Support Gateway Installation

From AVNOC

Gateway Installation

The server is installed using the ISO:

  • Customer Using the ISO - Detailed instructions are available in the documents provided during the discovery phase

These are the only methods available for installation.

Gateway Server Parameters

Once Installed into the customers network the following configuration needs to be done:

  • Give GateWay a Permanent IP
  • Give GateWay Public or Private DNS

Gateway Administration

Gateway001.PNG

The setup is usually delegated to the customers IT department.

They will setup:

  • Connections
  • Users

Connections

Connections are made through one of the following protocols:

  • RDP - Windows Remote Desktop
  • SSH - Encrypted Telnet
  • VNC - Virtual Network Control

The user ids and passwords for the connections are not exposed to the end user. They are proxied by the server so the end user authenticates to the Gateway and the Gateway authenticates to the device

Gateway002.PNG

Add a new Windows RDP Connection

Windows RDP provides desktop access to a device which is designated for exclusive use for working with av gear.

The IT department can set this unit up on their domain either as a virtual or physical device.

The IT department provisions the device with necessary programs and create a user with no admin privileges.

In the end, the user can only run what they are authorized to run.

This eliminates the use of insecure programs which tunnel into the network without IT having knowledge of.

Gateway003.PNG Gateway004.PNG Gateway005.PNG

Connection Fields

Gateway Connection Setup
Field Value Definition
Edit Connection - Name Use a short Name which describes the connection Names like AVPC, AVAGENT are good names for connection
Edit Connection - Location Setup Locations include RDP, SSH, VNC Click on root to expose the locations
Edit Connection - Protocol Available Protocols are VNC, SSH, Telnet, RDP Select the appropriate protocol.
Concurrency Limits - Maximum Number of Connections Concurrenty Limits - Number of connections this connections is allowed to have Leave blank
Maximum Number of connections per User Number of connections a User is allowed to have Leave blank
Parameters - Network - Host Name The IP or dns name of this device Use the IP Address
Parameters - Network - Port Port to be used for connection, RDP 3389, SSH 22, Telnet 21 Select the appropriate protocol
Authentication - Username The user name on the device to be connected to
Authentication - Password The password on the device to be connected to
Authentication - Domain - The domain if any for the device for ldap authentication
Authentication - Security Mode Can be ANY, NLA - Network Level Authentication, RDP - Encryption, TLS - Encryption Leave blank
Authentication - Disable Authentication Check box Do Not Check Leave blank
Authentication - Ignore server certificate Check box Do Not Check Used in combination with Security Mode
Basic Settings - Initial Program Program to run at login Leave blank
Basic Settings - Client name Client name to run the initial program Leave blank
Basic Settings - Keyboard Layout Keyboard Layout Leave blank for US
Basic Settings - Administrator console Specify if this is an administrative console Leave blank
Display - Width Leave blank
Display - Height Leave blank
Display - Resolution (DPI) Leave blank
Display - Color depth Leave blank
Device Redirection - Support audio in console Leave blank
Device Redirection - Disable Audio Leave blank
Device Redirection - Enable printing Leave blank
Device Redirection - Enable drive Leave blank
Device Redirection - Automatically create drive Leave blank
Device Redirection - Static channel names Leave blank
Performance - Enable Wallpaper Leave blank
Performance - Enable Theming Leave blank
Performance - Enable font smoothing Leave blank
Performance - Enable full-window drag Leave blank
Performance - Enable desktop composition (Aero) Leave blank
Performance - Enable menu animations Leave blank
Remote App - Program Leave blank
Remote App - Working directory Leave blank
Remote App - Parameters Leave blank
Preconnection PDU / HyperV - RDP source ID Use only when needed to connect to special connection Leave blank
Preconnection PDU / HyperV - Preconnection BLOB (VM ID) Use only when needed to connect to special connection Leave blank
SFTP - Enable SFTP To enable file transfers a suitable FTP program must be installed on Windows, FileZilla is free. It must be activated at startup. Check this box for file transfers on windows or Linux
SFTP - Host name This is usually the IP address of the device Enter the IP address
SFTP - Port Port SFTP is running on usually 22 Enter the port number
SFTP - Username User name for the remote device Enter the username
SFTP - Password Pass word for the remote device Enter the password
SFTP - Private Key High security authentication Enter the key
SFTP - Passphrase High security authentication Enter the passphrase
SFTP - Default Upload Directory High security authentication Enter the upload directory

For general purposes, the default values are acceptable. For Windows RDP connections a SFTP client must be installed and running on the Windows device

Gateway Users

After connection are created, users can be created and tied to use a connection.

Gateway006.PNG

Click on the user to maintain or add user for a new user

Gateway007.PNG Gateway008.PNG 640px

user Fields

Gateway User Setup
Field Value Definition
Edit User - Name Your name may populate here, give the user a name
Edit User - Password Your password may populate here, give the user a password
Edit User - Re-enter Password Enter the password again
Account Restrictions - Login disabled Check box to disable logon Leave blank
Account Restrictions - Password expired Check box to force password change Leave blank
Account Restrictions - Allow access after Time to start access Leave blank
Account Restrictions - Do not allow access after Time to stop access Leave blank
Account Restrictions - Enable account after Day to enable the account Leave blank
Account Restrictions - Disable account after Date to disable the account
Account Restrictions - User time zone Time zone of the user
Permissions - Administer system Assign only to Administrators
Permissions - Create new users Assign only to Administrators
Permissions - Create new connections Assign only to Administrators
Permissions - Create new connection groups Assign only to Administrators
Permissions - Change own password Use with caution
Connections Assign a user to connections