Secure Remote Access

Functional description

The HOOC-Gateway (HOOC Connect) in a site (remote network infrastructure) automatically establishes an encrypted VPN connection to the HOOC-Cloud. In the HOOC-Cloud, a separate, virtual and completely isolated network is created for each site. The HOOC-App in turn establishes an encrypted connection to the HOOC-Cloud and the corresponding virtual network in the same way. Once the connections have been established, both connections are linked and a “virtual network cable” (Ethernet, Layer 2) is created between the site and the HOOC-App. All IP protocols are supported when using the HOOC Solution.

HOOC-Gateway

The HOOC-Gateway can be linked after the creation of the site under HOOC-Gateway by entering the 20-digit serial number.

services-serc-serviceip

Logs

The connection logs of the HOOC-Gateway can be found under HOOC Connect -> Logs.

services-sera-connect-logs

Secure Remote Access

Clients

Once the HOOC-Gateway has been linked to the site and connected to the remote network, a connection to this network can be established using the HOOC-App (Windows, iOS, Android). Under Services -> Remote Access -> Client you can find instructions and downloads of the HOOC-App.

Virtual DHCP-Server

The virtual DHCP server function integrated in Secure Remote Access makes it possible to distribute IP addresses to the HOOC App even if there is no DHCP server available in the remote network. This eliminates the tedious configuration of static IP addresses.

The functionality of the virtual DHCP server can be configured under Services -> Remote Access -> Virtual DHCP Server. Click on the icon to enable and configure it.

After configuration, the settings can be Applied by clicking on Save settings.

General settings

Property Description
DHCP Filter Site With a filter applied, the virtual DHCP server does not distribute network configurations to devices on the remote site (recommended). Without the filter the virtual DHCP server distributes network configurations to all devices on the remote site (HOOC-Gateway excluded) as well as to the HOOC client. Please be aware that when disabling the filter this might cause e DHCP conflicts wehen two DHCP servers are running.

Network Interface Virtual Host

Property Description
MAC address: MAC address of virtual DHCP server
IP address: IP address of virtual DHCP server
Subnet Mask: Mask

DHCP Server settings

Property Description
Start IP address Start IP address of IP address pool
End IP address End IP address of IP address pool
Lease Limit This time (s) the client keeps the assigned IP address
Default Gateway Default Gateway (optional)
DNS Server DNS server (optional)
Domain Name Domain name (optional)

Security Network filters

The Network filter function integrated in Secure Remote Access allows access to IP address, port or protocol levels to be precisely enabled. By using these features, increased security requirements can be covered. For example, it is possible to grant access only to individual remote devices and thus protect other devices from direct access from outside.

Under Services -> Remote Access -> Security the functionality of the network filters can be enabled by clicking on the icon .

After switching on the network filters, all network traffic to and from the remote site is blocked.

Management Network Filter Rules

Click the icon to add a new network filter rule. The following settings can be applied:

services-sera-security-filter

Property Description
Status Activate or deactivate filter rules
Name Internal Description
Filter type Bidirectional, unidirectional from source address, unidirectional to destination address, IP to IP
IP address Address of the remote terminal device (client side)
IP range If this option is selected, entire ranges of addresses can be released
Protocol type All protocols, TCP/IP, UDP/IP, ICMP/PING
Port Single port or dedicated areas

Management special network filter rulesets

If there is a DHCP server in the remote site and this is to assign an IP address to the HOOC-App, dedicated network filters must be activated. To do this, simply enter the IP address of the DHCP server in the field and use Save settings.

Redirections

The function Redirections integrated in the Secure Remote Access service simplifies the use of the HOOC-App for customers. Redirects are available unsig the HOOC-App once a connection is setup. After a VPN connection to a remote site has been succesfully established, end users can open a web visualization or an additional App by clicking on the corresponding link. This process can also automatically take place if required.

services-sera-shortlinks

Configuration

Under Services -> Remote Access -> Redirections you can add a new redirections by clicking on the icon. Click on to edit an existing redirection.

Property Description
Target Operating system on which the HOOC-App is used
Type cmd (execute command line command), App (open Application), url (open a web page)
Name Name as it appears in the HOOC-App
Link / Command / AppID Command line command for type “cmd”, AppId for type App, Weblink for type “url
Arguments (comma separated) Arguments for type “cmd”, Arguments for type “App”

Not all types can be used with every device. The list below gives an overview:

Target Type url Type App Type cmd
android
iOS
windows

Usage of type url

This type is typically used to define a link to a Web page in the remote network. When using the windows/ios/android option in the Device field, Web page forwarding is available for all devices.

Usage of type App

This type is used to start another App.

For opening applications on mobile devices there are restrictions, especially with iOS, because the functionality (URL Schema or x-callback-url) has to be implemented with the corresponding iOS Apps. For iOS it is recommended to contact the manufacturer of the App.

The following procedure is recommended to open an app on Android devices:

  1. Open https://www.Appbrain.com/Apps/popular
  2. Search for the App that you want to use in the redirects (e.g. vlc)
  3. Select App from overview list (e.g. VLC for Android)
  4. Copy App ID from navigation bar org.videolan.vlc

The command or the App-ID for the android App “VLC for Andorid” is org.videolan.vlc It is also possible to find the desired App ID from the internal memory of the device.

Usage of type cmd

This type is used to execute a command line tool on the Windows operating system. Thus, for example, a local program can be opened. Start arguments can be passed.

Usage in the HOOC-App

The defined redirections are available in the HOOC-App under Secure Remote Access depending on the operating system (target). A click on the link executes the defined redirection action. Under Settings -> Redirection management further settings concerning redirections can be made:

  • Automatic triggering of redirection action after successful connection to Secure Remote Access
  • If the cmd` type is used, the Secure Remote Access connection can be automatically disconnected after closing the open Application.

Logs

The connection logs of the Secure Remote Access users are listed under Services -> Remote Access -> Logs.

services-sera-client-logs