Page History

SSL VPN - Use Case Description

This demo use case will demonstrate a SSL VPN authentication using a Java Card and the wireless card reader AirID.

For this smart card demo use case we are using a third-party WINDOWS VPN client, the HOB RD VPN. The smart card, provided by the AirID Evaluation-Kit, has been already initialised and personalized with a demo certificate.

1. Please check before you start:

For this use case of WINDOWS Smart Card Logon you will require:

A smart card, JCOP 2.4.1 with an applet (provided with the AirID Evaluation-Kit)
An AirID Version 1, wireless smart card reader (provided with the AirID Evaluation-Kit)
A computer running Windows 10 operating system with Bluetooth LE 4.0 enabled (if BLE is not available onboard, a separate USB Bluetooth LE Adapter will be required). Please use a complete fresh system (clean Windows 10 installation) for this demo use case.
Administrative rights for installing new software on the computer

Tip

Please use this smart card and PINs for SSL VPN demo use case:

User PIN: 123456

2. Initial Installation on Windows 10

This section describes the initial setup and basic configurations on Windows 10 which are required for the Windows based demo use case, provided that no other prior installation has taken place.These steps are not necessary if there is a previous configuration for the document signing or smart card logon use case.

AirID Driver and AirID Central Installation
Bluetooth Pairing

2.1 AirID Driver and AirID Central Installation

Follow the steps below to install the AirID Windows Driver and the AirID Central App.

The AirID Central is a management App for your AirID. The App provides you with information and settings options for your AirID when your AirID is connected to your Windows device.

1. Download the AirID Windows Setup. AirIDSetup_x64_1.0.16.0.msi for a 64- bit system or AirIDSetup_x86_1.0.16.0.msi for a 32-bit system.
2. Double click on the .msi installer file.
3. Follow the instructions in the installation wizard.

The AirID Windows Driver and the AirID Central App have been installed and the next step will be Bluetooth Pairing of the AirID with your computer.

2.2 Bluetooth Pairing

To pair your Windows device with the AirID reader follow these steps:

1. Insert your smart card to power on the AirID reader and activate Bluetooth at the AirID reader by navigating to the connection menu and pressing the jog dial control element. The AirID should display:
2. Open Windows "Settings→ Devices→ Bluetooth→Add new device". Your AirID should be listed with its serial number. Press "Pair"
3. Enter the 6 digit pairing key shown on AirID display
4. After succesful pairing "Pairing success" will be displayed on the AirID

The AirID has been paired with your computer and the next step will be the connection to HOB RD VPN.

Note
If you already paired AirID with another device, please navigate to "Prefered Device" in the AirID menu press the Jog-Dial and choose "new". Then press the Jog-Dial again to confirm.

3. Connecting und Logging in to HOB RD VPN

Follow the steps below to connect to the HOB VPN Server.

1. Open the URL https://certgate.rdvpn.com in a browser of your choice.
2. A certificate request pops up. Accept the certificate ‘certgate-VPN’ by pressing the ‘OK’ button.
3. Enter the smartcard PIN (=123456)
4. The HOB RD VPN landing page appears. You are now successfully logged via wireless 2FA with AirID.

[Screenshot]

1. On the upper menu bar, you will find four buttons: ‘Home’, ‘Settings’, ‘Language’, and ‘Logout’.[Screenshot]
2. Under ‘Bookmarks’ you will find some preconfigured links.The links and what you can find under these you will described in the next chapter.

3.1 HOB RD VPN Features

The secure remote access suite HOB RD VPN makes it possible to securely access enterprise data over the Internet.In our demo use case you have the possibility to access following preconfigured links

-

certgate Website: Redirects to the Certgate website through the secured RD VPN proxy. By clicking the browser’s return button, you will return to the landing page of the HOB RD VPN.

-

HOB Website: Redirects to the HOB website through the secured RD VPN proxy. By clicking the browser’s return button, you will return to the landing page of the HOB RD VPN.

-

HTML5 RDP: Opens an HTML5 RDP connection to a Windows Server 2016.
1. 1. On the desktop of the remote session you will find a document labeled
2. 1. ‘Testdruck’ which can be used for testing printing functionality.
3. 1. You can close the session by right clicking on the Windows icon and selecting
4. 1. ‘Sign out’. Click on the
5. 1. ‘Home’ button to return to the landing page.
6. Fileserver: Opens the WebFileAccess interface. Click on ‘\\target-01.nml2.local\SMB-
7. Share’ on the left side to access the files stored on the fileserver. The files will appear in the main window. To open or download a file, first click to enable the respective checkbox next to the file and click on the download icon [screenshot] in upper menu bar.
On the top right corner click on the ‘Home’ button [screenshot] to return to the landing page.
Under
‘Applications’
‘Applications’ you find some of the preconfigured features of HOB RD VPN for this test environment. After using an application, you can switch to another application by clicking on the menu on the left bar or by clicking the ‘X’ button.
-
- Intranet & Web Applications: Provides a fast and simple path into the enterprise intranet.
-
- Desktops & Applications (Browser): Browser-based client for access to company-internal desktops and applications.
-
- File Systems: See Fileserver above.
-
- Network Access: Opens an SSL VPN fully transparent network tunnel to the intranet. Not configured in this test environment.
You can logout from HOB RD VPN by clicking the ‘Logout’ button.

Notetip

The following browsers have been succesfully tested:

Chrome
Edge
Internet Explorer

Space shortcuts

Page tree

Versions Compared

Old Version 4

New Version 5

Key