Options Menu

In Figure 10.5, the screenshot displays the many utilities and preferences that are available for you to tweak the Unity Client. The first four entries are for simplifying administration of VPN connection profile entries. Specifically, you can delete or rename the currently selected VPN entry. What's more, you can clone an existing entry if you have similar requirements for another connection. All the entries that are being created are stored in the installation directory's Profiles folder as .pcf files (more on this later). In this Options menu, you can also import a connection entry from any .pcf file.

The next selection in the Options menu enables you to erase the user password that is locally stored on the PC. Notice that this option in Figure 10.5 is grayed out because this policy is determined by the central concentrator. If it is permitted on the Client Config tab in the User Management page, this option is enabled and you can delete the password. Allowing the users to save the password on the client can alleviate a multitude of support calls due to common misconfigured authentication credentials. However, for security reasons, this option is disabled by default on the concentrator and enabling it carries significant risks; the decision to enable it should be considered carefully.

For convenience, you can select the Create Shortcut option, which automatically adds a desktop shortcut for the selected VPN entry. This selection is followed by the previously mentioned Properties option, which enables you to configure specific parameters for the selected entry (refer back to the "Client Entry Configuration" section). Also previously mentioned, the next selection enables the Unity Client's stateful CIC firewall to block incoming traffic, except for tunneled traffic, DHCP, and ESP (see Chapter 6, "Software Client Firewall Features").

The remaining selections deal with options that occur before you initiate a session with the VPN dialer. Namely, you can launch an application before each tunnel is established (for example, Log Viewer). The Automatic VPN Initiation option is displayed only when you have enabled Auto-initiation on the client by manipulating the global profile (discussed later in the "Client Auto-Initiation Feature" section). Lastly, in a Windows NT environment, you may also need to connect the VPN tunnel to the main network to have connectivity to a domain controller. After the tunnel is initiated, you can send your NT credentials to the controller and authenticate to the server. The Windows Logon Properties option allows you to enable this function, and also lets you automatically disconnect the tunnel when you log off the domain.