After the Security Proxy is installed, configured, and started, import the Security Proxy settings to the Administrative Server.
-
In the Administrative Console, open > .
-
Click .
-
Enter the of the computer on which you installed the Security Proxy Server.
NOTE:
-
The Security Proxy Server must be running when you import the settings.
-
The name you enter must match the common name on the security proxy certificate if client verification of server identity is enabled (the default setting).
The Administrative Server verifies the security proxy server identity by comparing the common name on the proxy certificate to the name of the server itself. If the names do not match—for instance, you enter servername and the server certificate common name is servername.example.com—you may be able to import the certificate, but session connections through the proxy will fail when the client attempts to verify the server identity.
-
The Security Proxy server must trust the Administrative Server certificate. (See Preliminary Steps.)
-
Enter the . You can check the Security Proxy Monitor port number in the Security Proxy Wizard ().
-
Enter a name that clients would recognize. If a single proxy server name is always used, leave this field blank.
In some cases, clients may need to access the security proxy using a different name than the one used to import the security proxy settings. For example, as administrator, your computer may access the Security Proxy through an internal network, but your end users may access the Security Proxy from outside the firewall and use a different proxy name. In this case, enter the name that the clients use in this field.
When both names are entered, the Administrative Server uses the first name to contact the Security Proxy and import its settings and certificate, and then displays the second name in the table on the panel and in the Terminal Session tool. Emulator sessions use the second name to contact the proxy.If any end users contact the Security Proxy using both proxy names, import the Security Proxy settings twice, and define separate sessions for each proxy name.
-
Click . After the Security Proxy settings are imported, the Security Proxy server is listed in the table with its details:
- Server name: The name of the server on which the security proxy is installed.
- Authorization: The status of client authorization on this server. Authorization is enabled by default.
- Monitor Port: The port on which the Security Proxy listens for incoming communication. Used when the Administrative Server contacts the proxy to get report information or to import the security settings. Usually 8080.
- Proxy Port: The port the emulator uses to open a secure connection to the Security Proxy.
- Supported Protocols: The protocols that are available on the Security Proxy. Each proxy can support emulation and/or FTP. or the Passthrough proxy (no TLS handshake, client/server authentication, or encryption).
- Destination: When client authorization is turned off, each Security Proxy port connects to one host. Set the destination host for this proxy port in the Security Proxy Wizard. When client authorization is on, one port can connect to multiple hosts.
- Friendly Name: The name of the server certificate used for this Security Proxy setting.
- Cipher Suite: The encryption algorithm used for this proxy port.
-
When you use the to set up or change a Security Proxy, you can export information and certificates directly to the Administrative Server over an HTTP connection. This information is not encrypted.
To use the automatic export in the Security Proxy Wizard, you must check this box.
IMPORTANT:
-
If you change settings on the Security Proxy, you must re-import them to the Management and Security Server.
-
When you upgrade, open the , review the status of your Security Proxy servers, and click Save. This action synchronizes the Security Proxy server with the Management and Security Server.
Create and assign secure sessions
