Return to home page
Decrease font size by 1 pointChange font to 8 pointChange font to 9 point (default)Change font to 10 pointIncrease font size by 1 point

Log in or log out
Tech Notes

Locking Down the NetMotion Mobility Client

Technical Note 2140

Last Reviewed 04-Mar-2008
Applies To
All versions of Mobility
 Printer-friendly version

There are several options for locking down the Mobility client to prevent a user from circumventing Mobility, or viewing and changing its settings. Depending on your needs you can choose to implement any or all of the following.

Prevent users from bypassing Mobility

If you want to ensure that all IP traffic is tunneled through the Mobility server you can prevent a user from bypassing the Mobility client. To do this, open the Mobility XE server console and go to the Client Settings page, then turn off the setting Permissions—Bypass Availability.

When the Permissions—Bypass Availability setting is disabled (the Allow user to bypass check box is not checked), the user cannot bypass Mobility from the client's system tray icon or from any dialog boxes that may appear while establishing a connection to the Mobility Server. This setting does not prevent users from opening the NetMotion Client Properties through the Start menu, where they will still have the option to bypass. See below for instructions on removing this capability.

There are two other related settings that can be used in conjunction with Permissions—Bypass Availability to further define client behavior:

  • Permissions—Bypass Default

  • Permissions—Bypass Default Override

For detailed descriptions see the online help for the Mobility console.

Prevent users from changing or viewing Mobility settings

There are several ways a user can open the NetMotion Client Properties, all of which can be disabled:

  1. NetMotion Program Group on Start Menu
    Users can open the Client Properties through the NetMotion program group on the Start Menu. These icons use standard Windows shortcuts and can be deleted without affecting functionality.

  2. Mobility system tray icon
    The Client Properties can be accessed by right-clicking on the Mobility icon in the system tray. The bypass option described above will leave the Mobility system tray icon visible while removing the options for bypass and opening the Client Properties. By leaving the icon visible users are provided with feedback about their connection status without having any ability to change settings, so the recommended configuration is to disallow bypass but leave the icon in place.

    However, if you decide to remove the Mobility icon, delete the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nomtray

    If you need to restore the icon, the key's default value is "C:\Program Files\NetMotion Client\nomtray.exe".

  3. Mobility Control Panel icon (Mobility version 6.01 and earlier only)
    The NetMotion Mobility Client icon in the Control Panel opens the Client Properties. The recommended method of removing this icon is to use standard Windows domain policies so that administrator accounts can be enabled to access it. If the icon is removed completely it will be difficult to change basic Mobility settings such as the IP address of the Mobility server.

    • If using domain policies add nmclient.cpl to the Hide specified Control Panel applets policy.

    • (Not recommended) To completely remove the NetMotion Mobility Client icon from the Control Panel delete the following registry key:

      HKEY_LOCAL_MACHINE\SOFTWARE\...
          Microsoft\Windows\CurrentVersion\Control Panel\Cpls\NetMotion
      The default value is C:\PROGRA~1\NETMOT~1\nmclient.cpl.

Related Information

2117

How To Enable Automatic Logon

2115

Registry Editing Utilities for Windows CE

9979

NetMotion Mobility Technical Notes

Please comment on this technical note.