Appendices
- Appendix A – Shortcut keys
- Appendix B – Browser support
- Appendix C – EchoHandler and network check
- Appendix D – configuration example for nginx
- Appendix E – configuration example for Apache Proxy
- Appendix F – configuration for Juniper, Cisco, Dell etc SSL VPN
- Appendix G – SMB path
- Appendix H – Ping
- Appendix I – TrustStore
- Appendix J – Features
Appendix A – Shortcut keys
-
CTRL+ALT+END
Brings up the Windows Security dialog box. -
ALT+PAGE UP
Switches between programs from left to right. -
ALT+PAGE DOWN
Switches between programs from right to left. -
ALT+INSERT
Cycles through the programs in the order they were started. -
ALT+HOME
Displays the Start menu. -
ALT+DELETE
displays the system menu.
Appendix B – Browser support
Browser | Minimum version | Comments |
---|---|---|
Mozilla Firefox | 11.0 | Audio redirection: 51 |
Google Chrome | 16.0 (Desktop), 18.0 (Android) | Audio redirection: 49 |
Apple Safari (Desktop and iOS) | 6.0 | Audio redirection: 10 (recording is not supported) |
Internet Explorer | 10.0 | Audio redirection: Flash player (recording is not supported) |
Opera | 12.0 | Audio redirection: 43 |
Edge | 14.0 | Audio redirection: 14.0 |
Appendix C – EchoHandler and network check
There is an EchoHandler on the gateway which can be used to check network connectivity and latency. Please check the NetworkChecker tool in rdp.page.js. This can be used to check the network latency between browser and gateway.
Appendix D – configuration example for nginx
server {
listen 80;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://192.168.8.2;
}
location ~ /LIST|/RDP|/VNC|/LOGIN|/GATEWAY|/PLAY|/CONF|/JOIN|/SSH|/TELNET|/ECHO {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://192.168.8.2;
proxy_buffering off;
tcp_nodelay on;
}
}
Appendix E – configuration example for Apache Proxy
<VirtualHost *:443>
ServerName spark.gateway.com
DocumentRoot C:/Apache24/htdocs/reverseproxy
RequestHeader unset Accept-Encoding
Header Set MCOE-Gateway "spark.gateway.v1"
Header set Content-Security-Policy-Report-Only "default-src https://spark.gateway.com; \
script-src https: 'unsafe-inline'; \
style-src https: 'unsafe-inline'; \
img-src data: https://spark.gateway.com; \
connect-src wss: https://spark.gateway.com; \
report-uri https://myserver.com/csp-report-master/report.php;"
CustomLog "c:/apache24/logs/spark_access.log" common
ErrorLog "c:/apache24/logs/spark_error.log"
SSLEngine on
SSLProxyEngine On
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES: RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCACertificateFile "c:/sslcerts/startcom.crt"
SSLCertificateFile "c:/sslcerts/spark.gateway.com.crt"
SSLCertificateKeyFile "c:/sslcerts/private.key"
ProxyRequests Off
ProxyPreserveHost Off
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLCharsetOut UTF-8
SetOutputFilter INFLATE;proxy-html;DEFLATE
# For SparkView WebSocket
ProxyPass "/LIST" "wss://internal.spark.gateway/LIST"
ProxyPass "/RDP" "wss://internal.spark.gateway/RDP"
ProxyPass "/GATEWAY" "wss://internal.spark.gateway/GATEWAY"
ProxyPass "/CONF" "wss://internal.spark.gateway/CONF"
ProxyPass "/LOGIN" "wss://internal.spark.gateway/LOGIN"
ProxyPassReverse "/LIST" "wss://internal.spark.gateway/LIST"
ProxyPassReverse "/RDP" "wss://internal.spark.gateway/RDP"
ProxyPassReverse "/GATEWAY" "wss://internal.spark.gateway/GATEWAY"
ProxyPassReverse "/CONF" "wss://internal.spark.gateway/CONF"
ProxyPassReverse "/LOGIN" "wss://internal.spark.gateway/LOGIN"
ProxyPass / https://internal.spark.gateway/
ProxyPass / wss://internal.spark.gateway/
ProxyPassReverse / https://internal.spark.gateway/
ProxyPassReverse / wss://internal.spark.gateway/
</VirtualHost>
Must work with mod_proxy and mod_proxy_wstunnel.
Appendix F – configuration for Juniper, Cisco, Dell etc SSL VPN
It's very easy if the VPN supports WebSocket. You just need to create a web application resource profile (bookmark) or application offloading and specify the URL of the gateway.
Make sure you update SparkView to 4.8.6 or later which improved the compatibility of SSL VPN.
You can enable HTTP Basic Authentication in SparkView for VPN SSO integration (set authorization = Basic in gateway.conf).
SparkView also supports HTTP Post integration. Please specify your URL as http://yourGateway/CONNECT. Please also check html\examplePost.html for reference.
Appendix G – SMB path
SMB Path can also be used for recording, drive redirection etc., for example:
recdir = smb://domain;username:password@sparkcloud/ShareName/path
tmpdir = smb://domain;username:password@sparkcloud/ShareName/path
Variables can also be used in drive direction path (tmpdir):
tmpdir = smb://${domain};${user}:${pwd}@sparkcloud/ShareName/path
Appendix H – Ping
You can enable Ping on client side by setting pingInterval (seconds) parameter, or use rdp.startPing(interval). The client will only send ping package when the session is idle.
This is helpful if there is idle timeout configuration in user’s environment (routers, firewall, proxy etc). The client can also immediately notice a network disconnection.
Appendix I – TrustStore
When you RDP server or VNC server are using TLS encryption. You can allow user connect to trusted server only:
- Export the certificate from the server (Public key only). For RDP server, run “certlm.msc”, Click “Remote Desktop” -> Certificates. Right click on the certificate, “All Tasks -> Export”.
- Import the certificate to a trustStore:
keytool -import -file C:\cascerts\rdpserver.cer -alias rdpserver -keystore myTrustStore.jks
- Set trustStore location and trustStorePassword in gateway.conf
- Restart the gateway.
- “unable to find valid certification path to requested target” message will be displayed to end user (also in the gateway log).
Appendix J – Features
Feature list for the different versions of SparkView:
Community | Professional | Enterprise | |
---|---|---|---|
Explore SparkView | For SMEs and institutions | For highly scalable solutions | |
# of concurrent connections | 2 | unlimited | unlimited |
RDP audio redirection | |||
Clipboard redirection | |||
RDP multi monitor | |||
RDP printer redirection | |||
SSH/SFTP | |||
Wake on LAN (WoL) | |||
Network Level Authentication (NLA) | |||
Active Directory/LDAP/Radius | |||
RDP RemoteApp | |||
RDP microphone redirection | |||
RDP camera redirection | |||
RDP drive redirection | |||
RDP scanner redirection | |||
RDP smart card redirection | |||
RDP USB redirection | |||
HTTP Proxy | |||
RemoteFX | |||
Session Shadowing | |||
Telnet | |||
VNC | |||
Two-factor authentication | |||
Burst license | |||
RDP Hyper-V console | |||
Monitoring dashboard | |||
SAML/OAuth2 | |||
Session Recording | |||
VMWare Console | |||
RDP Native Shadowing/Remote Assistant | |||
SMB2 File Proxy | |||
SNMP | |||
Syslog |
For more information on pricing, please visit our distributor's product page.