Solution1 Policy

Policy Walk-Through


  1. A user enters their credentials into the logon page agent. - Those credentials are collected, stored as the default system session variables of session.logon.last.username and session.logon.last.password.

  2. The AD Auth Agent validates the username and password session variables against the configured AD Domain Controller.

  3. The user is assigned resources defined in the Advanced Resource Assign Agent

  4. The user is granted access via the Allow Terminal

  5. If unsuccessful, the user proceeds down the fallback branch and denied access via the Deny Terminal

Policy Agent Configuration

The Logon Page contains only the default setting


The AD Auth agent defines the AAA AD Servers that a user will be authenticated against. All Setting are the default.


The Advanced Resource Assign agent grants a user access to the assigned resources.


Supporting APM Objects

Network Access Resource

The Properties page contains the Caption name VPN. This is the name displayed to a user.


  • The Network Settings tab assigns the lease pool of ip addresses that will be used for the VPN.

  • Split Tunneling is configured to permit only the subnet range inside the VPN.


Lease Pool

A single address of is assigned inside the lease pool.


Webtop Sections

A single section is configured to display a custom name.



  • A Full Webtop was defined with modified default settings.

  • The Minimize to Tray box is checked to ensure the Webtop is not displayed when a user connects to the VPN.


The Policy from a user’s perspective

  1. The connects to with the following credentials

    • Username: user1

    • Password: user1


  1. Once authenticated the user is presented a Webtop with a single VPN icon.


  1. Assuming the VPN has already been installed the user is notified that the client is attempting to start


  1. A popup opens displaying the status of the VPN connection. The status will eventually become Connected