• No results found

Using the FDO Remote Access Portal

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Using the FDO Remote Access Portal"

Copied!
11
0
0

Loading.... (view fulltext now)

Download now ( 11 Page )

Full text

(1)

Using the FDO Remote Access Portal

Introduction

The ODS NITOAD Branch has implemented a Juniper Networks secure sockets layer (SSL) virtual private network (VPN) solution at the national gateways to provide a means of secure remote access by FDO users. The Juniper device provides an SSL portal which can be used to securely access DWAN resources from anywhere on the Internet using the most popular browsers and without the need to pre-load a client software program. The device also provides a traditionally installed SSL VPN client called Network Connect for network remote access.

Requirements

• VPN access privileges (contact your CSA to request VPN access privileges)

• Computer running Windows XP/Vista/7, 32 or 64 bit versions (The SSL VPN works with MacOS and Linux, however no national support for Mac or Linux users is available)

• Java Virtual Machine installed on the computer • A web browser (IE and Firefox have been tested)

• Administrative user privilege (* Required for the Network Connect feature only)

• Note: Other operating systems and browsers, as well as PDAs, may work but have not been tested and cannot be supported at the national level due to the many combinations available for use.

Timeout Settings

Timeout values are set for the SSL VPN for security purposes. If no traffic passes over the SSL VPN connection for 30 minutes, the SSL VPN session will automatically end (idle timeout). In addition, the maximum amount of time allowed for any single SSL VPN session is 10 hours (max session length). You will receive a warning 5 minutes prior to being automatically logged out by the system. The warning pop up window may be masked by other application windows you are running.

Connecting to the FDO Remote Access Portal

Note: The following instructions were written for the Internet Explorer browser. Steps 1 and 2 need only be performed once. Subsequent connections can begin with step 3. If steps 1 and 2 were completed for the Cisco SSL VPN client, then there is no need to repeat them.

1. Add the site “https://*.fd.org” as a trusted site in Internet Explorer:

• Go to Tools | Internet Options | Trusted Sites. The Internet Options window opens. • Click the Security tab.

(2)

• Click the Sites button. The Trusted Sites window opens. • Enter the host name “https://*.fd.org”.

• Click the Add button.

• Click the OK button. The Trusted Sites window closes. • Click the OK button in the Internet Options window.

2. Add the FDO root CA certificate to the Windows certificate store:

• Open your browser and go to “http://fdoca.fd.org”. This URL is accessible whether you are

(3)

• Click on the following link: “Click this link to install the Federal Defender Organizations Root Certificate”.

(4)

• The Certificate window will open. Click the “Install Certificate” button on this window.

(5)

• The Certificate Import Wizard will open.

• Click the option to “Place all certificates in the following store”. • Click the “Browse…” button to select the certificate store

• Select the “Trusted Root Certification Authorities”

(6)

• Click the “Next” button on the Certificate Import Wizard

(7)

• A “Security Warning” window will pop up asking if you want to install the certificate

• Click “Yes” on the Security Warning window

• You should receive a message that the certificate was successfully installed.

• Click “OK” to close the Certificate window. • Close the browser session for the http://fdoca.fd.org.

3. Connect to the FDO Juniper SSL VPN to establish the SSL VPN session.

• Note: VPN connections must be made from a computer that is connected to the Internet

external to the DWAN (such as a home, hotel, or other public Internet connection).

• Open your web browser and go to one of the following addresses: https://vpneast.fd.org

https://vpnwest.fd.org

Note: If you use http:// you will be redirected to the secure https:// address.

(8)

• Enter your user credentials at the sign in page of the FDO Remote Access Portal.

(9)

• Notice the browser message bar asking to install the “JuniperSetupClient.cab” add-on.

• Click on the bar and choose the option to install the add-on.

4. Signing out of the FDO Remote Access Portal session when you are finished.

• The Remote Access Portal toolbar will be displayed in the SSL Portal window while you are logged in. When you are finished using the Remote Access Portal session, it is important to sign out of your session. Sign out of the session by clicking the “Sign Out” icon on the toolbar. Simply closing the browser window will not disconnect the SSL VPN client portal session.

• If you fail to sign out properly, you might receive the following warning the next time you sign on that there is already another user session in progress. Simply click on the “Continue the Session” button if this occurs.

Using to the FDO Remote Access Portal

Seeing the FDO Remote Access Portal Home Screen means you have successfully connected to the DWAN. The Home button in the portal toolbar will always take you back to the home screen. From this screen, you can access most DWAN web servers and web-enabled applications. These can be reached by using the blank address bar under the ‘Home’ icon and clicking on the “Browse” button to select the location of your choice.

(10)

Several important sites have already been bookmarked for you including Lotus Notes iNotes webmail and Lotus Notes Sametime. More sites may be automatically bookmarked in the future. Simply click on these bookmarks to access these applications securely through the portal. You can add additional personal bookmarks once you have browsed to those web pages or servers. The Juniper SSL VPN is optimized for web applications and services. Therefore, some applications and programs might not work well from this page. The Network Connect feature can be used for applications requiring more complex resources.

Network Connect

The Network Connect feature of the FDO Juniper Remote Access Portal will dynamically download and install a small traditional SSL VPN client on your computer. This client works like the Cisco SSL VPN client that the FDO used previously. Since the Network Connect feature will install and run software external to the SSL browser portal, the user must have administrative privileges on the client machine to use Network Connect. You may need to click through (accept) some warning boxes that pop up. It is safe to agree to these. The next time you use the SSL VPN from the same computer, the process will go much quicker since nothing additional will need to be installed.

When the Network Connect service is connected, you should also see a small blinking icon on the system tray in the lower right hand side of your screen. This is the network icon indicating that you are using Network Connect.

Once connected via Network Connect, you will be assigned an IP address. You should be able to access and use most DWAN resources and run client software as you did with the Cisco VPN client. When you are done using the SSL VPN, you should sign out. You can do this by right clicking on the icon in the system tray and choosing “Sign Out” from the pop-up menu. There is also a “Sign Out” tab on the far right side of the browser bar.

(11)

MacOS and Linux Connections

The same basic concepts should work on MacOS X and Linux desktops. Both require a

References

Download now ( PDF - 11 Page - 773.90 KB )

Related documents

Low Power Vlsi

currents is minimized by matching the rise/fall times of the input and output signals. • Glitching makes power to dissipate so it is reduced by

Medicine Shelf Stuff

○ If BP elevated, think primary aldosteronism, Cushing’s, renal artery stenosis, ○ If BP normal, think hypomagnesemia, severe hypoK, Bartter’s, NaHCO3,

Vulnerability in the context of risk: effortful control and maternal depression

concurrent symptoms of child anxiety. Likewise, children’s depression symptoms at 5 year were positively correlated with concurrent child anxiety. Moreover, children’s

The Annual ICES Ocean Climate Status Summary 2000/2001

Off eastern Newfoundland, the depth-averaged ocean temperature ranged from a record low during 1991 (high NAO index in preceding winter), a near record high in 1996 (following

Confucianism and ritual

We have, for example, instruction manuals listing codes of conduct (e.g. what to wear and say on ritual occasions, what emotions to convey) alongside treatises explaining the

Mobile Access Software Blade

Check Point Mobile Check Point Mobile VPN SSL VPN Portal Mobile Access Software Blade on a Check Point Gateway.. SSL VPN Portal From Any

Using the My HUgo Portal

On this page you can login to My HUgo, plus find resources such as training, password change/unlock utilities, and contact information for our Helpdesk.. What is my username

SSL VPN User Guide Version 10

This feature comprises of an SSL daemon running on the Cyberoam unit and an SSL VPN Portal which provides users with access to network resources behind Cyberoam and