An easy way to clean up both the role-mapping rules and the user's portal is to allow the usesr to create their own bookmarks. The user only needs to know his workstation name or IP to create the bookmark. ... View more

Well, you were right. For some reason, the registry setting wasn't there on the PC I was using, but other PC's have it. Odd. Anyway thanks for the tip! ... View more

Are you certain about that location in the registry? I dont see anything even close to that when I look. I did a search for "logoffonconnect" and came back with no results... ... View more

TheDawg is right. I originally opened a case on this issue and it went to engineering. Their fix was to use a domain admin account, but I was able to use a domain user account with password changing priveleges. ... View more

JSAM will pick up traffic that is sent to internal resources from the client outside of the SSLVPN session.  If a packet capture is taken from the client and you see a call to your 192.168.x.x address in it, you can configure JSAM to intercept this traffic.  If, instead, all you see is https traffic, then JSAM can still be used, but you'll have to do a rewriting trick.  What I do if I want to bypass the rewriting engine on the IVE is I create a "do not rewrite and redirect to target server" rewrite policy for the internal resource.  So for 192.168.x.x, the traffic from the client will be directed out of the VPN session. You can now configure JSAM to intercept that traffic and redirect it back through the IVE, unrewritten. You could also try passthrough proxy for the internal host.  This essentially does the same thing, but for some really finicky applications, I find the above configuration to work best. ... View more