SSL-VPN connection creates a Virtual Private Network by using the Secure Sockets Layer protocol. This provides a secure, encrypted communication connection from your computer to the STN servers. SSL-VPN is available for connections only to the STN service centers, not to other database suppliers.
To set up a secure and encrypted connection to STN via SSL-VPN:
A. Configure STN Express®
Launch the STN Express main toolbar, but do not log on to STN Express.
Create a new setup by selecting Setup and Connections from the Main Menu of STN Express. Alternatively, click on the Setup button on the main STN Express task bar.
Select New in the STN Setup Window.
Enter the following in the Setup Definition dialog box:
Setup Name: SSL-VPN (used in this example)
Host Name: STN-Tokyo or STN-Karlsruhe or STN-Columbus
Connect via: SSL-VPN
Logon Method: Standard (Winsock) (set automatically)
Host Name: localhost (set automatically)
Port: 55555 (set for STN-Tokyo or STN-Columbus); 6000 (set for STN-Karlsruhe)
Click OK to exit the setup creation window. Click Save in the STN Setup window and then click OK to exit.
B. Establish a secure and encrypted communication with STN
From the STN Express main toolbar, click Web, highlight STN Tokyo or STN-Karlsruhe or STN-Columbus, and choose STN [Host Name] Secure Connection.
Confirm all security advices and security certificates. Confirm the web browser´s security certificate in order to install and execute the signed JAVA Secure Applet on your PC. Confirm the installation and execution of the JAVA Secure Applet.
Wait until the secure connection is established. A separate small status window reports the status of connection. A green flashing signal confirms successful connection. Leave the status window open for the duration of your STN Express session.
Launch STN Express. Click the Logon button from the Main Menu /Toolbar.
Select the SSL-VPN setup in the Select Logon Settings window. Click OK to log on using the SSL-VPN connection.
Note: If you have logged on to STN and the session manager window Sent and Received packets remain at 0 bytes, you did not log on using the SSL-VPN setup and your session is not being encrypted. Log off from STN and log on again using your SSL-VPN setup.
Note: STN Express 8.4 and higher support automated SSL-VPN login. In those versions, simply click on the Logon button and then select the SSL-VPN setup from your list of setups.
SSL-VPN tips for optimal use
While RSA encryption can be used with an SSL-VPN session, it is recommended that you choose one or the other as each accomplishes the same thing - a secure and encrypted session. Using both together will cause the data being sent back and forth from your PC to the STN host to be doubly encrypted and could cause a degradation of service.
Within your browser, it is recommended that you check "Don't reuse the browser window" to keep from accidentally overlaying the session manager window and accidentally terminating the connection.
The SSL-VPN connection to STN relies for its connection on the secure session manager running in the web browser window. This window is labeled: "DO NOT CLOSE - Secure Application Manager". If this is the last active web browser window used and you click on a link from another application (including STN), you may get a dialog that asks: "Are you sure you want to navigate away from this window?" If you respond Yes, your SSL-VPN connection is disconnected along with your STN session. In your STN window, you will see a message: "Connection closed by remote host".
If you click "End Session" within the secure application session manager window, this will end your SSL-VPN and STN sessions.
Connectivity Problems
If you are having problems getting the SSL-VPN session established, here are a few reasons this could happen:
The HTTPS protocol may be blocked. Confirm that port 443/TCP is permitted through your firewall and/or proxy server. (To test this, try going to an https web-site to confirm it works, e.g., https://stnweb.cas.org .)
You have a pop-up blocker enabled within your browser preventing the session manager window from launching. In order for the SSL-VPN session to connect, you can either turn off your pop-up blocker, or add *.cas.org and/or *.fiz-karlsruhe.de as an allowed web site.
Microsoft Internet Explorer: Choose Tools I Pop-up Blocker I Pop-up Blocker Settings and under "Address of web-sites to allow", add *.cas.org and/or *.fiz-karlsruhe.de.
Firefox: Choose Tools I Options I Content and click on Exceptions to the right of Block pop-up windows and add *.cas.org and/or *.fiz-karlsruhe.de.
The web page has been cached and thus instead of running the program that launches the secure application manager session, it redirects you to an error page.
Microsoft Internet Explorer: Choose Tools I Internet Options | General tab - Browsing history section and click the Settings button. Make the page refresh change below.
Firefox: No changes are necessary.
Within a browser window,
Choose Tools I Options and in the "Temporary Internet Settings" section, click "Delete Files" to clear the cache.
In this same section, click the "Settings" button and make sure "Every visit to the page" is checked.
Finally, close all browser windows and then within STN Express, choose Secure session from the appropriate service center within the Web menu and that will allow you to establish a new SSL-VPN session.
Copyright
© 2017 American Chemical Society. All Rights Reserved.