How to configure a connection

When you create a new session there are various connection settings that must be configured for the session.

From the Type drop down list, select the type of host you are connecting to.
Identify the host to which you want to connect. You can use a full host name or its IP address.
Type the number of the port you want to use.
Save your connection settings.

Connection settings

These options vary depending on the host type.

Connect at startup

By default, sessions are configured to connect to the host automatically when you create or open a session. However, you can set up a session so that it doesn't automatically connect to the host. Choose No to manually connect to the host.

Protocol

From the drop down list, select the protocol you want to use to communicate with the host. To establish a host connection, both the Reflection ZFE Web Client and the host computer must use the same network protocol. The available values are dependent on the host to which you are connecting. They are:

Table 3-1 Protocol Descriptions

Protocol	Description
TN3270	TN3270 is a form of the Telnet protocol, which is a set of specifications for general communication between desktop and host systems. It uses TCP/IP as the transport between desktop computers and IBM mainframes.
TN3270E	TN3270E or Telnet Extended is for users of TCP/IP who connect to their IBM mainframe through a Telnet gateway that implements RFC 1647. The TN3270E protocol allows you to specify the connection device name (also known as LU name), and provides support for the ATTN key, the SYSREQ key, and SNA response handling. If you try to use Telnet Extended to connect to a gateway that doesn’t support this protocol, standard TN3270 will be used instead.
TN5250	TN5250 is a form of the Telnet protocol, which is a set of specifications for general communication between desktop and host systems. It uses TCP/IP as the transport between desktop computers and AS/400 computers.
Secure Shell (VT)	You can configure SSH connections when you need secure, encrypted communications between a trusted VT host and your computer over an insecure network. SSH connections ensure that both the client user and the host computer are authenticated; and that all data is encrypted
Telnet (VT)	Telnet Secure Socket Layer (SSL) and Transport Layer Security (TLS) are available to provide secure connections.
INT1 (UTS)	Provides access to Unisys 1100/1200 hosts using the TCP/IP network protocol.

Device name

If you selected TN3270, TN3270E, or TN5250 as the protocol, specify the device name to use when the session connects to the host. The device name is also known as the host LU or pool. If you do not specify a device name for the session, the host dynamically assigns one to the session. A device name that is set within a macro will override this setting.

If you selected Terminal ID Manager you can use it to provide IDs to client applications at runtime. You can use the Terminal ID Manager to manage pooled IDs for different host types. An ID is connection data that is unique for an individual host session. To use Terminal ID Manager, you must have a Terminal ID Manager server configured. See Terminal ID Manager in the Management and Security Server Installation Guide.

If you decide to use Terminal ID Manager and have configured the Terminal ID Manager server, then you can select from the options below to configure the criteria for acquiring an ID. All criteria must be met in order for an ID to be returned.

NOTE:Keep in mind that by specifying a criterion, you are indicating that the ID should be allocated only when an ID that has that specific value is found. The set of criteria selected here must be an exact match of the set of criteria specified on a least one Pool of IDs in Terminal ID Manager before the ID request can succeed.

Table 3-2 Terminal ID Manager Criteria

Criterion	Description
Pool name	Include this attribute and enter the name of the pool to limit the ID search to a specified pool.
Client IP address	The IP address of the client machine will be included as part of the request for an ID.
Host address	The address of the host configured for this session will be included as part of the request for an ID.
Host port	The port for the host configured for this session will be included as part of the request for an ID.
Session name	When selected, requires that the ID is configured to be used by this session exclusively.
Session type	The session type (for example, IBM 3270, IBM 5250, or UTS) is always included as part of any request for an ID.
User name	Use this criterion to ensure that only IDs created for exclusive use by specific users will be allocated. The current user’s name, which must be found on an ID before it can be allocated, is the name of the user that the session is allocated to at runtime. To configure a session based on user names, a default place holder user name is available: tidm-setup. For the administrator to configure sessions using tidm-setup, the Terminal ID Manager needs to have IDs provisioned for tidm-setup. You can override the default name with one of your own by modifying the Micro Focus/ReflectionZFE/sessionserver/conf/container.properties file as follows: id.manager.user.name=custom-username Where custom-username is replaced by the name you want to use.
Application name (UTS)	The name of the host application will be used as part of the request for an ID.

To determine the connection attempt behavior if Terminal ID Manager does not successfully allocate an ID to this session, use If ID is not allocated:

Fail connection attempt -If selected, the session will not attempt to connect when an ID is not allocated.
Allow connection attempt -If selected, the session will attempt to connect when an ID is not allocated. The attempt may be rejected by the host. There are some host types that permit a user to connect without an ID.

To confirm that Terminal ID Manager can provide an ID using the criterion and value selections you have made, click Test.

Terminal model

Choose the terminal model you are connecting to.

Table 3-3 VT session configuration options

VT Settings	Description
Terminal ID	This setting determines the response that Reflection ZFE sends to the host after a primary device attributes (DA) request. This response lets the host know what terminal functions it can perform. The Reflection ZFE response for each Terminal ID is exactly the same as the VT terminal's response; some applications may require a specific DA response. This terminal ID setting is independent of the Terminal type setting. The options are: VT220, VT420, VT100, DEC-VT100, and VT52.
Local Echo	Automatic(default). How Reflection ZFE responds to remote echo from a Telnet host: Automatic attempts to negotiate remote echo, but does what the host commands. Yes means Reflection ZFE negotiates local echo with the host, but always echoes, while No means Reflection ZFE negotiates remote echo with the host, but does not echo.
Set Host Window Size	Yes (default). This setting sends the number of rows and columns to the Telnet host whenever they change. This enables the Telnet host to properly control the cursor if the window size is changed.
Request Binary	No (default). Telnet defines a 7-bit data path between the host and the terminal. This type of data path is not compatible with certain national character sets. Fortunately, many hosts allow for 8-bit data without zeroing the 8th bit, which resolves this problem. In some cases, however, it may be necessary to force the host to use an 8-bit data path by selecting this check box.
Send LF after CR	No (default). A "true" Telnet host expects to see a CrNu (carriage return/null) character sequence to indicate the end of a line sent from a terminal. There are some hosts on the Internet that are not true Telnet hosts, and they expect to see a Lf (linefeed) character following the Cr at the end of a line. If you're connecting to this type of Telnet host, select Yes.
Host Character Set	The default value for the Host character set depends on the type of terminal you are emulating. This setting reflects the current terminal state of VT Host Character Set, which can be changed by the host. The associated default setting, saved with the model is DEC Supplemental.
Auto Answerback	No (default). This setting specifies whether the answerback message (set with the Answerback property) is automatically sent to the host after a communications line connection.
Answerback String	This setting allows you to enter an answerback message if the host expects an answer in response to an ENQ character.
Display columns	Number of columns to display 80 (default)
Display rows	24 rows (default). This setting specifies the number of rows to display.

Table 3-4 UTS INT1 session configuration options

UTS INT1 options	Description
Application	The name of the host application or host operating mode to be accessed. This is the word or phrase that the local machine sends to the host when you first establish communication with the host. If you were using a host terminal, this would be the $$OPEN name of the application.The application name is typically the same as the environment name. However, they can be different. For example, the environment name might be MAPPER, and the application might be UDSSRC. During a terminal emulation session, you would type $$OPEN MAPPER at the prompt, and INT1 would send UDSSRC to the host once the connection is established.
TSAP	The desired Transport Service Access Point (TSAP), up to 32 characters (such as TIPCSU for TIP connections, RSDCSU for Demand connections).A TSAP is required only if you are connecting to a Host LAN Controller (HLC) or to a Distributed Communications Processor (DCP) in IP router mode. If you're not sure which value to use, contact your host administrator.
Initial transaction	The character, word, or phrase that the local machine will send to the host when communication with the host is first established (up to 15 characters).This parameter is optional and is primarily used with TIP. For example, you might type ^ to run MAPPER. This parameter can also be used to transmit passwords.
Start transaction	When you configure an initial transaction, by default, the data is sent as soon as the session connection is established. You can decide when to send an initial transaction by using a particular string to trigger the initial transaction. For example, to wait for a successful login before sending initial transaction data, type in a string to be used to identify a successful login. You can use this setting in combination with Send initial transaction.
Send initial transaction	You can determine when the initial transaction is sent: Immediately - Default. When start of entry (SOE) character is received - Useful when multi-line transactions must be completed before sending the string. After specified milliseconds
Terminal ID	Choose whether to specify a terminal ID or use the Terminal ID Manager. To specify a terminal ID, type it in the Specify Terminal ID field. If you choose Use Terminal ID Manager, you are prompted to select the Terminal ID attributes you want to use to obtain an ID. See Terminal ID Manager Attributes. To test the attributes, click Test selected attributes.
Specify Terminal ID	The Terminal ID, a terminal identifier (typically up to 8 alphanumeric characters) to use for the communication session associated with this path. Also known as a TID or PID, each terminal ID should be unique to the host.

Host character set

Select the 3270 or 5250 host character set you want to use. This setting chooses a conversion table to convert host characters (EBCDIC) into PC characters (ANSI). This setting should match the national character set used by your host system. If it doesn't match, then some characters, such as accents, may not display correctly. See your host documentation for definitions of the characters in each set. The default value is US English (037).

TLS/SSL Security

SSL and TLS protocols allow a client and server to establish a secure, encrypted connection over a public network. When you connect using SSL/TLS, ZFE authenticates the server before opening a session, and all data passed between and the host is encrypted using the selected encryption level. The following options are available:

Table 3-5 TLS/SSL Descriptions

Security options	Description
TLS 1.2, 1.1, 1.0, and SSL 3.0	Allow connection through TLS 1.2, TLS 1.1, TLS 1.0, or SSL 3.0, depending on the capabilities of the host or server to which you are connecting.
TLS 1.2, 1.1, 1.0	Select this value to connect using TLS, but not SSL. As part of the TLS protocol, the client checks the server or host name against the name on the server certificate. Therefore, TLS connections require the common name on the server certificate to match the host or proxy server name.
SSL 3.0	Select this value to connect using SSL, but not TLS. This is not recommended, but some hosts do not support TLS. If you plan on using this option, there is an additional configuration step to follow: SSL 3.0 has been deactivated by default in the JDK 8 java.security file. If SSL 3.0 is absolutely required, you can reactivate the protocol by removing "SSLv3" from the jdk.tls.disabledAlgorithms property in the java.security file or by dynamically setting this Security property to "true" before JSSE is initialized. For example: You must remove or comment out the line, jdk.tls.disabledAlgorithms=SSLv3, in <install_dir>\Micro Focus\ReflectionZFE\jre\jre\lib\security\java.security .

Security options

Description

TLS 1.2, 1.1, 1.0, and SSL 3.0

Allow connection through TLS 1.2, TLS 1.1, TLS 1.0, or SSL 3.0, depending on the capabilities of the host or server to which you are connecting.

TLS 1.2, 1.1, 1.0

Select this value to connect using TLS, but not SSL. As part of the TLS protocol, the client checks the server or host name against the name on the server certificate. Therefore, TLS connections require the common name on the server certificate to match the host or proxy server name.

SSL 3.0

Select this value to connect using SSL, but not TLS. This is not recommended, but some hosts do not support TLS. If you plan on using this option, there is an additional configuration step to follow:

SSL 3.0 has been deactivated by default in the JDK 8 java.security file. If SSL 3.0 is absolutely required, you can reactivate the protocol by removing "SSLv3" from the jdk.tls.disabledAlgorithms property in the java.security file or by dynamically setting this Security property to "true" before JSSE is initialized.
For example: You must remove or comment out the line, jdk.tls.disabledAlgorithms=SSLv3, in <install_dir>\Micro Focus\ReflectionZFE\jre\jre\lib\security\java.security .

NOTE:See the section on Making Secure Connections for information on adding trusted certificates, key stores, using SSH, and other advanced security information.