Internet Remote Access
FirePass SSL VPN
Remote access to select Central Washington Hospital (CWH) information systems is available for hospital workers. Using a Web browser (Internet Explorer, Firefox, or Safari) on a Windows or Mac computer, go to http://access.cwhs.com.
Note: Although the VPN will operate over a dialup modem, acceptable performance may
require broadband connectivity.
Overview
By browsing to http://access.cwhs.com, you’ll see the logon screen shown below. Enter your
Windows account (e.g., AB1234) for the username, your personal password, and then click the Logon button.
Figure 1: FirePass SSL VPN Logon Screen
If you fail to logon three times, your account will become locked out for 30 minutes. If you continue attempting to logon during this timeframe, your FirePass account will become disabled and require a manual reset by Information Technology staff.
After successfully logging on, your screen will look similar to the one below. The navigation bar can be used to return to your home screen.
Figure 2: FirePass Home Page View
All CWH workers have access to the hospital’s Outlook Web Access email system using the “Web Email Access” link. With the exception of Outlook personal folders, you have full access to your email inbox, calendar, contacts, etc. (See the Terminal Servers section below for a solution to access personal Outlook folders.)
The FirePass VPN gateway terminates inactive connections after 30 minutes. Before the session ends, a warning message appears and counts down from 60 seconds with the option to continue. To properly exit the remote access connection, click Logout in the upper right corner of your home screen as shown in Figure 2.
Resource Categories
As shown above in Figure 2, FirePass displays resources in five categories: Network Access (not shown), Web Applications, Windows Files, Legacy Hosts, and Terminal Servers. These categories contain links for different resources, which display based on your role at the hospital.
Navigation bar
Web Applications
The Web Applications category is for hospital intranet applications such as Outlook Web Access, Emed, iCentral, TimePC, ReportXpress, Quantitative Sentinel, Concerto, etc. Your access to these resources is based on your role at the hospital.
Legacy Hosts
The Legacy Hosts category provides access to HBOC and Infinium programs on the AS/400. Caution: Printing using Legacy Hosts is not recommended since the print job is only saved to a print queue and then requires the Help Desk to redirect the print job.
Terminal Servers
Terminal Servers provides one of the most exciting features of FirePass. The default entry “Termsvr1” connects to the server that the hospital’s “thin clients” use and provides access to the Microsoft Office suite and other programs.
You can also edit the list of terminal servers to provide remote access to a specific CWH computer running Windows XP. This is useful for staff with a dedicated computer since it provides access to all programs on their workstation including email with personal folders. Since Windows XP allows only one person to use the computer at a given time, this feature is limited to dedicated computers. When you remotely access your workstation, your computer monitor at the hospital shows the Windows logon screen displaying “Computer Locked: The computer is in use and has been locked.”
To configure FirePass to connect to your dedicated workstation do the following: 1. Logon to FirePass.
2. Click the “Terminal Servers” link as shown below.
3. Click the “edit” link to the right of “Favorites.”
4. Click the “Create new favorite” link.
Click Terminal Servers
Click “edit”
5. Complete the required fields below (the other fields are not necessary): a. Name: Enter “My Desktop”
b. Host: Enter your workstation’s name (e.g., DP999PC). To identify this: i. Click the Windows Start button.
ii. Right-click “My Computer” and choose Properties. iii. Click the “Computer Name” tab.
iv. See the “Full computer name” field.
c. Port/Type: Select “Microsoft Terminal Server” from the drop-down list. d. Window Type: Select “New browser window” from the drop-down list. e. Color Depth: Select “High Color (16 bit)” from the drop-down list to greatly
improve the screen colors and icons over the “256 Colors (Default)” setting. f. Screen resolution: Select “Full screen” (you can change this later if you prefer.) 6. Click the Add button.
7. Click “Custom favorites before corporate ones” to list your workstation first in the Terminal Servers section.
8. Last, click the “Home” link to return to the main FirePass page.
This will create a new link called My Desktop in the Terminal Servers section.
When you’re working remotely, click the My Desktop link to connect to your work computer. When you are finished using your work computer, click the Start button and choose Disconnect. Note: If your computer is later replaced, you will need to edit the My Desktop link to update the new computer name. You can do this by clicking the Terminal Servers link, clicking “edit,” and then clicking the icon to the right of My Desktop. Make the appropriate change to the Host entry and click Update.
Note: The first time you remotely access to your work computer with FirePass, you’ll be prompted to install a file (InstallerControl.cab from F5 Networks).
Windows Files
The Windows Files section provides access to the contents of network shares such as your Home Directory (H: Drive) and the Shared Drive (S: Drive). To access your home directory, please click the appropriate home directory link for your work location—CWH main campus, Dialysis, or Wenatchee Orthopedics.
To download a file to your computer, select the file, then right-click the “Load into browser” link and choose “Save Target As” as shown below.
WARNING: It is against CWH policy to download protected health information (PHI) to a non-CWH computer.
First, click “Custom favorites before corporate ones”
To upload a file to your Home Directory or the Shared Drive, browse to the folder where you want to store the file using the links under Windows Files. Then click the Browse button to locate the file on your local computer. Finally click the Upload File link.
You can also rename or delete files in your Home Directory or the Shared Drive. Simply browse to the file using the links and choose delete or rename as appropriate.
Network Access
In the Network Access section, the Central link provides full network connectivity, effectively extending the hospital’s network to include your remote computer. This capability provides an increased risk to network security and should be used sparingly—never from an untrusted
computer (e.g., friend’s computer, airport kiosk, tradeshow kiosk, etc.). It downloads connection software on the fly and requires administrative rights on the computer for the installation.
Figure 3: Full Network Access
The VPN connection automatically minimizes to the taskbar. When you are finished with full connectivity click the FirePass Network Access application on the taskbar and then click close.