Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module



Similar documents
Collax Web Security. Howto. This howto describes the setup of a Web proxy server as Web content filter.

Clientless SSL VPN Users

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

App Orchestration 2.0

Network Configuration Settings

SSL SSL VPN

Campus VPN. Version 1.0 September 22, 2008

Accessing the Media General SSL VPN

A Guide to New Features in Propalms OneGate 4.0

Citrix Access on SonicWALL SSL VPN

Hosted Microsoft Exchange Client Setup & Guide Book

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

Collax Active Directory

Hosted Microsoft Exchange Client Setup & Guide Book

Configuring Global Protect SSL VPN with a user-defined port

Get Success in Passing Your Certification Exam at first attempt!

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Clientless SSL VPN End User Set-up

Dell SonicWALL SRA 7.5 Citrix Access

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Novell Access Manager SSL Virtual Private Network

Chapter 6 Virtual Private Networking Using SSL Connections

INTRODUCTION... 2 Windows Windows Mac OS X Ubuntu Advanced routing Windows Mac OS X Ubuntu...

SCENARIO EXAMPLE. Case study of an implementation of Swiss SafeLab M.ID with Citrix. Redundancy and Scalability

Introduction to Mobile Access Gateway Installation

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Citrix StoreFront 2.0

If you have questions or find errors in the guide, please, contact us under the following address:

Remote Monitoring and Control of the R&S FSV with a Web Browser

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

How To Understand The Architecture Of An Ulteo Virtual Desktop Server Farm

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Step-by-Step Configuration

White Paper. Installation and Configuration of Fabasoft Folio IMAP Service. Fabasoft Folio 2015 Update Rollup 3

2X ApplicationServer & LoadBalancer Manual

Connecting an Android to a FortiGate with SSL VPN

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

Owner of the content within this article is Written by Marc Grote

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

Remote Monitoring and Control of the R&S FSL with a Web Browser

Using WebVPN (webvpn.childrens.harvard.edu) to access shared and P drives, access , and use Remote Desktop

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

DEPLOYMENT GUIDE. Deploying the BIG-IP LTM v9.x with Microsoft Windows Server 2008 Terminal Services

1. Accessing the LONZA network from a private PC or Internet Café

Configuring SonicWALL TSA on Citrix and Terminal Services Servers

visionapp Remote Desktop (vrd)

Use Enterprise SSO as the Credential Server for Protected Sites

How to Setup PPTP VPN Between a Windows PPTP Client and the DIR-130.

Security. TestOut Modules

Collax Archive

Securing Citrix with SSL VPN Technology

SSL VPN Server Guide. Access Manager 3.2 SP2. June 2013

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

What s New in Juniper s SSL VPN Version 6.0

SSL VPN Portal Options

2X ApplicationServer & LoadBalancer Manual

Sophos UTM. Remote Access via SSL. Configuring UTM and Client

Configuring Single Sign-on for WebVPN

App Orchestration 2.5

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

Setup Corporate (Microsoft Exchange) . This tutorial will walk you through the steps of setting up your corporate account.

SSL Web Proxy. Generally to access an internal web server which is behind a NAT router, you have the following two methods:

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Training module 2 Installing VMware View

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

Device Log Export ENGLISH

NetMan Desktop Manager 4.5

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

Set up a Home Secure Global Desktop Enterprise Edition Remote Access Server

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH MICROSOFT WINDOWS SERVER 2008 TERMINAL SERVICES

F-Secure Messaging Security Gateway. Deployment Guide

Sophos Mobile Control Technical guide

Interwise Connect. Working with Reverse Proxy Version 7.x

Payment Card Industry and Citrix XenApp and XenDesktop Deployment Scenarios

Preparing for GO!Enterprise MDM On-Demand Service

Defender EAP Agent Installation and Configuration Guide

Administrator Guide. v 11

2X ApplicationServer & LoadBalancer Manual

Immotec Systems, Inc. SQL Server 2005 Installation Document

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

icrosoft TMG Replacement with NetScaler

MadCap Software. Upgrading Guide. Pulse

Deploying NetScaler Gateway in ICA Proxy Mode

Connecting to the FILTER Virtual Private Network (VPN)

Connecting to Delta College Exchange services off-campus

Lepide Active Directory Self Service. Installation Guide. Lepide Active Directory Self Service Tool. Lepide Software Private Limited Page 1

SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide

NETASQ SSO Agent Installation and deployment

Investment Management System. Connectivity Guide. IMS Connectivity Guide Page 1 of 11

Note that if at any time during the setup process you are asked to login, click either Cancel or Work Offline depending upon the prompt.

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

visionapp Remote Desktop 2010 (vrd 2010)

Configuring Outlook for Windows to use your Exchange

Remote Administration

Transcription:

Collax SSL VPN Howto This howto describes the easy configuration of a Collax server as SSL VPN gateway in order to enable external access to selected applications in the company network. Except for a common browser, this does not require any client (client-less use). Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module Browser with SSL and Java (available on most computers and many mobile devices) Background External access to various Web applications is often impossible. These are either not encrypted in the company network, or no provisions have been made for access from the Internet. These applications can now be made available for external access with encryption and without any customization. The integration of SSL VPN facilitates the support of such applications, such as Outlook Web Access, on external workstations. Based on SSL, it is also possible to use all applications whose protocols use only one port. For example, this enables full, decentralized access to mail programs. With its SSL VPN solution, Collax also provides agents for the use of terminal services. In this way, the Microsoft Remote Desktop Protocol (RDP) as well as Citrix ICA client connections or the open Virtual Network Computing (VNC) can be supported. These agents are automatically started as Java applets. Thus, no VPN client and no terminal client need to be installed. Users and Groups Create a separate permission group and a user for the access to SSL applications. These dialogs are located under "System Usage Policy Policies Groups" and "Policies Users". Specify the "Internet" and additionally the "LocalNet" (for tests) in order to enable client access from this network. The "Internet" must be specified in order to enable access by clients from the Internet. Networks of the newly created group "sslusergroup" and the user "ssluser": User Page Later on, the access to the resources will take place over the user page via HTTPS. To enable the access, designate a server certificate for the Web server and assign the permissions for the "Access to user page (HTTPS)". This dialog is located under "Services File Export Services Web Server". 2014 Collax GmbH Status: Final Version: 5.8 Date: October 28, 2014

The previously created group can be edited directly and the permission can be set in the "Permissions" section under "System Usage Policy Policies Group". SSL VPN Resources Four different variants are available as SSL VPN resources: Applets with special user interface Reverse proxy for Web forwards Tunneled Web forwards SSL tunnel for connections with the native application Applications For remote access to internal hosts, the respective applications can be set up in this dialog and be made available to the desired groups by way of the user page. The supported protocols include Remote Desktop, VNC, and Citrix ICA. This dialog is located under "Services Infrastructure SSL VPN Applications". Collax SSL VPN Howto 2/5

Application You can select the desired application from this list. Remote Desktop connections, VNC connections, and Citrix ICA Client connections are available for selection. Destination host The selected application connects to a destination host. Specify the IP address or host name of the destination host. Destination port If the service of the destination host is tied to a specific port, this destination port must be specified here. If the service of the destination host runs on the default port of the application, this field can be left blank. Enable SSO The setting takes over the user of the Web interface for authenticating the application. Domain If a domain login (Active Directory or NT domain) is to take place, the domain can be specified here. If the option "Enable SSO" is not set, the login and password for the connection can be specified manually. Alternatively, you can leave the login and password blank; in this case, the authentication query will take place after the establishment of the connection. For an optimum window display, various resolutions can be selected for the particular application. If the application is started in full-screen mode, this mode can be terminated by pressing Alt+Enter. Additional options can be configured in the "Native Options" tab. Finally, select the group whose users are to be granted authorized access to the application. Web Forwards and Reverse Proxy Web forwards enable encrypted access to Web-based applications. By way of the reverse proxy, the data addressed to the destination URL are rewritten by the Collax server. No Java applet is required here. These dialogs are located under "Services Infrastructure SSL VPN Web Forwards" and "Services Infrastructure SSL VPN Reverse Proxy". Collax SSL VPN Howto 3/5

By means of the permissions, they are made available to the desired groups by way of the user page. SSL Tunnel By defining an SSL tunnel, the Collax server can tunnel any service port from the local host to a destination host and destination port. Once the SSL tunnel has been established, the destination application can be addressed from the local host with "localhost:destination-port". This dialog is located under "Services Infrastructure SSL VPN SSL Tunnel". Local port Specify the desired local network port here. Specify a destination port in the range from 1 to 65535. To avoid possible conflicts with local services, we recommend selecting a port in the range from 1024 to 65535. Collax SSL VPN Howto 4/5

Destination host In this field, specify the IP address or host name of the desired destination host. Destination port In this field, specify the service port to be reached on the destination host. Specify a destination port in the range from 1 to 65535. The reachability of this service port and the authentication with this service depend on the settings on the destination host. By means of the permissions, it is made available to the desired groups by way of the user page. In this way, the access is tunneled to an internal SSH server on the local port 10022. Thus, a connection to the destination server is possible via an SSH client by specifying the server 127.0.0.1 (localhost) and port 10022. Use via the Web Interface After entering https://ip-of-the-collax-server in the browser window, a login dialog will open up for the user page. Following the successful login, the user can access his SSL VPN resources. Collax SSL VPN Howto 5/5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information