Applies To:

Show Versions Show Versions

Manual Chapter: FirePass 5.2.2 Handbook: Using Macintosh or Linux Clients
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>


Using Macintosh or Linux Clients

Overview of using Macintosh and Linux clients with FirePass 600 controller

The FirePass 600 controller includes Network Access support for remote Macintosh® and Linux® clients, making the FirePass 600 controller a good option for secure remote access in mixed-platform environments. You do not need to preinstall or preconfigure any client software when using the FirePass 600 controller with Macintosh and Linux systems.

Supported Network Access features

All the primary Network Access features are supported on Macintosh and Linux clients. For more information about Network Access and configuring Network Access features, see Chapter 5, Configuring Network Access.

Features supported on Macintosh and Linux clients include:

  • Secure remote access to your internal network, with support for IP-based applications (TCP and UDP).

  • Split tunneling, so only network traffic you specify goes through the Network Access connection.

  • Packet-based, group-based firewalls, giving you the ability to restrict groups of users to specific addresses, ranges of addresses, and ports.

  • Compression, to reduce the amount of traffic passing between the remote client and your internal network.

  • Application launching.
    You need to configure the starting of remote client applications based on the operating system on the remote computers. All other features can be configured independent of the remote client operating systems. For details, see Configuring the starting of applications on Macintosh or Linux clients.

Supported Linux platforms

The FirePass 600 controller has been tested with the following Linux platforms:

  • Red Hat®

  • Debian®

  • Mandrake®

  • SuSE®

  • TurboLinux®

Configuring the starting of applications on Macintosh or Linux clients

The launch application feature specifies a client application that starts when the client begins a Network Access session. Use this feature when you have remote clients who will routinely use Network Access to connect to an application server like a mail server.


Because starting an application requires operating system-specific parameters, you must configure it for a group that consists of only one type of computer operating system. For example, you might create a group of your remote Linux users called Linux-1.


To configure the start of applications for Macintosh and Linux clients
  1. On the navigation pane, click Network Access.
    The Resources screen displays.

  2. Click the Launch Application tab near the top of the screen to open the Launch Applications screen.

  3. In the App Path box, type the path of the application.
    For example, on a Macintosh:

  4. open $Home/Applications/

  5. In the Parameters box, type any parameters you want to include.

  6. Select the remote computer operating system from the OS list.

  7. To post a confirmation message before the launch occurs, check the Display message box before launching applications box, or leave the box cleared to have applications launch without intervention.

  8. Click Add to add the application.

  9. When remote users make a Network Access connection, the application you configured starts automatically. For more information on configuring Network Access options, see Configuring Network Access settings.

Client installation on Linux systems

The first time a remote user starts Network Access, a client component is downloaded from the FirePass 600 controller. This client component is designed to be self-installing and self-configuring, but the user's browser must be Java-enabled.

If the browser does not support JavaTM, the user is asked to download an installation script from the controller.

The remote Linux user must have superuser authority, or must be able to supply an administrative password in order to successfully install the Network Access client.

Linux systems must also include PPP support (this is most often the case). When the user runs the Network Access client and makes a connection for the first time, the client detects the presence of pppd (the point-to-point daemon), and determines whether the user has the necessary permissions to run it. If pppd is not present, or if the user does not have permissions needed to run the daemon, the connection fails.

Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?

NOTE: Please do not provide personal information.

Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)