Version 9.6 AT&T Global Network Client Administrator’s Guide © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Images are shown for illustrative purposes only; individual experience may vary.
AT&T Global Network Client for Windows Administrator’s Guide Notice Every effort was made to ensure that the information in this document was complete and accurate at the time of publication. However, information is subject to change. Microsoft Public License The Application uses Open Source Software that is licensed under the Microsoft Public License (the “License”). You may not use this file except in compliance with the License. You may obtain a copy of the License at http://dotnetzip.codeplex.
AT&T Global Network Client for Windows Administrator’s Guide Notice ............................................................................................................................................................................ 2 Microsoft Public License ................................................................................................................................................ 2 Overview .......................................................................................
AT&T Global Network Client for Windows Administrator’s Guide AT&T T6 Client ............................................................................................................................................................. 21 Configuration ............................................................................................................................................................... 22 The Connection Sequence .........................................................................
AT&T Global Network Client for Windows Administrator’s Guide User Preference ........................................................................................................................................................... 40 AutoConnect Feature .................................................................................................................................................. 40 Software Updates ........................................................................................
AT&T Global Network Client for Windows Administrator’s Guide Customizing Your Password Rules............................................................................................................................... 61 Changing the Installation Directory............................................................................................................................. 61 Changing the Application Name ..............................................................................................
AT&T Global Network Client for Windows Administrator’s Guide Keyboard Navigation ................................................................................................................................................... 77 Extended Access........................................................................................................................................................... 78 Extended Access and AT&T Business Internet Service (BIS) ................................................
AT&T Global Network Client for Windows Administrator’s Guide NAT Traversal .............................................................................................................................................................. 92 Configuring UDP Encapsulation................................................................................................................................... 92 Cisco Passwords...............................................................................................
AT&T Global Network Client for Windows Administrator’s Guide AT&T Administration Server Client Configuration Values ......................................................................................... 104 Additional Service Information ................................................................................................................................. 113 Appendix B: Supported Mobile Devices....................................................................................................
AT&T Global Network Client for Windows Administrator’s Guide Overview The AT&T Global Network Client is a program that enables your Windows computer to easily connect to the Internet or your company’s private network. Using this Document This document is intended for IT professionals that are deploying the AT&T Global Network Client to their employees, or IT professionals that wish to gain a better understanding of the administration of AT&T remote access services.
AT&T Global Network Client for Windows Administrator’s Guide Your Network Service AT&T enterprise mobility consists of a portfolio of managed services for remote access, VPN, and endpoint security. AT&T provides the service and the support for your managed network service; however, account administration and user configuration is controlled by you, the Customer Account Administrator, for all users associated with your account.
AT&T Global Network Client for Windows Administrator’s Guide Lightweight Policy Enforcement AT&T Lightweight Policy Enforcement (LPE) is an optional service which performs basic application monitoring and can be customized by the Customer Account Administrator at installation time. Authentication Types AT&T allows each customer to select the type of authentication engine implemented for users of their account. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide AT&T Authentication Server Many customers allow AT&T to manage their user authentication via the AT&T authentication server (a.k.a. AT&T Service Manager). You, as the Customer Account Administrator, can define and administer the users within your account using central tools. RADIUS It may be possible for the AT&T authentication server to interface with your RADIUS server for user authentication.
AT&T Global Network Client for Windows Administrator’s Guide AT&T Global Network Client Overview The AT&T Global Network Client is software that allows Windows computers to easily access the Internet and your company’s private network from many locations around the world. It provides a simple, powerful interface designed to automatically detect and connect over mobile, Wi-Fi, broadband, dial, and ISDN networks.
AT&T Global Network Client for Windows Administrator’s Guide Preparing for Installation System Requirements The AT&T Global Network Client and its components are supported* on the following operating systems and hardware. (The AT&T Global Network Client may function properly on other operating systems and lesser hardware, but it is not formally tested or supported): Operating System Software Hardware Windows® Vista Windows Installer 3.
AT&T Global Network Client for Windows Administrator’s Guide Requirements for Installation & Use Before starting the AT&T Global Network Client installation and setup, verify you have the information required in the following checklist. If you are missing any information, please contact your Customer Account Administrator. • • • Administrator rights to install or upgrade Your Windows install media (CD or installed MSI files) may be required.
AT&T Global Network Client for Windows Administrator’s Guide Installation The AT&T Global Network Client installation is packaged using Microsoft Windows Installer and InstallShield® 20132 and can be installed and updated locally. Terminology specific to Windows Installer is used in this document and a basic knowledge of Windows Installer is useful when administrating the installation of the AT&T Global Network Client package.
AT&T Global Network Client for Windows Administrator’s Guide Obtaining the AT&T Global Network Client The AT&T Global Network Client is distributed through a public Internet download. If you have previously installed from a private FTP/Intranet download location you may be using a custom version of the AT&T Client; contact your Customer Account Administrator to request an updated version. Two different installation packages are available for download. The single file executable (.
AT&T Global Network Client for Windows Administrator’s Guide Local Installation A local installation is initiated by the user on the target machine by executing one of the AT&T Global Network Client installation packages.
AT&T Global Network Client for Windows Administrator’s Guide Selecting Your Language Support The AT&T Global Network Client automatically installs support for running in English, French, German, and Spanish. If the installation is being performed on a Japanese version of the operating system, the installation will also install support for running in Japanese3. Installing the files necessary to support English is required. Support for other languages is configurable using the Custom installation path.
AT&T Global Network Client for Windows Administrator’s Guide AT&T T6 Client The AT&T T6 Client provides support for IPv6. IPv6 is designed to succeed IPv4, the current version of Internet Protocol. The AT&T Global Network Client does not automatically install the AT&T T6 client. Use the Custom installation path to install the AT&T T6 client. Figure 4: Install T6 For a complete description of the AT&T T6 Client please see Appendix E. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Configuration Most users are able to establish a connection with no manual configuration prior to their first connection attempt, benefitting from the AT&T Global Network centralized administration and the AT&T Global Network Client automatic connection feature.
AT&T Global Network Client for Windows Administrator’s Guide Figure 7: Main Window with Dial Connection Shown If a connectivity type is unavailable, the panel for that connectivity type will be disabled and will appear grayed out. Figure 8: Connection Panel with Unavailable Connection Methods If you would prefer to select a specific connectivity method to use for the connection attempt, click on the smaller green Connect button beneath the method desired, e.g. Wi-Fi. © 2015 AT&T Intellectual Property.
AT&T Global Network Client for Windows Administrator’s Guide Automatic Prompting for Configuration during Dial Connections After you click Connect on the Main Window, the AT&T Global Network Client will prompt you for information required for a connection. For dial connections, the Browse Dial Directory window will prompt you to select a phone number using your location information. Figure 9: Browse Dial Directory Select your country using the Country drop down list.
AT&T Global Network Client for Windows Administrator’s Guide Figure 10: Network Login Window Once entered, your Account and User ID will automatically be stored for future connections. Your Password will be stored only if you click the checkbox next to Save Password. Customer Account Administrators can customize the AT&T Global Network Client so the Save Password option is not available.
AT&T Global Network Client for Windows Administrator’s Guide Advanced Configuration Central Configuration The AT&T Global Network Client interfaces with the AT&T administration server to retrieve values set by you, the Customer Account Administrator. Central Configuration Simplifies Client Administration: Review all centrally configured values prior to distribution of the AT&T Global Network Client.
AT&T Global Network Client for Windows Administrator’s Guide Figure 12: Login Properties Window Profile Manager Use the drop down box to activate an existing profile. Click New… to create a new profile. Click Rename to rename a profile. Click Remove to delete a profile. Network Services Click Configure… to change the Account, User ID, or Network Service. Your default network service is the service defined in the AT&T administration server for your specified Account and User ID.
AT&T Global Network Client for Windows Administrator’s Guide Figure 13: Configure Network Services Screens Servers DNS, WINS, and Domain Suffix configuration information is normally stored in the AT&T administration server. The AT&T Global Network Client automatically retrieves the values and updates the device to use the supplied values throughout the connection. Click Configure… to to verify or define your server information.
AT&T Global Network Client for Windows Administrator’s Guide Figure 15: Server Configure - Windows Logon Window Preferences Preferences define the settings for your connection. Preferences are organized by AT&T Global Network Client Profile. For more information about profiles see Profile Management in this guide. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Figure 16: Login Properties - Preferences Window Autostart Autostart allows you to define programs to automatically launch at any of the following times: • • • • • Before Connecting After Connecting After Performing Network Updates Before Disconnecting After Disconnecting Autostart settings are organized by AT&T Global Network Client Profile. For more information about profiles see Profile Management earlier in this chapter of this guide.
AT&T Global Network Client for Windows Administrator’s Guide Click the Add…, Change…, and Remove buttons to configure the program information. Click on the arrow buttons to move a program up and down in the launch order.
AT&T Global Network Client for Windows Administrator’s Guide Figure 18: VBScript File Location and Name Programs The Programs tab allows you to specify which programs will be configured when connected to the network. Temporary updates are useful to eliminate or reduce the manual configuration needed before using the programs. The update values can be defined in the AT&T administration server by the Customer Account Administrator. No values are defined by default.
AT&T Global Network Client for Windows Administrator’s Guide For example, using the Programs tab, you can remove Microsoft Internet Explorer proxy settings while connected by clicking Override Defaults, selecting Microsoft Internet Explorer, clicking Settings, clicking to highlight Auto-Proxy URL, clicking Manually update to, and leaving the Auto Proxy URL to use field blank. Timeouts The AT&T Global Network Client supports two variations of Timeouts which can be configured by clicking Override defaults.
AT&T Global Network Client for Windows Administrator’s Guide Connection Features The AT&T Global Network Client accommodates common transitions in network connectivity when users roam between networks or locations. Persistent Connections When enabled, the Persistent Connections feature will automatically connect or reconnect the AT&T Global Network Client with little or no user interaction. Persistent Connections can be used with all AT&T services as well as credential-less connections.
AT&T Global Network Client for Windows Administrator’s Guide Persistent Connection Mode When the Persistent connection mode property in the Login Properties dialog is disabled, a Persistent Connection will not be supported regardless of the value of the Persistent Connection Mode option in AT&T administration server. The Persistent connection mode uses broadband, Wi-Fi or Mobile connections.
AT&T Global Network Client for Windows Administrator’s Guide When this checkbox is checked, the installation program will: • • • Create a shortcut to the AT&T Global Network Client executable in the All Users Startup folder. Enable the Minimize main window to system tray checkbox in the When this program starts section of the Preferences tab of Login Properties.
AT&T Global Network Client for Windows Administrator’s Guide VPN Mobility can only be supported using an AT&T SIG VPN Server as the tunnel terminating device for AT&T VPN Tunneling Services or the AT&T VIG with the AT&T Network-Based IP VPN Remote Access service. VPN Mobility can only be supported using single-sign-on as the authentication method. VPN Mobility will not work if the device enters the low power/hibernation state.
AT&T Global Network Client for Windows Administrator’s Guide Figure 22: Login Properties/VPN Mobility The VPN Mobility Network Interface Prioritization dialog allows the definition of the preference. Click OK to save. Figure 23: VPN Mobility Interface Prioritization © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
AT&T Global Network Client for Windows Administrator’s Guide It is important to note that when a custom network prioritization is defined, the VPN connection will automatically be moved to the highest priority network interface even if the current network interface is still available. User Preference The user can be given the option to disable the use of VPN Mobility for one or more profiles using the Operate in VPN Mobility mode property on the VPN Mobility tab of the Login Properties dialog.
AT&T Global Network Client for Windows Administrator’s Guide safeguard against switching to AT&T's Wi-Fi in a drive-by/drive away siutation and losing your existing session altogether. The switch can be automatic or prompted depening on the Prompt to switch setting. Advanced reconnect settings allow you to control how the Autoreconnect will happen: Automatically, Prompt or after the VPN session times out.
AT&T Global Network Client for Windows Administrator’s Guide Software Updates The AT&T Global Network Client is designed to automatically attempt to update the following components after initial installation and on regular intervals thereafter: • • • • • Hotspot Directory (Wi-Fi locations, phone numbers, etc.
AT&T Global Network Client for Windows Administrator’s Guide If an update is available, the download is initiated. Downloads in the background run at low priority and only occur when the workstation is idle. A system tray icon will be displayed when checking or retrieving and installing updates. If the user holds the mouse pointer over the icon, the current status of the operation will be shown.
AT&T Global Network Client for Windows Administrator’s Guide Figure 25: Software Updates Window The Software Updates window will list the components and the version information. If an update is available, the component will be checked. Click Download checked items… to complete the update process. All checked components will be updated. Feature Specific Updates Some of the features of the AT&T Global Network Client can be updated independently of the AT&T Global Network Client.
AT&T Global Network Client for Windows Administrator’s Guide Uninstall Local Uninstall The AT&T Global Network Client is removed via the Windows Control Panel, Programs and Features option. Figure 26: Programs and Features Window Uninstall The Programs and Features Uninstall option is not supported for the AT&T Global Network Client; to uninstall click Change and follow the directions below.
AT&T Global Network Client for Windows Administrator’s Guide Program files will be removed. You can also select which user settings are removed. Select Leave all user settings on the computer. (default) to leave user information such as account and user ID as well as profile information on the computer. Select Remove only my user settings to remove only the settings stored for the current user.
AT&T Global Network Client for Windows Administrator’s Guide Click Remove to continue. Figure 30: Remove the Program Warning Click Finish. Figure 31: Removal Complete Reboot May Be Required: You will be prompted if you must reboot your workstation after removing the AT&T Client. © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
AT&T Global Network Client for Windows Administrator’s Guide Remove Warning The AT&T Global Network Client cannot be removed while it is running. If you attempt to remove the AT&T Global Network Client when it is running you will receive an error. Figure 32: Client Running, Remove Warning Window Remote Uninstall If you used a desktop software management server to distribute the AT&T Global Network Client, you may be able to use the server to remove the package.
AT&T Global Network Client for Windows Administrator’s Guide Customizations The AT&T Global Network Client can be customized by you, the Customer Account Administrators to streamline setup and define specific features for your users. Advanced Customizations Using Windows Installer The AT&T Global Network Client installation is packaged using Microsoft Windows Installer and InstallShield® 2013. The installation of the AT&T Global Network Client can be customized.
AT&T Global Network Client for Windows Administrator’s Guide APD-AP Hotspot Directory Database for Asia Pacific APD-PRC Hotspot Directory Database for People’s Republic of China APD-DIAL Directory Database for Global Dial Locations PLAP Provides the ability to connect to the network before logging onto Windows 7 and Windows 8. This feature can be seen by selecting Custom Installation Path in any Edition.
AT&T Global Network Client for Windows Administrator’s Guide Public Properties The installation packages contain a number of public properties that can be set on the command line or within a transform. The properties in the table below govern some behaviors of the setup. Important Note: Some public properties should not be used along with the CONFIG_FILE public property. Some public properties (noted with “Use XML”) will generate a config.xml which will be overwritten by the CONFIG_FILE.
AT&T Global Network Client for Windows Administrator’s Guide Property CONFIG_FILE Use XML Intended Use & Value Information This property can be set to the name of an xml file which contains the settings for a Trusted LAN configuration or Client Profiles configuration. If a full path is not specified, the installation package will look for a file in the same directory as the installation source. See page 62 for customizations in the CONFIG_FILE section for more information.
AT&T Global Network Client for Windows Administrator’s Guide Property Use XML Intended Use & Value Information FIREWALL_STATE Set this property to “on”, “off” or “disabled” on the command line to control the initial state of the AT&T Global Network Client Firewall. Setting the state to “on” defaults the AT&T Global Network Client Firewall on causing it to discard unsolicited traffic. Setting the state to “off” causes the AT&T Global Network Client Firewall to allow all traffic.
AT&T Global Network Client for Windows Administrator’s Guide Property Use XML LPE_OS_RANGE X Intended Use & Value Information Set this value to prevent connections on specific Operating Systems. Use the numeric version of an Operating System(s) you wish to block. Example: Windows Vista through Windows 7 RTM: LPE_OS_RANGE=6.0.6000-6.1.7600 Note: The LPE feature does not need to be installed.
AT&T Global Network Client for Windows Administrator’s Guide Property PROFILENAME PROGRAM_GROUP Use XML X Intended Use & Value Information Used to specify the profile name for a pre-configured profile Set this property to full path to the start menu program group (i.e. C:\Documents and Settings\\Start Menu\Programs\Group Name) in order to specify an alternate Program Group for the installation.
AT&T Global Network Client for Windows Administrator’s Guide Property Use XML Intended Use & Value Information SHOW_DIAL Set this to “1” for the AT&T Global Network Client to show the Dial Connection. By default, the Dial method of connecting is not shown. Default: “0” SKIPWINLOGONCHECK Set this property to “1” to bypass the check for the install running on the WinLogon desktop.
AT&T Global Network Client for Windows Administrator’s Guide AT&T Global Network Client Desktop NetClient.exe AT&T Global Network Client [ProgramMenuFolder]AT&T Global Network Client NetClient.exe Customer Support [ProgramMenuFolder]AT&T Global Network Client NetHelp.exe Firewall Settings [ProgramMenuFolder]AT&T Global Network Client NetFW.exe © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Common Windows Installer Properties Network administrators frequently deploy applications via a command line or with a transform. Properties can be set in a transform and on the command line, as well. Property ADDLOCAL Example ADDLOCAL=PLAP Intended Use List the features you want to install locally, separated by commas. INSTALLDIR INSTALLDIR=C:\Program Files\AT&T Global Network Client The main installation directory for the product.
AT&T Global Network Client for Windows Administrator’s Guide Example Command Line Customizations Example Silent installation with a Desktop Shortcut Command msiexec /i agnc.msi /qb Silent installation with No Desktop Shortcut msiexec /i agnc.msi DESKTOP_SHORTCUT="" /qb Install only specific Mobile Drivers msiexec /i agnc.msi ADDLOCAL=Net_Client,ATTBeamDrivers/qb! Completely Silent Installation5 msiexec /i agnc.msi /qn Installation with logging msiexec /I agnc.msi /l*v install.
AT&T Global Network Client for Windows Administrator’s Guide standard AT&T Global Network Client Installer package should also apply to AT&T Global Network Client packages that have been customized with a transform if the transform has been implemented correctly. To preserve as much as possible of the typical behavior of the standard Windows Installer package, your transform should make as few changes as possible.
AT&T Global Network Client for Windows Administrator’s Guide Item Notes included with the package. ProductName property Start menu folder Names of shortcuts The selection states of features, such as GINA Whether various dialogs appear in the UI Captions on the dialogs This change also requires additional database files provided by AT&T via a customization that must be included with the package. The installation of additional files (i.e.
AT&T Global Network Client for Windows Administrator’s Guide Updating Files Use patches or upgrades to update files that exist in the original setup. Do not use a transform to cause the setup to install newer files than were in the original setup because that will make the transform invalid for future versions of the setup. Customizing Your Password Rules Password rules are contained in the file “passwordrules.chm”. The “Never Overwrite” property for the component that installs the file “passwordrules.
AT&T Global Network Client for Windows Administrator’s Guide Customization Using a config.xml File If you require more than a few simple customizations for your deployment which can all be accommodated using Windows Installer public properties, you can use a config.xml file to specify all of your customization and configuration. If you are using a config.xml file for your customization, place all of your customizations in the file and do not use Windows Installer public properties at the same time.
AT&T Global Network Client for Windows Administrator’s Guide There is one exception to the Trusted Domain Configuration; regardless of the Connection-specific DNS Suffix, if a VPN session is established the firewall is enabled on all interfaces. Trusted Domain Configuration The Trusted Domain Customization uses a Windows Installer public property to specify the list of Trusted Domains.
AT&T Global Network Client for Windows Administrator’s Guide Specific values in each heading (RECID, LNKUSER, LNKPROFILE, FLGSZNAME, …) are required and should not be changed. Required values are shown in bold in the example below. In the example below Profile 2001, User 2001, define a basic profile. SZNAME defines the name of the profile.
AT&T Global Network Client for Windows Administrator’s Guide My Imported Profile 2001 400 1 2002 My Second Profile 2002 2002
AT&T Global Network Client for Windows Administrator’s Guide 2001 My Imported Profile 2001 400 1 Y Y
AT&T Global Network Client for Windows Administrator’s Guide Network Login Option Customizations Figure 35: Network Login Options Many customers need to set the options for the login properties dialog.
AT&T Global Network Client for Windows Administrator’s Guide Password Format Value options are: “1” for Regular Password “2” for Pin and Token HKEY_LOCAL_MACHINE\SOFTWARE\AGNS\NetClient\Settings\LoginOptions PasswordFormat 2 Other Network Login Options PasswordMinChars To set the password minimum characters option. Any valid numeric can be used.
AT&T Global Network Client for Windows Administrator’s Guide Limiting Connections Per Operating System If more than one range of Operating systems need to be defined, then the config.xml will have to be used instead of the LPE_OS_RANGE putblic property. The following example would allow Vista SP2, Windows 7 SP1 through Windows 8 Update 1. PAGE 70AT&T Global Network Client for Windows Administrator’s Guide Figure 36: Disabled Connect Button If the user is connected to the internet and then connects to their corporate network, they can be prompted to disconnect their VPN session. Figure 37: Prompt to Disconnect when Work Network is detected © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
AT&T Global Network Client for Windows Administrator’s Guide Defining Networks and Corresponding Actions The Network Awareness customization requires central configuration; the Network Awareness field in the AT&T administration server must be set to “Y”. Refer to Appendix A: Central Configuration for additional information about central configuration. This customization requires you to define the network(s) by creating a NetworkAwarness.xml file.
AT&T Global Network Client for Windows Administrator’s Guide The table below defines the settings configurable using the NetworkAwareness.xml. Stanza network_location Description A brief description of network – this is displayed on the AT&T Global Network Client user interface so the name should be kept short to preserve readability. ONLY ONE network_location stanza may be defined in the NetworkAwareness.xml file.
AT&T Global Network Client for Windows Administrator’s Guide Stanza Description dns_suffix_list, wins_server_list). Default: “OR” Approved Mobile Device Customization The Approved Mobile Device customization provides the ability to define a list of approved mobile devices with which your users can connect using the AT&T Global Network Client. The following registry key is required: HKLM\Software\AGNS\NetClient\WAN\AllowedDevices The key must be created as a multi-string registry key at installation time.
AT&T Global Network Client for Windows Administrator’s Guide Figure 38: Network Login Option Customization Customizing Default Login Options The default login options can be customized by configuring them in the Windows registry. Default login options can be stored in the HKEY_LOCAL_MACHINE registry branch. User modified options are stored in the HKEY_CURRENT_USER registry branch and take precedence over the default values.
AT&T Global Network Client for Windows Administrator’s Guide © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Images are shown for illustrative purposes only; individual experience may vary.
AT&T Global Network Client for Windows Administrator’s Guide Customization Services Customization services, including advanced customization support, can be supplied by AT&T. Dynamic and centrally managed customizations are available. Please contact your AT&T Account Representative for additional information. If they are not familiar with the customization services, have them refer to an AT&T Intranet site: https://olympus.labs.att.
AT&T Global Network Client for Windows Administrator’s Guide Please note the file does not allow you to change the priorities of non-WMB SDKs relative to each other. Those stay fixed irrespective of any change done to the file. Accessibility Features The AT&T Global Network Client complies with US regulations to support accessibility for persons with disabilities, including Section 508 regulations.
AT&T Global Network Client for Windows Administrator’s Guide Extended Access Extended Access is an AT&T service feature that allows remote users to access the network through local points of presence (PoPs) that are owned and managed by another Internet Service Provider (ISP) that is an AT&T partner. Extended Access provides local access in over 143 countries where AT&T does not have PoPs.
AT&T Global Network Client for Windows Administrator’s Guide AT&T Lightweight Policy Enforcement AT&T Lightweight Policy Enforcement (LPE) is an optional service available to AT&T customers using the AT&T Global Network Client for connectivity. AT&T Lightweight Policy Enforcement performs basic application monitoring and can be customized by the Customer Account Administrator at installation time. Installation of the Lightweight Policy Enforcement feature is optional.
AT&T Global Network Client for Windows Administrator’s Guide Specified File To prevent connections based on whether a specific file exists on the user's system, use the LPE_FILE Public Property at install time. If the specified file does not exist, then a connection will not be allowed. Registry hive in HKEY_LOCAL_MACHINE To prevent connections based on whether a specific file exists on the user's system, use the LPE_REG Public Property at install time.
AT&T Global Network Client for Windows Administrator’s Guide The Lightweight Policy Enforcement firewall monitoring is used to determine if a firewall is enabled prior to checking for and connecting to free Wi-Fi hotspots. The AT&T Global Network Client will allow the association to potentially free hot spots if any known firewall is running, thus allowing customers to use their own corporate or personal firewall software instead of the AT&T provided firewall.
AT&T Global Network Client for Windows Administrator’s Guide LPE for a Generic Firewall LPE for a Gen
AT&T Global Network Client for Windows Administrator’s Guide 1 201 2 0 1 6472 210 2 202 0 0
AT&T Global Network Client for Windows Administrator’s Guide pn=AgnAnyFirewall,pv=none,pt=fw,pi=none,datver=n,dattime=n 202 0 7 pn=AgnAnyAntiVirus,pv=none,pt=av,pi=none,datver=n,dattime=y
AT&T Global Network Client for Windows Administrator’s Guide Example: Display a warning message for a generic Anti-Virus package and disconnect if not running the Microsoft Windows Firewall. PAGE 86AT&T Global Network Client for Windows Administrator’s Guide 201 0 7 pn=Microsoft Windows Firewall,pv=y,pt=fw,vn="Microsoft Corp.
AT&T Global Network Client for Windows Administrator’s Guide AT&T Global Network Client Firewall The AT&T Global Network Client Firewall is a component of the AT&T Global Network Client which provides basic firewall capabilities. The AT&T Global Network Client Firewall uses the Windows firewall engine for the firewall and fencing.
AT&T Global Network Client for Windows Administrator’s Guide Operating Modes The AT&T Global Network Client Firewall supports three operating modes. Certain modes require configuration in the AT&T administration server. Refer to Appendix A of this guide for more information about configuration options stored in the AT&T administration server. AT&T Global Network Client Firewall values set in the AT&T administration server always take precedence over values set locally using the AT&T Global Network Client.
AT&T Global Network Client for Windows Administrator’s Guide Figure 43: Firewall Settings Window Allowing a user to turn the AT&T Global Network Client Firewall off when not VPN connected may be useful in environments that use enterprise management software to manage computers on a customer LAN since the firewall prevents the management software from having unsolicited access to the target machine.
AT&T Global Network Client for Windows Administrator’s Guide Control List. If an Access Control List is not defined, all traffic is considered VPN traffic. Administrators can also define an Access Control List for their non-VPN interfaces (aka Internet interface). This is known as the Fenced Internet Access Control List. Limitations Beyond the Trusted Domain Customization, the AT&T Global Network Client Firewall policy cannot be customized by the Customer Account Administrator.
AT&T Global Network Client for Windows Administrator’s Guide AT&T VPN Services AT&T offers several advanced VPN services. The information in this chapter represents the most common administration and configuration questions. Using Managed IPSec VPN Services The security rules of the Managed VPN Services may require additional configuration or specific configuration settings to support your network infrastructure.
AT&T Global Network Client for Windows Administrator’s Guide Encryption for IPSec VPN connections Encryption can be configured in the AT&T administration server at the user account lever or sub account level. If values are specified in the AT&T administration server they will override the AT&T Global Network Client’s default proposal behavior. Multiple algorithms can be selected, but the highest supported encryption level will always be proposed first.
AT&T Global Network Client for Windows Administrator’s Guide overridden by a user. To utilize NAT Traversal, this preference must be selected along with configuring the NAT Traversal settings on the VPN endpoint. The AT&T Global Network Client client supports most NAT devices. There are known difficulties when tunneling IPSec traffic through NAT/firewalls which are documented in the following RFC http://www.ietf.org/rfc/rfc3715.txt.
AT&T Global Network Client for Windows Administrator’s Guide Internet Explorer’s root certificate. When a TCP disconnect is detected, the AT&T Global Network Client will reestablish the session without user interaction. Configuring the AT&T Global Network Client to Establish a VPN Connection through a Proxy The AT&T Global Network Client performs these steps in the following order when establishing a VPN connection during the initial authentication request: 1.
AT&T Global Network Client for Windows Administrator’s Guide [CompanyXYZ] default=yes ProxyAddress=1.2.3.4 ProxyPort=8000 UserName= Password= AuthType=0 [CompanyZYX] default=no ProxyAddress=4.3.2.1 ProxyPort=9000 UserName= Password= AuthType=0 … Figure 44: Proxy.INI File Example proxy.
AT&T Global Network Client for Windows Administrator’s Guide Figure 45: Proxy Settings Menu Switching to IPSec Over Dial Connections If your company prefers using IPSec protocol whenever possible, the AT&T Global Network Client can be configured to use IPSec for dial connections. This option requires central configuration and configuration in the AT&T Global Network Client. You must be authorized for both SSL and IPSec services in the AT&T administration server.
AT&T Global Network Client for Windows Administrator’s Guide Network Client IPSec Failover setting to Y. To configure this option in the AT&T Global Network Client, click Settings menu; then Login Properties. Click the Preferences tab; scroll down and click Use SSL Tunneling when an IPSec connection cannot be established in the VPN Details section.
AT&T Global Network Client for Windows Administrator’s Guide IP version preference The AT&T Global Network Client can be configured to prefer an IP version for establishing a VPN connection when connected to an IPv4/IPv6 dual stacked network. The default preference is currently IPv4. This setting is centrally configured through the AT&T administration server. IP version failover Granular control over the number of VPN connection attempts to make with the preferred IP version is supported.
AT&T Global Network Client for Windows Administrator’s Guide Integrating with Third Party Software Although the AT&T Global Network Client contains an integrated VPN client that supports multiple tunnel endpoints, some customers prefer to use a third-party VPN client and use the AT&T Global Network Client to establish an underlying Internet connection. Examples of third party software VPN clients that the AT&T Global Network Client integrates well with are Cisco AnyConnect®8 and NetMotion®9 Mobility XE®.
AT&T Global Network Client for Windows Administrator’s Guide Help/Customer Support Support Forum AT&T offers an on-line support forum for topics related to the AT&T Global Network Client. Access the forum via your web browser at: http://bizcommunity.att.com You must register as a user to access all features of the support forum. You can post questions for AT&T development and support personnel as well as access support documents and presentations via the forum.
AT&T Global Network Client for Windows Administrator’s Guide Frequently Asked Administration Topics Using Digital Certificates for Authentication AT&T offers the use of x.509v3 Entrust and Microsoft digital certificates to authenticate users for Internet and Managed VPN services. AT&T does not create, distribute or maintain user digital certificates. You must support your own digital certificate infrastructure.
AT&T Global Network Client for Windows Administrator’s Guide Figure 48: Network Access Options Troubleshooting Installation The AT&T Global Network Client executable (not MSI file) installation package automatically generates an installation log file and places it in the %temp% folder. The log file name will mimic the installation file name, with .log replacing the installation file extension. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Appendix A: Central Configuration The AT&T administration server stores the configuration information for all users, including service type and service options. The AT&T Global Network Client interfaces with the AT&T administration server to retrieve values set by you, the Customer Account Administrator. The AT&T administration server supports a tiered architecture. You can set values at three levels: Model, Account, or UserID.
AT&T Global Network Client for Windows Administrator’s Guide The AT&T Global Network Client will retrieve the following fields from the Service Manager and save to the user profile: • Default Service • Wi-Fi bitmask • Custom program updates info (ftp server and ftp path) AT&T Administration Server Client Configuration Values Field Info General Service Options Default Activity Threshold Timeout Optional Blank Activity threshold Bytes Optional Authentication Method Value/Behavior Set to number
AT&T Global Network Client for Windows Administrator’s Guide Field Default Service Type12 Info Required Default Value/Behavior 03 = LAN Dial 06 = Internet 07 = Async Terminal Services (ATS) 08 = Async Pass Through 0A = VPEF (VCOM, XPC) 0B = Multi-Protocol Tunneling (MPT, LAN Dial V2) 0C = Fixed IP 0D = Managed Tunneling Service using PPTP (MTS/PPTP 0E = Managed Tunneling Service using PPTP with Multi-Protocol 0F = TCP Clear 10 = Managed Tunneling Service using IPSec (MTS/IPSec) 11 = 3D (Internet, Common
AT&T Global Network Client for Windows Administrator’s Guide Field Domain Name Info Recommended Default Blank Value/Behavior The domain name to be active for the session. Beginning with Version 8.0, setting this value to Blank will remove any previously cached customized value from the AT&T Global Network Client. Domain Search Suffix 1-5 – Optional Blank Up to 5 domain suffixes may be entered to aid in web address searching (for example, att.com). Beginning with Version 8.
AT&T Global Network Client for Windows Administrator’s Guide Field Network Awareness Info Optional Default N Value/Behavior When set the AT&T Global Network Client will use values in the NetworkAwareness.xml file to define actions for networks. (see Network Awareness Customization) Y=Enable Network Awareness and use values in xml file N=Disable Network Awareness, ignore xml file.
AT&T Global Network Client for Windows Administrator’s Guide Field VPN Mobility Duration Info Optional Default 600 Value/Behavior Amount of time in seconds for which a VPN Server will hold VPN Session information after losing connectivity with the AT&T Global Network Client to allow VPN Mobility the ability to reestablish the same session. 0=None 1-9999=Number of seconds.
AT&T Global Network Client for Windows Administrator’s Guide Field Extended Access Allowed Info Optional Default Blank Value/Behavior Y = user is allowed Extended Access N = user is not allowed Extended Access Idle Dial Timeout ISDN auto backup Optional Optional Blank (the value is determine d by the dial gateway) Set to number in range: 1 - 720 for all services except Internet Blank 0 = ISDN Automatic Backup is not allowed Set to number in range: 1 – 35 for Internet service 999 to specify no I
AT&T Global Network Client for Windows Administrator’s Guide Field AT&T Global Network Client IPSec Failover Info Optional Default Blank Value/Behavior Y– Dynamically failover to Transparent Tunneling (SSL-T) service if the IPSec connection fails for any reason.
AT&T Global Network Client for Windows Administrator’s Guide Field IPSec VPN Tunnel Settings Info Default Value/Behavior Set Encryption to: DES Triple DES AES 128 AES 192 AES 256 Set Authentication to: HMAC – SHA1 HMAC – MD5 Set Compression: LZS Negotiate UDP Optional Blank Y = Negotiate UDP Encapsulation N = Do not negotiate © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Field SSL AT&T Global Network Client Allow Proxy – Info This option only works on AT&T VPN Servers (SIG/GIG MTS-IPSec and MTSIPSec DA) connections. You must profile your users for AT&T VPN Tunneling Services SSL, AT&T VPN Tunneling Services IPSec, and Transparent Tunneling (SSL-T). Default Tunnel Dual Access Optional Blank Value/Behavior Y = Dynamically failover to SSL-T service if a proxy is detected.
AT&T Global Network Client for Windows Administrator’s Guide Additional Service Information Business Internet Service An Internet dial service, which gives you multiple email accounts and access to news groups. FixedIP The FixedIP service provides remote access to your company's private Intranet via a network-based VPN to a VPN server on your Intranet. The assigned IP address can be static or assigned from a customerspecific address pool on your VPN server.
AT&T Global Network Client for Windows Administrator’s Guide Appendix B: Supported Mobile Devices AT&T Supported Mobile Devices Device drivers for the following list of devices are available for installation with the Managed VPN Edition of the AT&T Global Network Client. Modem Cards AT&T USBConnect Beam Minimum Version 9.2 Last Client Release Supported AT&T Sierra Wireless AC890 (AC504, Triple Lindy) 8.0.3 9.3.2 AT&T USBConnect 881 Card 7.2.0 8.8.0 AT&T USBConnect Elevate 4G 8.7.0 9.3.
AT&T Global Network Client for Windows Administrator’s Guide Modem Cards Option GT Ultra Express Card Minimum Version 7.2.0 Last Client Release Supported 8.8.0 Option iCon 3.6U5i (322 / Faema / AT&T Quicksilver) 7.5.0 8.8.0 Sierra Wireless AirCard 750 Card 7.2.0 8.8.0 Sierra Wireless AirCard 775 Card 7.2.0 8.8.0 Sierra Wireless AirCard 860 Card 7.2.0 8.6.0 Sierra Wireless AirCard 875 Card 7.2.0 8.6.0 Sierra Wireless AirCard 875U Card 7.2.0 8.6.0 Sierra Wireless AirCard 881 Card 7.2.
AT&T Global Network Client for Windows Administrator’s Guide NETBOOKS Acer Aspire One Minimum Version 8.0.2 SDK Used in latest Release GOBI 1000 HP Iverson 8.0.2 Lenovo S10 8.0.2 Samsung Go (Pebble) 8.0.2 Nokia Booklet 3G 8.0.2 Dell 11z 8.0.2 HP MINI 5102 8.0.2 GOBI 2000 HP Mini 110-3000 8.0.2 WMB 7.0 Last Client Release Supported WMB 7.0 * WMB = Windows Mobile Broadband Compatible Phones14 Minimum Version AT&T Quickfire 7.6.1 Last Client Release Supported 8.9.1 AT&T Tilt 7.2.
AT&T Global Network Client for Windows Administrator’s Guide Compatible Phones14 Minimum Version LG Invision 7.6.1 Last Client Release Supported 8.9.1 LG Monaco (GW820) 8.0.2 9.3.2 LG Secret 7.6.1 8.9.1 LG Shine II (GD710) 8.0.2 9.3.2 LG TRAX 7.2.0 8.9.1 Motorola Tundra 7.6.1 8.9.1 Motorola V180 7.2.0 8.9.1 Motorola V220 7.2.0 8.9.1 Motorola V400 7.2.0 8.9.1 Motorola V551 7.2.0 8.9.1 Motorola V3xx 7.2.0 8.9.1 Motorola RAZR V3 7.2.0 8.9.1 Motorola Z9 “Husky” 7.5.0 8.
AT&T Global Network Client for Windows Administrator’s Guide Compatible Phones14 Minimum Version Last Client Release Supported 9.3.2 Research In Motion BlackBerry Bold 9800 8.1.2 Research In Motion BlackBerry Bold 9900 9.1 Research In Motion BlackBerry Curve 8300 7.2.0 8.9.1 Research In Motion BlackBerry Curve 8310 7.2.0 8.9.1 Research In Motion BlackBerry Curve 8320 7.5.0 8.9.1 Research In Motion BlackBerry Curve 9300 9.1 Research In Motion BlackBerry Curve 9360 9.
AT&T Global Network Client for Windows Administrator’s Guide Compatible Phones14 Minimum Version Samsung ZX20 7.2.0 Last Client Release Supported 8.9.1 Sony Ericsson W760a 7.6.1 8.9.1 Sony Ericsson Bear Z750a 7.5.0 8.9.1 Mobility SDK Technology Use SDK used on Windows 7 and Windows 8 with Mobility Broadband Technologies.
AT&T Global Network Client for Windows Administrator’s Guide CDMA DEVICE GSM USING NDIS NOT USING USING WMB WMB SDK Detected USING RAS NOT USING USING WMB WMB d SDK SDK WMB SDK AT Comman d SDK USING WMB NOT USING WMB Other Devices Most Devices Not Detected AT Command SDK WMB SDK AT Command SDK Embedded Modules The following list of embedded modules tested.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 USB GSM Supported 8.2 Handset HSDPA Supported 7.0 8.9.1 M250 Embedded HSDPA Supported 8.0.2 8.10 M280 Embedded HSDPA Certified 8.0.2 8.10 Dell 5540 Mobile Broadband Embedded HSUPA Certified 8.0.2 8.10 Dell 5505 Mobile Broadband Embedded HSDPA Supported 6.9 8.9.1 Dell 5510 Mobile Broadband ExpressCard/ HSDPA 3.6 Supported 6.9 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 R520m Handset GPRS Supported 6.7 8.9.1 F3307 Embedded HSUPA Certified 8.0.2 8.10 F3507g Embedded HSUPA Certified 7.3 8.9.1 F3607gw Embedded HSUPA Pending 8.0.2 8.10 F5521gw Embedded HSUPA Pending 8.2 9.3.2 CDU680 USB EVDO Supported 8.0.2 8.10 CMU300 USB EVDO Supported 8.0.2 8.10 CMU301 USB EVDO Supported 8.1.1 9.3.2 U600 (Dual Mode Device) USB EVDO Supported 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 E17X (E170/E172) USB HSDPA Supported 7.3 E220 USB HSDPA Supported 6.9 8.9.1 E226 USB HSDPA Supported 8.0.2 8.10 EC228 USB EVDO Supported 8.0.2 8.10 E230 USB HSDPA Supported 7.4 8.9.1 E270 USB HSDPA Supported 7.1 8.9.1 E272* USB HSDPA Supported 7.2 8.9.1 E280 USB HSDPA Supported 7.1 8.9.1 EC360 USB EVDO Supported 8.0.2 8.10 E510 PC Card UMTS Certified 7.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 K3520 USB HSDPA Supported 8.0.2 M3710 USB HSDPA Supported 8.0.2 8.10 K3565 USB HSDPA Supported 8.0.2 8.10 E1762v PC Card HSDPA Certified 8.0.2 8.10 E1615 PC Card HSDPA Supported 8.0.2 8.10 E1550 USB HSDPA Supported 8.0.2 8.10 E1552 USB HSDPA Supported 8.0.2 8.10 K3765 USB HSDPA Supported 8.0.2 8.10 K4505 USB HSDPA Supported 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 G4050 Handset GPRS Supported 6.7 L1200 Handset GPRS Supported 6.7 8.9.1 L1400 Handset GPRS Supported 6.7 8.9.1 LX160 Handset EVDO Supported 7.3 8.9.1 LX400 Handset EVDO Supported 7.3 8.9.1 LX550 Handset EVDO Supported 7.3 8.9.1 LX570 Handset EVDO Supported 7.3 8.9.1 LX600 Handset EVDO Supported 8.0.2 8.10 AX840 Handset EVDO Supported 8.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 A008 Handset GPRS Supported 6.7 A630 Handset GPRS Supported 6.7 8.9.1 A845 Handset UMTS Supported 6.7 8.9.1 M2501 PC Card FOMA Supported 6.9 8.9.1 IZAR* Handset UMTS Supported 7.0 8.9.1 KZRZ* Handset UMTS Supported 7.0 8.9.1 KZRZ* Handset EVDO Supported 7.3 8.9.1 RAZR Handset EVDO Supported 7.3 8.9.1 SLVR Handset EVDO Supported 7.3 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 3220 Handset EDGE Supported 6.7 8.9.1 BT3600 Handset GPRS Supported 6.7 8.9.1 BT3650 Handset GPRS Supported 6.7 8.9.1 5100 Handset GPRS Supported 6.7 8.9.1 6100 Handset GPRS/GSM Supported 6.7 8.9.1 6200 Handset EDGE Supported 6.7 8.9.1 6230 Handset EDGE Supported 6.7 8.9.1 6234 Handset UMTS Supported 7.0 8.9.1 6282 Handset UMTS/GPRS/GS M Supported 6.7 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 G100 PC Card GPRS Supported 6.7 G301 PC Card GPRS Supported 6.7 8.9.1 u520 PC Card UMTS Supported 6.7 8.9.1 u530 PC Card UMTS Supported 6.7 8.9.1 u630 PC Card UMTS Supported 6.7 8.9.1 v620* PC Card 1xEVDO/1xRTT Supported 6.3.4 8.9.1 s620* PC Card 1xEVDO/1xRTT Supported 6.3.4 8.9.1 S720* PC Card 1xEVDO/1xRTT Supported 6.9 8.9.1 U720 USB EVDO Supported 6.7 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE XU950D DEVICE TYPE TECHNOLOGY STATUS16 ExpressCard/ HSDPA 7.2 Supported 7.1 HSDPA 7.2 Supported 7.2 8.9.1 HSDPA 7.2 Supported 7.3 8.9.1 MINIMUM VERSION LAST SUPPORTED AT&T GLOBAL NETWORK CLIENT VERSION 8.9.1 Embedded MC950* ExpressCard/ Embedded MC950D ExpressCard/ Embedded MC990D USB HSDPA 7.2 Supported 8.0.2 8.10 U998 USB EVDO Supported 8.2 8.10 MiFi2352 USB WiFi/HSDPA Supported 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 GT Express 7.2 E* PC Card HSDPA 7.2 Supported 7.1 GT Express 7.2 W* PC Card HSDPA 7.2 Supported 7.1 8.9.1 GT Express HSUPA E* PC Card HSUPA Supported 7.0 8.9.1 GT Express HSUPA W* PC Card HSUPA Supported 7.0 8.9.1 GT Express 401 PC Card HSUPA Certified 7.4 8.9.1 3G* PC Card UMTS Supported 6.9 8.9.1 GT* PC Card HSDPA/EDGE Supported 6.9 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 Handset GPRS Supported 7.0 C810* Handset HSDPA Supported 7.3 8.9.1 PX-500 PC Card 1xEVDO Rev A/ Supported 7.4 8.9.1 DEVICE Treo 750v* MINIMUM VERSION LAST SUPPORTED AT&T GLOBAL NETWORK CLIENT VERSION 8.9.1 Pantech 1xRTT 5740 PC Card 1xEVDO/1xRTT Supported 7.3 8.9.1 5750 PC Card 1xEVDO/1xRTT Supported 7.3 8.9.1 C630 Handset HSDPA Supported 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 8130 Handset EVDO Pending 8.2 8230 Handset EVDO Pending 8.2 8.10 8300* Handset EDGE Supported 7.3 8.9.1 8320 Handset EDGE Supported 8.0.2 8.10 8300v Handset UMTS Supported 7.3 8.9.1 8300c Handset UMTS Supported 7.3 8.9.1 8300 Handset EVDO Supported 7.3 8.9.1 8330 Handset UMTS Supported 8.0.2 8.10 8520 Handset UMTS Supported 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 m620 Handset EVDO Supported 7.3 m630 Handset EVDO Supported 8.0.2 8.10 SGH-A727* Handset UMTS Supported 7.0 8.9.1 SGH-A747 Handset HSDPA Supported 7.3 8.9.1 SGH-i617* Handset HSDPA Supported 7.3 8.9.1 SGH-i627 Handset HSDPA Supported 8.0.2 8.10 SGH-i637 Handset HSDPA Supported 8.0.2 8.10 SGH-A737* Handset EDGE Supported 7.3 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 NC20 Embedded HSDPA Supported 8.0.2 Y3100 Embedded HSDPA Certified 8.0.2 8.10 Y3300 Embedded HSDPA Supported 8.1 8.10 N150 Embedded HSDPA Supported 8.1 8.10 Katana DLX Handset EVDO Supported 7.3 8.9.1 Katana LX Handset EVDO Supported 7.3 8.9.1 Pro 200 Handset EVDO Supported 7.3 8.9.1 Pro 700 Handset EVDO Supported 7.3 8.9.1 S1 Handset EVDO Supported 7.3 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 Aircard 550 PC Card 1xRTT Supported 6.7 Aircard 555 PC Card 1xRTT Supported 6.7 8.9.1 Aircard 580 PC Card 1xEVDO/1xRTT Supported 6.7 8.9.1 Aircard 595 PC Card EVDO RevA Supported 7.0 8.9.1 Aircard 595u USB EVDO RevA Supported 7.1 8.9.1 Aircard C597 ExpressCard EVDO RevA Supported 7.1 8.9.1 Aircard 597e ExpressCard EVDO RevA Supported 7.1 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 MC8755 Embedded HSDPA Supported 6.7 MC8765 Embedded HSDPA Supported 6.7 MC8775 Embedded HSDPA 3.6 Supported 6.7 MC8780 Embedded HSDPA 7.2 Supported 7.1 8.9.1 MC8781 Embedded HSUPA Supported 7.3 9.3.2 MC8790 Embedded HSUPA Certified 8.0.2 8.10 C885 USB HSUPA Certified 7.4 8.9.1 AC402 ExpressCard EVDO Certified 8.0.2 8.10 USB305 USB HSUPA Supported 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 S710 Handset EDGE Supported 6.7 P800 Handset GPRS Supported 6.7 8.9.1 P990i Handset UMTS Supported 7.0 8.9.1 W200i Handset HSDPA Supported 7.1 8.9.1 Z500a Handset GPRS Supported 6.7 8.9.1 GC75 PC Card GPRS Supported 7.4 8.9.1 GC79 PC Card GPRS/WiFi Supported 6.7 8.9.1 GC82 PC Card EDGE Supported 6.7 8.9.1 GC83 PC Card EDGE Supported 6.7 8.9.
AT&T Global Network Client for Windows Administrator’s Guide DEVICE TYPE TECHNOLOGY STATUS16 Pebble USB HSDPA Supported 7.3 Pebble USB HSDPA 7.2 Supported 7.3 8.9.1 Pebble USB HSDPA 7.2 Supported 7.3 8.9.1 Anaconda USB HSDPA Supported 7.3 8.9.1 Vodafone VPA Compact III Handset UMTS Supported 7.0 8.9.1 MF626 USB HSPA (HSDPA) Supported 8.0.2 8.10 MF630 USB HSPA (HSDPA) Supported 7.2 8.9.1 MF633r USB HSPA (HSDPA) Certified 8.0.2 8.
AT&T Global Network Client for Windows Administrator’s Guide Appendix C: Third-Party Firewall Support Network Firewalls You may need to alter your network firewall configuration to allow AT&T Global Network Client management and VPN traffic to route properly. The table below lists the required changes. Source Dest Local PC 144.160.245.70 Protocol Port Protocol Port Source Dest ALL SERVICES TCP:1024 + HTTP:80 Action Reason for opening Allow SLA Data collector Local PC 144.160.245.
AT&T Global Network Client for Windows Administrator’s Guide VPN Gateways Ips Local PC Local PC UDP 4500 UDP:1024+ Allow AT&T Network-Based IP VPN Remote Access service VPN Gateways UDP:1024+ UDP:5080 Allow IPs IPSec with NAT Traversal AT&T VIG Server Health Check SSLT Local PC VPN Gateways IPs TCP:1024 + TCP:443 Allow SSL Figure 51: Network Firewall Configuration Table SMiX List Last Updated 5/9/2013 Name US01R Region US Location Allen, Tx Secure Address 32.96.129.
AT&T Global Network Client for Windows Administrator’s Guide GB03R EMEA London 32.227.63.185 32.112.51.115 DE02R EMEA Frankfurt 32.239.254.22 152.158.2.57 DE03R EMEA Frankfurt 32.227.64.184 32.112.50.131 NL02R EMEA Amsterda m NL03R EMEA Amsterda m 32.224.251.20 195.212.144.21 HK01R AP Hong Kong 32.233.96.248 122.248.141.244 HK02R AP Hong Kong 32.233.96.247 122.248.141.245 JP01R AP Osaka 32.233.96.254 210.88.144.203 JP02R AP Tokyo 32.233.96.253 210.88.144.
AT&T Global Network Client for Windows Administrator’s Guide SLA Data Collection, Configuration Settings HTTP/TCP:80 Figure 53: Client Firewall Configuration Table Dial Authentication The AT&T Global Network Client uses a proprietary enhanced authentication process using TCP:5053. A customization could be made to the AT&T Global Network Client to disable enhanced authentication and use PAP, but it is not recommended.
AT&T Global Network Client for Windows Administrator’s Guide mail and browser programs with these settings. AT&T recommends adding policy rules to the firewall to allow updates to be retrieved. © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners.
AT&T Global Network Client for Windows Administrator’s Guide Appendix D: Using the Command Line Program The AT&T Global Network Client can be started using the command line program. This program accepts the following command-line parameters: AT&T Client netclient.exe [-connect] [-login=LoginProfile] [-password=Password] netclient.exe [-login=LoginProfile] [-password=Password] netclient.exe [-exit | -exitnow] netclient.exe [-disconnect | -disconnect] netclient.exe [-help] netclient.
AT&T Global Network Client for Windows Administrator’s Guide -exit Closes this program and prompts for confirmation before disconnecting if necessary. -exitnow Closes this program with no confirmation before disconnecting. -getstatus Returns a code to indicate the state of this program. This parameter is only useful when invoked from a program that can interpret the return code. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Status codes returned by –getstatus: NotRunning 0 Initializing 100 NotConnected 200 BeforeConnecting 300 BeforeConnectAttempt 350 VerifyExistingInternetConnection 370 VerifyExistingProxyConnection 375 BeforeDialing 400 Dialing 500 AuthenticatingDial 600 AfterDialing 700 BeforeCellularSDKConnect 710 ConnectingCellularSDK 712 AuthenticatingCellularWIG 714 AfterCellularSDKConnect 716 BeforeWiFiConnect 720 ConnectingW
AT&T Global Network Client for Windows Administrator’s Guide AfterTunneling 1100 AfterConnecting 1200 ConnectedNoVPN 1250 ReattachingToVPNServer 1270 AfterReattachingToVPNServer 1275 Connected 1300 BeforeDisconnecting 1400 Disconnecting 1500 AfterDisconnecting 1600 Disconnected 1700 Exiting 1800 -help Displays this help window. -initonly Initializes the database after a new install and then exits. -login=LoginProfile The specified LoginProfile is made the current login profile.
AT&T Global Network Client for Windows Administrator’s Guide NOTE: The idle-timeout parameter has become obsolete and is ignored in version 7.6 and higher. The idle-timeout parameter was left in place to remain compatible with other programs that previously passed that parameter. Examples: netclient.exe -timeout=,,,,0 Leave the timeouts unchanged but disable the timeout warning. netclient.exe -timeout=,3600,,,60 Set a duration timeout of 1 hour and display a warning 1 minute before disconnecting.
AT&T Global Network Client for Windows Administrator’s Guide Appendix E: AT&T T6 Client The T6 Client is part of the AT&T IPv6 Service. Customers with the T6 Client installed on their PC will be able to reach IPv6 network and content through AT&T IPv6 Service. If IPv6 is not available, applications will default to IPv4. Corporate Networks The T6 Service is a tunneling protocol which needs to access specific (configurable) UDP ports.
AT&T Global Network Client for Windows Administrator’s Guide A “yellow” icon represents that there is no active tunnel with an IPv6 address assigned, however the T6 service may be actively trying to establish a tunnel. The T6 Client will poll the T6 gateway every ninety seconds. If no response is received, it will attempt to connect to an alternate T6 gateway. This may take a few minutes before a new connection is established.
AT&T Global Network Client for Windows Administrator’s Guide Figure 58: T6 Client Tray Icon Menu AT&T T6 Service and Options allows you to stop and restart the T6 Tunnel service. If the service is stopped or the tray icon does not turn blue, click on the Start or Restart button. Figure 59: T6 Client Menu Options The Options tab will allow the user to enable and disable the T6 service to tunnel IPv6. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Figure 60: T6 Client Enable Option Network Information gives the viewer detailed information regarding their computer’s network. Figure 61: T6 Client Network Information About AT&T T6 Client will provide version and copyright information of the product. © 2015 AT&T Intellectual Property. All rights reserved.
AT&T Global Network Client for Windows Administrator’s Guide Figure 62: About the AT&T T6 Client © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Images are shown for illustrative purposes only; individual experience may vary.
AT&T Global Network Client for Windows Administrator’s Guide Open History File will display the T6 Client entry log from installation through current time and may be used to track events associated with the T6 service. Figure 63: T6 Client Entry Log © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
AT&T Global Network Client for Windows Administrator’s Guide Index A Access Control List, 87 Accessibility Features, 75 AGN Filter Driver, 20 AT&T Administration Server, 101 AT&T Authentication Server, 13 AT&T Business Internet Services (BIS), 76 AT&T Client Installation Package, 18 AT&T Global Network Client Firewall, 12, 85 Disabling, 86 FIREWALL_STATE public property, 67 Operating Modes, 86 Settings Window, 86 AT&T Managed Services, 11 AT&T Managed VPN Services (AVTS), 76 AT&T Service Manager.
AT&T Global Network Client for Windows Administrator’s Guide Preventing, 39 SSL, 91 System Requirements. See Installation N NAT Traversal, 90 Network Firewall Configuration, 137 Network Service Default.
