be used from the switchboard web portal. You have to establish a VPN connection to the Switchboard using Endian Connect APP to use this kind of applications.
If you need to use a locally installed applications when connected from Endian connect APP just go under the Applications menu and click on Add application. Below an example of a Custom application.
When used, this application will run the executable file configured in Command path field with the arguments configured in the Command arguments field.
This application will establish an RDP connection to the Endoint.
There are two pre-defined RDP applications,one for legacy clients and one for the most recent.
Both applications are configured in the same way except for the Advanced parameters section.
The Application for legacy clients does not use NLA (Network Level Authentication) in the Security option field.
Instead the RDP application for non-legacy clients is set to use NLA (Network Level Authentication).
When NLA (Network Level Authentication) security option is used you must define a Username and a Password for the RDP connection since NLA will require credentials before to establish the RDP connection. To find if your clients are configured to use NLA check this article.
In most recent versions of Windows operating system, the default security parameters for RDP has been changed, therefore the RDP application for most recent clients have to be set to use TLS in the Security option field.
If you do not want to specify Username and password into switchboard Windows RDP application and being able to use Windows login page once connected through RDP, you have to disable NLA into your Windows clients by going into Control Panel -> Systems -> Remote settings and then disable Only allow connections from computers running Remote Desktop with Network Level Authentication (recommended) tickbox.
This application will establish a VNC connection to the VNC server installed on the endpoint.
VNC application could be configured to always ask for a password in the Advanced parameters menu of the VNC application.
With this configuration when you try to access an Endpoint using this protocol you will have to insert VNC password.
It can be also configured to use a predefined password.
In this way no password prompt will be showed.
HTTP/HTTPS applications are configured in the same way, the difference is that one uses TCP port 80 (HTTP) and the other uses TCP 443 (HTTPS). This application will open your default browser to the URL defined in the URL to open filed.
Assign Applications to a Profile
Once you have your applications configured you must assign them to the desired Profile. As for the Applications there are some pre-configured Profiles available that you can find under the Profiles menu.
If you want to create a new Application profile just click on Add profile and type a profile name in the Name filed and select the available applications that you want to associate and press Add.
Assign a profile to an Endpoint
To assign a profile to an Endpoint you need to go under the DEVICES menu and edit/create a Gateway.
Go under the Endpoints menu and under the Application profile column choose from the combo box menu the application profile that you want to assign to an Endpoint.
Then press Change/Add (it depends if you are adding a new gateway or editing an existing one)
If you can't access your endpoints with the desired applications make sure that:
- No Antivirus/Firewall present on the endpoint is blocking the connection.
- Endpoint is configured to route the traffic for the VPN subnet through the Gateway IP address.