Return to home page
Decrease font size by 1 pointChange font to 8 pointChange font to 9 point (default)Change font to 10 pointIncrease font size by 1 point

Log in or log out
Tech Notes

WWAN Authentication — Speeding Up the Desktop Login

Technical Note 2173

Last Reviewed 27-Oct-2005
 Printer-friendly version

Summary

This tech note describes how to lower the Mobility login timeout to speed up the Windows login over WWAN connections and to eliminate the "trouble connecting" dialog that appears if the client is unable to reach the server after about 20 seconds.

Use the technique described in this tech note if the only network connection your client sometimes has is one that isn't enabled until after logging into the Windows desktop, and if you are seeing a NetMotion Mobility dialog box when logging into Windows while the Mobility client attempts to reach the server.

Background

By default, the Mobility client attempts to reach the Mobility server immediately after a user enters his or her credentials, before the user is logged into the Windows desktop. This lets Windows authenticate through the Mobility VPN tunnel to the domain controller, allowing domain logins from a remote location.

Most WWAN cards (CDMA, GPRS, EDGE, etc.), however, don't connect until after a user logs into the Windows desktop, so the Mobility client doesn't have a network connection over which to reach the server. This Catch-22 is solved by the login timeout.

By default, the Mobility client will try to reach the server for 60 seconds before it lets Windows attempt to log in using cached credentials. By lowering this timeout you can decrease the time it takes to get to the desktop and get rid of the Mobility dialog box that appears after about 20 seconds of trying to connect. Mobility will then be in a state of attempting to reach the server in the background, waiting for the modem to connect and for the network path to the server to be available.

Configuring the Timeout

Lower the timeout to one second—how you do this depends on what version of Mobility you have:

  • Version 5.01:

    1. Show advanced client settings (see tech note 2158 for instructions on how to do this).

    2. Change the value for Security logon connect wait nms.

  • Version 6.0-6.01:

    1. Show advanced client settings (see tech note 2158 for instructions on how to do this).

    2. Change the value for Logon—Wait Time.

  • Version 6.5 and later:
    The client setting is called Logon—Wait Time (it is not an advanced setting).

Do not lower this timeout to one second if you sometimes need to authenticate to the domain controller over a different network type, such as 802.11 or Ethernet. This is because the Mobility tunnel may not have enough time to be established, which means that your Windows login will fail (domain not available). Try setting the timeout to five seconds instead: this should allow enough time to reach the domain controller over the faster network when it is available, while over the WWAN the delay in reaching the desktop will be acceptable and the timeout will still occur quickly enough so that users won't see the "trouble connecting" dialog box.

Related Information

2172

WWAN Authentication Options

2174

WWAN Authentication—Reaching the Domain Controller Over a WWAN Connection

9979

NetMotion Mobility Technical Notes

Please comment on this technical note.