Sabre VPN 2.0. The SVPN client is a Java Web Start application and is comprised of the following modules:



Similar documents
TECHNICAL CONDITIONS REGARDING ACCESS TO VP.ONLINE. User guide. vp.online

Non-Employee VPN Quick Start Guide

HOW TO CONFIGURE PASS-THRU PROXY FOR ORACLE APPLICATIONS

UBS KeyLink Quick reference WEB Installation Guide

Accessing Restricted University Online Resources Using Network Connect. on the Secure Remote Access Service

SSL VPN Technology White Paper

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

SSL VPN User Guide Access Manager 3.1 SP5 January 2013

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Administration Guide

Java Secure Application Manager

Network Connect Installation and Usage Guide

RSA SecurID Ready Implementation Guide

Elluminate Live! Access Guide. Page 1 of 7

XIA Configuration Server

Network Configuration Settings

Setup Guide Access Manager 3.2 SP3

Stealth OpenVPN and SSH Tunneling Over HTTPS

Elluminate Live! Access Guide. Page 1 of 7

Receiver Updater for Windows 4.0 and 3.x

Quick Startup Installation Instructions. Overview. Important Information

Quick Connect. Overview. Client Instructions. LabTech

Web Conferencing Version 8.3 Troubleshooting Guide

SSL VPN User Guide. Access Manager 4.0. November 2013

Contents. Introduction. Prerequisites. Requirements. Components Used

WebEx Remote Access White Paper. The CBORD Group, Inc.

Setup Guide Access Manager Appliance 3.2 SP3

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Setting Up a Unisphere Management Station for the VNX Series P/N Revision A01 January 5, 2010

AnyConnect VPN Client FAQ

Hosted Microsoft Exchange Client Setup & Guide Book

Aventail Connect Client with Smart Tunneling

Initial Access and Basic IPv4 Internet Configuration

How To Configure SSL VPN in Cyberoam

MySabre with Sabre VPN

An Overview of Oracle Forms Server Architecture. An Oracle Technical White Paper April 2000

BROWSER AND SYSTEM REQUIREMENTS

technical brief browsing to an installation of HP Web Jetadmin. Internal Access HTTP Port Access List User Profiles HTTP Port

EM Single Sign On 1.2 (1018)

PROTECTING DATA IN TRANSIT WITH ENCRYPTION IN M-FILES

Exploiting the Web with Tivoli Storage Manager

Transparent Identification of Users

FortiClient SSL VPN Client User s Guide

Citrix Access on SonicWALL SSL VPN

SSL VPN User Guide. Access Manager 3.2 SP2. June 2013

Print Audit Facilities Manager Technical Overview

SSL VPN Service. To get started using the NASA IV&V/WVU SSL VPN service, you must verify that you meet all required criteria specified here:

How To - Implement Clientless Single Sign On Authentication with Active Directory

Microsoft Labs Online

BlackBerry Enterprise Server Express System Requirements

Using ipass Secure Anywhere. Secure Remote Access for Hallmark Independent Retailers

Technical Brief for Windows Home Server Remote Access

Clientless SSL VPN Users

Configuring PDM. Starting PDM with Internet Explorer CHAPTER

a) Network connection problems (check these for existing installations)

Using the Motorola Tunnel Service with MSP

Xerox DocuShare Security Features. Security White Paper

How To Use Netiq Access Manager (Netiq) On A Pc Or Mac Or Macbook Or Macode (For Pc Or Ipad) On Your Computer Or Ipa (For Mac) On An Ip

Total Protection for Enterprise-Advanced

Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

ICE. Client Guidelines. January 4, 2012

Dell SonicWALL SRA 7.5 Citrix Access

Novell Access Manager SSL Virtual Private Network

304 - APM TECHNOLOGY SPECIALIST

WhatsUp Gold v16.3 Installation and Configuration Guide

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

2X HTML5 Gateway v10.6

Hosted Microsoft Exchange Client Setup & Guide Book

Configuration Guide BES12. Version 12.2

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

isupplier PORTAL ACCESS SYSTEM REQUIREMENTS

Configuring SSL VPN on the Cisco ISA500 Security Appliance

An Oracle White Paper October Frequently Asked Questions for Oracle Forms 11g

GoToMyPC Corporate Advanced Firewall Support Features

Introduction Installing the download utility Installing Java(TM) 2 Runtime Environment, Standard Edition

MIGRATING DESKTOP AND ROAMING ACCESS. Migrating Desktop and Roaming Access Whitepaper

McAfee Web Gateway 7.4.1

Requirements on terminals and network Telia Secure Remote User, TSRU (version 7.1 R4)

WatchGuard SSL v3.2 Update 1 Release Notes. Introduction. Windows 8 and 64-bit Internet Explorer Support. Supported Devices SSL 100 and 560

Installing Management Applications on VNX for File

StreamServe Persuasion SP5 Control Center

SSL VPN A look at UCD through the tunnel

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

2 Downloading Access Manager 3.1 SP4 IR1

Administration guide. Océ LF Systems. Connectivity information for Scan-to-File

CareGiver Remote Support Information Technology FAQ

MyAccess installation guide for non-myplace clients

Release Notes. Platform Compatibility. Supported Operating Systems and Browsers: AMC. WorkPlace

Lab 8.3.3b Configuring a Remote Router Using SSH

ComTrader Technical Requirements. version 1.6

qliqdirect Active Directory Guide

msuite5 & mdesign Installation Prerequisites

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

Chapter 10 Troubleshooting

Transcription:

Sabre VPN 2.0 The Sabre (SVPN) VPN solution allows Sabre customers to connect directly to OFEP and NOFEP (HSSP) front ends over the Internet, using a secured Virtual Private Network connection. The SVPN solution provides MySabre customers with fast, persistent connections to Sabre eliminating slower polling methods normally used with Portal connections. The SVPN client is a Java Web Start application and is comprised of the following modules: VPN Client Module Starts and manages all other modules associated with the SVPN solution. It can be started via a number of methods. o MySabre will launch the client automatically if not already running and will use the same credentials as the MySabre portal. o Manually from the Sabre VPN icon located on the desktop. Requires a separate or multiple authentications from the agent when used with MySabre. o Automatically if placed in the Startup group. Requires a separate or multiple authentications from the agent when used with MySabre. GUI Module Represented by the VPN icon located in the System Tray. Responsible for providing the agent with the status of the SVPN connections and also provides configuration options including Proxy Servers, Logging, and Ports for the GUI. VPN Authentication Module Responsible for posting the agents credentials to the Nortel 3050 gateways. The credentials are posted using HTTPS and use the Java Secure Socket Extensions (JSSE) library to handle the HTTPS communications with the VPN servers. Port Forwarder Module Responsible for retrieving the VPN client configuration information from the VPN servers, for setting up the TCP listeners, and for handling the TCP traffic between the client and the VPN servers. Logging Module Responsible for providing status to the GUI and logging information to a log file for troubleshooting purposes. Sun JVM requirements for the SVPN solution are: JRE 1.3.1 for Windows 95 and Italian operating systems. o Java Secure Socket Extensions (JSSE) and Java Web Start (JWS) must be installed separately. o Windows 9X also requires a separate registry patch supplied by Sabre. o Windows XP SP2 requires Microsoft patch KB 884020

JRE 1.4.2_06 for Windows 98 and above. This is the Sabre preferred JRE that is currently deployed with MySabre. JRE 5.0 has been certified by Sabre for MySabre but is not being deployed at this time. o Windows 9X also requires a separate registry patch supplied by Sabre. o Windows XP SP2 requires Microsoft patch KB884020 Brief overview of operation: The Sabre VPN (SVPN) solution is a Java Web Start application that provides a VPN tunnel to Sabre through port 443. The use of this tunnel allows Sabre applications such as MySabre, Turbo Sabre, and the Sabre Print Module to connect to Sabre resources via a SOCKS connection on port 443. When the agent starts the SVPN client: Note: MySabre will start the client automatically if configured to use the Sabre Virtual Private Network protocol. 1. The client will check for updated JNLP and Jar file from the https://sabrevpn.sabre.com servers. Note: Both http (port 80) and https (port 443) requests are made to https://sabrevpn.sabre.com Note: The Jar files are maintained in the JRE cache while the JNLP files are maintained in the Java Web Start cache. 2. The client will launch the Port Forwarder module. 3. The Port Forwarder updates the LMHOST/HOST files with the necessary information from the VPN servers to resolve Sabre resources through the Local Host addresses. Note: The LMHOST/HOST files maps the following resources to the Local Host(s). config.sea.eds.com LDAP server on port 389 hsspconfig.sabre.com LDAP server on port 389 lb1.dcs.amrcorp.com on port 12001 lb2.dcs.amrcorp.com on port 12002 res.sabre.com on ports 30030, 30031, 30032, 30051 access.sabre.com ports 30030, 30031, 30032, 30051 ofepxx.dcs.amrorp.com (xx = 01 through 35) on ports 13001 through 13005 and 12001 Note: All ports mentioned above are TCP and bi-directional

4. The tunnel is created. 5. A request for a Sabre resource (LNIATA) from either the MySabre, Turbo Sabre, or the Sabre Print Module is made. 6. The request for either access.sabre.com or lb1.dcs.amrcorp.com is resolved at the Local Host via the LMHOST/HOST files. 7. The LMHOST/HOST will be responsible for the name resolution of Sabre resources and the Port Forwarder will be responsible for transmitting those requests across port 443 to the VPN servers. 8. All Sabre traffic (emulator and printing) will be managed by the Port Forwarder applet through a socket connection on port 443. Note: This is a SOCKS request and not a HTTPS request. 9. The SSL VPN servers will then forward the request to the resource required and return the response through the VPN tunnel on port 443 to the requesting application. Other considerations for implementing the SSL VPN solution. The installs.sabre.com and the sabrevpn.sabre.com web servers will perform initial installation of the SSL VPN solution. Sun JRE 1.4.2_06 is the current JVM supported by Sabre o Has been tested with Sun JRE 1.5 o Windows 95 or Italian agencies using Sun JRE 1.3.X are required and will be prompted to install the Java Web Start platform. Sabre agents will be required to have the necessary rights to the LMHOST and Host files so that the Port Forwarder applet will be able to append the same files. The Sabre resources will use the local host addresses 127.0.0.1 and above. Windows XP utilizing SP2 will require a Windows Update KB884020 to use the addresses above 127.0.0.1. Windows 98 will require a registry patch found on the my.sabre.com web site installation pages to adjust the number of tcp connections. The Windows default is 100 or 256 and the patch will add a registry key and increase it to 1536. Sessions currently will timeout after 75 minutes of inactivity.

o The VPN client will attempt to re-establish a session automatically but if unable to do so will prompt the user for authentication. o Subject to change based on operational needs and server(s) capacity o Devices configured in SPM have a heartbeat connection when configured for OFEP and will retain a tunnel for longer periods of time until the heartbeat is interrupted. Each workstation or user should use their own Sabre sine-in for authenticating the SVPN client to the VPN servers.

Sabre VPN Client GUI Application The application makes a request to Sabre as normal. Example: access.sabre.com on port 30031 WS TCP/IP Local Host The Local Host resolves access.sabre.com to 127.0.0.1 Mapping were provided by the SSL VPN gateways to the LMHOST/HOST Port Forwarder Port Forwarder listens on the Local Host for Sabre traffic and send it to Sabre on port 443 using a Secure Socket Layer connection Status of the Port Forwarder is provided to the SVPN GUI located in the System Tray WWW Using port 443 does not imply a HTTP connection. The Port Forwarder uses a Socket connection on port 443 to the SSL VPN gateway Sabre Infrastucture SSL VPN Gateway The SSL VPN Gateway forwards the request for access.sabre.com on port 30031 to the Sabre resource Sabre

Additional Notes for Proxy Servers: Note: Sabre VPN does not work with NTLM proxy servers. Currently working with Nortel Networks on resolution. Since SVPN is a Java Web Start Application and makes both HTTPS and Socks connections there are a couple of considerations when using the SVPN with a proxy server. The SVPN Client provides a proxy configuration utility from the VPN icon located in the System Tray. Proxy settings can also be applied at the Java Web Start application but the SVPN settings will take precedence over these settings.

The Java Web Start also offers the ability to use the Browser settings but since the SVPN also makes Socks connections, it would have to be used in conjunction with the SVPN Proxy Configuration settings. Sabre recommends that None be selected in the Java Web Start properties and use the proxy settings provided by the SVPN client. Both the MySabre Emulator and the Sabre VPN solutions are Java based applications and considerations must be made to allow the Java applications and not just Internet Explorer to communicate through proxy or firewall servers.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information