AG GettingStarted

8/13/2019 AG GettingStarted

1/34

CitrixAccess Gateway4.2

325-1622

Getting Started with Citrix Access Gateway.

8/13/2019 AG GettingStarted

2/34

Copyright and Trademark Notice

Use of the product documented in this guide is subject to your prior acceptance of the End User License Agreement. A printable

copy of the End User License Agreement is included on your product CD-ROM.

Information in this document is subject to change without notice. Companies, names, and data used in examples herein are

fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means,

electronic or mechanical, for any purpose, without the express written permission of Citrix Systems, Inc.

2005 Citrix Systems, Inc. All rights reserved.

Citrix, ICA (Independent Computing Architecture), MetaFrame, MetaFrame XP, and Program Neighborhood are registered

trademarks, and SpeedScreen and Access Gateway are trademarks of Citrix Systems, Inc. in the United States and other

countries.

RSA Encryption 1996-1997 RSA Security Inc., All Rights Reserved.

This product includes software developed by The Apache Software Foundation (http://www.apache.org/)

Win32 Client: Portions of this software are based on code owned and copyrighted by O'Reilly Media, Inc. 1998. (CJKV

Information Processing, by Ken Lunde. ISBN: 1565922247.) All rights reserved.

Licensing: Portions of this documentation that relate to Globetrotter, Macrovision, and FLEXlm are copyright 2005

Macrovision Corporation. All rights reserved.

Trademark Acknowledgements

Adobe, Acrobat, and PostScript are trademarks or registered trademarks of Adobe Systems Incorporated in the U.S. and/or

other countries.

Apple, LaserWriter, Mac, Macintosh, Mac OS, and Power Mac are registered trademarks or trademarks of Apple Computer Inc.

Java, Sun, and SunOS are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries.

Solaris is a registered trademark of Sun Microsystems, Inc. Sun Microsystems, Inc has not tested or approved this product.

Portions of this software are based in part on the work of the Independent JPEG Group.

Portions of this software contain imaging code owned and copyrighted by Pegasus Imaging Corporation, Tampa, FL. All rightsreserved.

Microsoft, MS-DOS, Windows, Windows Media, Windows Server, Windows NT, Win32, Outlook, ActiveX, Active Directory,

and DirectShow are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other

countries.

UNIX is a registered trademark of The Open Group.

Licensing: Globetrotter, Macrovision, and FLEXlm are trademarks and/or registered trademarks of Macrovision Corporation.

All other trademarks and registered trademarks are the property of their respective owners.

Document Code: September 8, 2005 (KW)

8/13/2019 AG GettingStarted

3/34

CONTENTS

Contents

Chapter 1 Introduction

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5

New Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5

Integration with Advanced Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5

Double Source Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6

Getting Service and Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6

Subscription Advantage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Knowledge Center Watches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Education and Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Related Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

Chapter 2 Installing the Access Gateway

Preparing for Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10Materials and Information Needed for Installation. . . . . . . . . . . . . . . . . . . . . . .10

Setting Up the Access Gateway Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

Using the Access Gateway Administration Portal . . . . . . . . . . . . . . . . . . . . . . .13

ActiveX Helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14

Using the Access Gateway Administration Tool . . . . . . . . . . . . . . . . . . . . . . . .14

Configuring the Access Gateway for Your Network . . . . . . . . . . . . . . . . . . . . .15

Installing Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

Testing Your Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19

Access Gateway Configuration Using Advanced Access Control . . . . . . . . . . . . .20

Third-Party Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Chapter 3 Access Gateway Rack Mounting Kit

Separating the Rail Sections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Connecting the Chassis Rails to the Access Gateway . . . . . . . . . . . . . . . . . . . . . . .24

Connecting the Rack Rails to the Rack. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25

8/13/2019 AG GettingStarted

4/34

4 Getting Started with Citrix Access Gateway

Installing the Access Gateway in a Four-Post Rack . . . . . . . . . . . . . . . . . . . . . . . .25

Installing the Access Gateway in a Two-Post Rack. . . . . . . . . . . . . . . . . . . . . . . . .26

Chapter 4 Specifications and BIOS Self-Test Messages

Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

BIOS Self-Test Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

8/13/2019 AG GettingStarted

5/34

CHAPTER1

Introduction

This chapter describes who should read Getting Started with Access Gateway,

new features, and related documentation.

Before installing the Access Gateway, review theAccess Gateway Pre-Installation Checklist.The checklist provides a single place to record the

necessary information for successfully setting up the Access Gateway.

AudienceThis guide is intended for service technicians who install the Access Gateway and

for administrators who need to troubleshoot the Access Gateway hardware.

New FeaturesThe following is a brief description of the new features in Access Gateway 4.2.

For details about configuring these options, see theAccess Gateway

Administrators Guide.

Integration with Advanced Access ControlAdvanced Access Control provides secure, single-point access to any enterprise

resource, including email, applications, network file services, Internet and

intranet sites, and documents. Protect your corporate resources while providing

secure access, consistent presentation, and easy navigation for mobile users who

may be connecting from anywhere. You can create and integrate policies to tailor

access to different scenarios, such as providing differentiated levels of trust or

permissions based on the identification of a corporate device or a security scan ofthe client device.

8/13/2019 AG GettingStarted

6/34

6 Getting Started with Citrix Access Gateway

Advanced Access Control:

Ensures that connections to your network and resources are safe, trusted,and secure

Add granularity to policy-based access control

Allows you to set differing levels of access permission based on evidence

you gather about the connecting client device

Allows users to connect to Advanced Access Control using the Secure

Access Client

Allows fallback to secure clientless access if the client device fails logon

requirements

When Advanced Access Control is added to your network, you can configure theAccess Gateway using the Access Suite Console. For more information, see

Access Gateway Configuration Using Advanced Access Control on page 20or

theAccess Gateway with Advanced Access Control Administrators Guide.

Double Source AuthenticationThe Access Gateway now supports double source authentication. You can use any

combination of authentication, such as LDAP and RADIUS or RSA SecurID and

LDAP. Double-source authentication provides greater security for your network.

When users connect to the Access Gateway using either a Web browser or Secure

Access Client, users type their user name and the passwords for each

authentication type.

Getting Service and SupportCitrix provides technical support primarily through the Citrix Solutions Network

(CSN). Our CSN partners are trained and authorized to provide a high level ofsupport to our customers. Contact your supplier for first-line support or check foryour nearest CSN partner at http://www.citrix.com/support/.

In addition to the CSN channel program, Citrix offers a variety of self-service,

We