VPN Start Before Logon (SBL)

Before You Start

Overview

Available only for Windows platforms, the Acreto Connect Client Start Before Logon (SBL) establishes the VPN connection before logging onto Windows. The purpose of this feature is while the computer is off the office or when the user is logging onto a new computer remotely. SBL allows remote users to log to Windows using Domain Controlled credentials because the VPN tunnel to the Data-Center is always on.

Note

This feature is available only for version 2.4.0 and newer. Update your ACC if you want to use this option.

Prerequisites

To connect your Windows device to the Ecosystem on the log on you will need:

  1. Existing Acreto Ecosystem, if you don’t have one learn how to create it.
  2. Access to Acreto Portal.
  3. A Windows device that you want to connect to the Ecosystem.
  4. Acreto Connect Client (minimal version 2.4.0).

How To

Install Acreto Connect Client

At first, you need to download and install the Acreto Connect Client.

  1. Go to the download page to get Acreto Connect Client.

  2. Install the ACC

  3. Go to

    C:\Program Files (x86)\Acreto Connect Client

    to confirm that the sbl directory exists.

  4. Run the acc_sbl.reg file - it will add some information into your system registry.

  5. Open the Powers Shell with Administrator privileges and run:

    Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine

    Answer “Y” for the question in PowerShell, then run:

    cd "C:\Program Files (x86)\Acreto Connect Client\sbl"
    .\sbl.ps1

    You will receive confirmation of Acreto-SBL Service creation.

Create And Configure The Profile

SBL feature will run any profile that you will place in C:\Program Files (x86)\Acreto Connect Client\sbl.

  1. Create the profile in Acreto Portal.

  2. Download the profile and place it in C:\Program Files (x86)\Acreto Connect Client\sbl directory.

  3. If the profile requires authorization:

    1. create auth.txt file and provide the username and password in form:

      username
      password

    2. Modify your profile - search for the auth-user-pass line and change it to

      auth-user-pass "C:\\Program Files (x86)\\Acreto Connect Client\\sbl\\auth.txt"

Verification

To verify that the feature works correctly, perform the test:

  1. Verify using Acreto Portal:

    1. Login into Acreto Portal.

    2. Choose the proper Ecosystem.

    3. From the left menu, choose Logs(1) > User and Things(2).

    4. Set Refresh rate to 5S.

    5. Restart the device with the SBL profile.

    6. Wait for the login screen on the tested device (do not log in) and the logs, where you should receive information that the profile you placed in the config directory is connected to your Ecosystem (3).

  2. Verify using logs:

    1. Restart the device with the SBL profile.

    2. Wait for a few seconds on the logon screen, then log in.

    3. Go to C:\Program Files (x86)\Acreto Connect Client\sbl

    4. Find the NAME OF YOUR PROFILE.log and open it to check the logs.

Limitation

We highly recommend using the Split-tunnel profiles.

Once SBL starts the connection User will not be able to disconnect it. If you use the Full-tunnel profile, you will not connect using other full-tunnel profiles.

Summary

Acreto Connect Client allows connecting your Windows device to the Acreto Ecosystem using the SBL feature.