7.5.2 TCP/UDP Path Options Dialog Box

Host

IP address or domain name

Enter the IP address or domain name of the host. Use the following guidelines to enter this information. If the name is in a different domain than the PC, enter a fully qualified domain name using the following syntax:

name.domain.type

where nameis the name of the host, domain is the domain or group in which name is located, and typeis the domain type (such as mil, com, edu). For example, the domain name for the host Joshua in the military domain Defcon might be joshua.defcon.mil.

If you type an IP address or domain name, the path will communicate only with the specified host; if you type an asterisk (*), the path will communicate with any host.

Security

Security type

  • Specify which version of SSL or TLS to use.

Encryption Strength

Specify the desired level of encryption for SSL/TLS connections. The connection will fail if this level cannot be provided. If you select auto, any encryption level is permitted, and InfoConnect will negotiate with the host system to choose the strongest encryption level supported by both the host and the client.

PKI Settings

Opens the PKI Settings dialog box, which you can use to configure PKI settings for SSL/TLS connections.

Proxy Settings

Proxy settings are available if you use a centralized management server (available separately from Micro Focus) to manage sessions and you launched this session from the Administrative WebStation. With these options, InfoConnect connects to your host via the Security Proxy included in the centralized management server. You can use this Security Proxy to configure secure connections even if your host is not running an SSL/TLS-enabled Telnet server.

UTS, T27, and ALC sessions all support the Security Proxy.

End-to-end security

When the Security Proxy is used, the connection between the client and the Security Proxy server is secured and encrypted using the SSL/TLS protocol. By default, the information sent between the proxy server and the destination host is in the clear. If you enable the End-to-End security, information sent between the Security Proxy the destination host is also encrypted. This is done by tunneling an TLS/SSL direct connection to the host through the centralized management server security proxy. It combines the authorization associated with the security proxy and the complete TLS/SSL encryption associated with the TLS/SSL direct connection.

End-to-End security requires that the host support SSL/TLS. It is available for some, but not all, of the ALC transports.

Socket

Select the type of socket to use based on the type of application you're using this path with.

TCP

For T27, UTS, ALC, or any other connection-oriented application.

UPD

For applications that support the User Datagram Protocol.

Configure

Opens the path options for the selected socket type.

Common options

Lingering (sec)

Type the number of seconds that the TCP/IP Transport should wait for an acknowledgment from the host that the connection has been closed.

If the TCP/IP Transport does not receive an acknowledgment within this amount of time, it closes the connection itself.

If your network experiences a great deal of traffic, or if your PC is part of a wide area network (WAN), setting this value between 1 and 4 should allow ample opportunity for the host to respond.

If you type 0, the TCP/IP Transport closes the connection without waiting for an acknowledgment from the host. This makes the socket available more quickly, but for some hosts (such as Unisys A Series hosts), this will generate network errors.

Dynamic config

Select this option if you are using this path with an application that has been written to dynamically configure the path when the application is run.

If you select this option, you can leave the IP Address Or Domain Name blank, or you can type data in this field (the data typed here will be overwritten by the custom application). When you run the custom application, it fills in the required information.

If you clear this option, you must complete all the fields on each dialog box. Clear this option if you are using this path with T27, UTS, or ALC.

Enable keepalive packet

Select this option if you want the TCP/IP Transport to check periodically to determine whether a host connection still exists. If no connection exists, an error message appears as soon as this determination is made.

If you select this option, the TCP/IP Transport checks the host connection every two hours. To specify a more frequent interval, you must modify the Windows Registry.

If you clear this option, the TCP/IP Transport will not periodically check for a host connection, and if the connection is unexpectedly lost, an error message appears after 72 hours.

Selecting this option ensures that quicker notification occurs, but it also increases network traffic and can slow the performance of your applications throughout the network. The more frequently the host connection is checked, the greater the impact on network traffic.