Applies To:

Show Versions Show Versions

Manual: FirePass Server Administrator Guide, version 4.1
Manual

Original Publication Date: 08/29/2013


Table of Contents


Introducing the FirePass Server

The FirePass remote access solution

The FirePass server models

The FirePass server features

Overview of features
FirePass server features

About this guide

Audience

Finding help and technical support resources

Deploying the FirePass Server

Overview of deploying the FirePass server

Summary of tasks for installing and deploying the FirePass server

Configuring a firewall to work with the FirePass server

Overview of the firewall configuration process
About the traffic between a remote user's browser and the FirePass server
About the traffic between the FirePass server and network services
About the traffic between FirePass server and application services
About the traffic between the FirePass server and the Desktop Agent

Understanding name resolution issues for FirePass servers with a private IP address

Installing the FirePass server

Unpacking the FirePass server
Installing the FirePass server in an equipment rack
Connecting the FirePass server to a network and powering up
Performing the initial FirePass IP configuration

Testing network connectivity

Using the Administrative Console to configure the FirePass server

Logging Into the Administrative Console
Changing the superuser password
Installing your license
Displaying a list of current settings and licensed features
Using the Administrative Console to access the Maintenance Console
Logging out of the Administrative Console

Using the Maintenance Console

What's next?

Setting Up FirePass Server Security

Overview of setting up FirePass server security

Working with groups

Creating groups
Deleting groups
Moving users to a different group
Showing a list of all users in a group
Using Windows domain-based group mapping
Using LDAP-based group mapping

Working with user accounts

Manually adding user accounts
Importing user accounts from a Windows domain server
Importing user accounts from an LDAP server
Importing user accounts from a comma or tab delimited text file
Using signup templates to add user accounts
Using NFS user permissions from a UNIX password file
Changing user accounts
Activating, deactivating, or deleting user accounts
Assigning administrative privileges to a user account
Searching for user accounts
Generating a My Desktop client software installation key
Installing My Desktop client software at a user's computer

Setting up FirePass server authentication

Converting to internal database authentication
Setting up RADIUS server authentication
Setting up a RADIUS server to work with the FirePass server
Setting up Windows domain server authentication
Setting up LDAP server authentication
Setting Up VASCO DigiPass authentication

Setting up certificates

Changing the FirePass server name
Generating a server certificate request
Installing or renewing a server certificate
Using client certificates to authenticate a user's computer

Limiting access to the administrative console by IP address

What's next?

Configuring the FirePass Webifyers

Overview of the FirePass Webifyers

Configuring the My Files Webifyer

Defining Network Folder Favorites for the My Files Webifyer
Limiting a group's access to the Network Folder Favorites
Enabling virus scanning and file uploading for the My Files Webifyer
Configuring advanced settings for the My Files Webifyer
Using client certification validation for the My Files Webifyer

Configuring the My NFS Webifyer

Defining favorites for the My NFS Webifyer
Defining NFS shared folders for the My NFS Webifyer
Limiting a group's access to the NFS Favorites
Using client certification validation for the My NFS Webifyer

Configuring the My Intranet Webifyer

Defining intranet favorites for the My Intranet Webifyer
Limiting a group's access to the Intranet Favorites
Using client certification validation for the My Intranet Webifyer

Configuring the My E-mail Webifyer

Configuring an email account
Obtaining each user's email information based on an LDAP query
Disabling email attachment downloads
Obtaining email addresses from an LDAP server
Using client certification validation for the My E-mail Webifyer

Configuring the Terminal Services Webifyer

Configuring screen resolution and Terminal Services Favorites
Limiting a group's access to the Terminal Service Favorites
Using client certification validation for the Terminal Service Webifyer

Configuring the AppTunnels Webifyer

Configuring AppTunnel Favorites
Compressing traffic between the client and the FirePass server
Limiting a group's access to the AppTunnels Favorites
Using client certification validation for the AppTunnels Webifyer

Configuring the Host Access Webifyer

Configuring Host Access Favorites
Displaying active host access sessions
Limiting a group's access to the host access favorites
Using client certification validation for the Host Access Webifyer

Configuring SSL-VPN

Configuring global SSL VPN settings
Configuring global SSL VPN packet filter rules
Configuring global SSL VPN timeout rule
Configuring global SSL VPN client appearance
Configuring the SSL VPN Webifyer for a group
Configuring group packet filter rules
Configuring drive mappings for the SSL VPN Webifyer
Launching applications automatically with the SSL VPN Webifyer
Using client certification validation for the SSL VPN Webifyer

Configuring the My Desktop Webifyer

Configuring the My Desktop server ports
Configuring My Desktop Webifyer for cluster servers
Disabling bridge access to desktops
Using client certification validation for the My Desktop Webifyer
Configuring the Guest Access Webifyer

Configuring the X-Windows Access Webifyer

Configuring X-Windows hosts for remote access

Using client certificate validation for Webifyers

Managing, Monitoring, and Maintaining the FirePass Server

Maintaining the network configuration settings

Configuring IP addresses and subnets
Configuring routing tables and rules
Configuring Domain Name Servers (DNS)
Configuring host names
Configuring services
Configuring Desktop services
Other network settings

Configuring IPSec for the FirePass server

Managing FirePass licenses

Obtaining a license for the first time
Installing your license
Adding capacity or features to your license

Mapping FirePass users to NFS users

Specifying HTTP and SSL proxies

Configuring an SNMP agent

Shutting down and restarting FirePass

Shutting down the FirePass server
Restarting the FirePass server or services
Stopping and starting the bridge

Backing up and restoring the FirePass server

Specifying the email server

Specifying the FirePass administrator's email address

Granting Administrator privileges to other users

Specifying the time, time zone, and NTP server

Configuring client caching and compression settings

Managing log files

Updating the FirePass server's firmware

Adding definitions for other types of browsers

Monitoring the FirePass server

Monitoring the load on a FirePass server
Displaying FirePass server statistics
Capturing network packets to troubleshoot networking problem

Customizing the user's home page

Providing SSH access for Technical Support

Using FirePass Reports

Overview of FirePass server reports

Using the Logon report

Using the My Desktop Activations report

Using the Session report

Using HTTP Log reports

Using the Application Log report

Using the Summary report

Using the Group report

Configuring FirePass Failover Servers and Cluster Servers

Using FirePass failover servers

Installing FirePass failover servers
Configuring the IP addresses for failover servers
Powering up failover servers
Configuring the failover settings
Making a standby server the active server

Using FirePass server clusters

Installing multiple FirePass servers as a cluster
Powering up FirePass server clusters
Configuring FirePass server clusters
Preliminary configuration
Configuring clustered servers
Accessing a slave server's configuration while connected to a master server
Displaying statistics for a FirePass server cluster