Tag: access
Citrix Access Gateway: duplicate STA ID
I received complains from a customers who wasn’t able to add two new Citrix servers to his Citrix Access Gateway configuration. He could successfully add the first Citrix server, but he couldn’t add the second Citrix server, because the first was overwritten by the second. I looked at the problem and noticed that both Citrix … Read More
Configuration Example, Security
Configure VPN client on IOS router
One way to remotely access a network is using the Cisco VPN client. Nowadays more and more implementations of SSL VPN are being done and Cisco stopped their development on their VPN client and pushes their Cisco AnyConnect client. Still the Cisco VPN client is often used to remotely gain access to a network. The … Read More
Juniper SA & Terminal Server with Novell Client SSO
Normally configuring SSO on a Terminal Server in conjunction with a Juniper SA isn’t that hard. On the Juniper you pass the user credentials to the Terminal Server. On a normal Terminal Server you have to check the following: Disable Always prompt for password under: Terminal Services Configuration –> Connections –> Properties of RDP-tcp –> … Read More
VPN Filtering through Group Policy
When configuring a Remote Access VPN or a Site to Site VPN connection you have the ability to filter traffic entering and leaving the VPN connection. You have the ability to enable inbound IPsec sessions to bypass interface access lists. Group policy and per-user authorization access lists still apply to the traffic. The sysopt connection … Read More
Microsoft Outlook through Citrix Access Gateway SSL IP VPN
One of our customers wants you use their locally installed Microsoft Outlook through a Citrix Access Gateway (CAG). Sales people from that customer travel through the country and use the Outlook offline to read or prepare e-mail to send later. These people use UMTS technology to connect their laptops to the Internet. The customers wants … Read More
Configuration Example, Routing
HSRP and ACL’s
I added a Guest VLAN to a network environment with two multi layer switches running HSRP. To secure the internal network from the Guest VLAN, I added a ACL to the Guest VLAN SVI. The ACL is stated below: ip access-list extended GUEST-DENY-RFC1918 remark Allow DHCP permit udp any eq bootpc any remark Deny RFC … Read More