Configure Connection Dialog Box

Use the Configure Connection dialog box to add or edit TN3270 connections. You can configure up to 32 hosts. From the TN3270 General page choose Add to add a connection or select a connection from the list box and click Edit to edit a connection. You will need to know the Host Alias Name or IP Address and the port number to properly set up your connection(s).

Table 3-2 Configure Connection Dialog Options for 3270 Connections

Option

Description

Host Alias/IP Address

Indicates the name of the remote host. Select a previously-configured Alias/Address from the drop-down list or enter either the numeric IP address or the alias name, using up to 32 characters. This option is case-sensitive.

Terminal/Device Type

Displays the terminal/device type string that is negotiated with the TN3270 server. The default is IBM-3278.

Port Number

Specifies the telnet port address on the server. An address can be up to 4 digits long. The default is 23.

Auto Reconnect

Specifies whether Extra! reconnects or remains disconnected when the TN3270 session is logged off. In a TCP/IP network, a session disconnects when you log off from it--a useful feature when network traffic (bandwidth) is an issue. However, you may prefer that Extra! maintain the connection by automatically reconnecting at logoff. (The default is On.)

Auto Exit

If Auto Exit is enabled, the Extra! session will exit if disconnected by the host. This setting is disabled if Auto Reconnect is enabled.

Security Type

The Secure Sockets Layer protocol (SSL) and its compatible successor, the Transport Layer Security (TLS), enable a client and server to establish a secure, encrypted connection over a public network.

When you connect using SSL/TLS, the client authenticates the server before making a connection, and all data passed between the client and the server is encrypted. Depending on the server configuration, the server may also authenticate the client.

Level of Encryption

  • No Security: Disable encryption (SSL support).

  • SSL v3.0 : Manage transmission security between the host or gateway and the client.

  • TLS v1.0

  • TLS v1.2

  • TLS v1.3

  • MS SSL v3.0

The list of cipher suites available for a given connection depends on the SSL/TLS version you specify, the encryption strength, and whether or not you are configured to run in FIPS mode.

For TLS connections, Elliptic Curve Cryptography (ECC) is supported in IBM, VT, and FTP sessions. Currently, only prime curves are supported for Elliptic Curve Cryptography.

FIPS mode

When in FIPS mode, Extra! enforces the United States government Federal Information Processing Standard (FIPS) 140-2 for this connection. Options in this dialog that do not meet this standard will make this option unavailable.

Encryption Strength

Specify the desired level of encryption for SSL/TLS connections. The connection will fail if this level cannot be provided.

Encryption secures communication (provides privacy) between a gateway and a client. Once transmission of application data begins, all data is encrypted.

NOTE:The presence of the padlock icon in the lower right hand corner of the OIA indicates that you have a secure connection.

Verify server certificate

Specifies whether certificates presented for host authentication are checked to determine if they are valid and signed by a trusted CA.

Host name must match certificate

Select to ensure a higher level of security by requiring that the host name in the client configuration match the common name in the servers x509 security certificate, and that the servers x509 certificate is verified against the root certificate database for an additional trust relationship verification.

Use Certificate Revocation List

Specifies whether Extra! checks for certificate revocation using CRLs (Certificate Revocation Lists) when validating host certificates. CRLs may be specified in the CDP extension of the certificate itself. You can also specify CRL using the LDAP tab in the Reflection Certificate Manager.

UseOnline Certificate Status Protocol

Specifies whether Extra! checks for certificate using OCSP (Online Certificate Status Protocol) responders when validating host certificates. OCSP responders may be specified in the AIA extension of the certificate itself. You can also specify OCSP responders using the OCSP tab in the Reflection Certificate Manager.

Client certificate

Displays the options for selecting the client certificate.

When Automatically select client certificate is selected, the first qualifying certificate is presented to the server.

When Prompt for client certificate is selected, all qualifying certificates are presented so you can select which certificate to use. If only one certificate qualifies, Extra! automatically uses that certificate.

If you want to use a particular certificate, select Browse to open the Select Certificate dialog box and then select the certificate.

NOTE:Extra! uses the Server Certificate Request message to determine whether certificates are qualified.

Automatically enter data on this screen for new connections

Select this option to automatically fill the following fields: Host alias/IP address, Terminal/device type, Port number and Auto reconnect.

To configure a TN3270 connection

  1. Start a new session, and select TN3270 as your connection type.

    Do this

    To

    Choose the Add button

    Add a new TN3270 connection type.

    Select a connection type from the list and choose the Edit button

    Edit a connection.

    Select a connection type from the list and choose the Delete button

    Delete a connection.

    Select a connection type from the list and choose the Copy button

    Copy a connection type to the Clipboard.

    Choose the Paste button

    Paste the copied connection into the list.

  2. Select Enable Infinite List Retries if you want Extra! to go through the list of configured connections again and again until a successful connection is made.

  3. From the Connection Timeout field, enter a value in seconds. The default is 10 seconds.

  4. From the Number of retries field, enter a value for the number retries. The default is 0.

If you are adding or editing a connection, the Configure Connection dialog box displays. Follow these instructions.

  1. Enter either the numeric IP address or the alias name, using up to 32 characters. This option is case-sensitive.

  2. From the Terminal/Device Type list, select a device type. The default is IBM-3278.

  3. From the Port Number field, enter a number. The default is 23.

  4. (Optional) Select the Auto Reconnect option to specify whether Extra! is to reconnect or is to remain disconnected when the TN3270 session is logged off.