BEC NetScaler Unmanaged VPN Installation Guide and User Guide Version 1.3 2017-09-11 Ref. JN Data A/S RemoteAccess Team Page 1 of 19
BEC NetScaler Unmanaged Installation and User Guide Contents BEC NetScaler Unmanaged Installation and User Guide... 2 Introduction... 3 Technical... 3 Prerequisites for NetScaler Unmanaged access... 3 NetScaler Unmanaged access usage... 4 Web Services:... 4 Remote Desktop (Terminal Services) access Remote Desktop Gateway... 10 Access RDP shortcut... 14 Troubleshooting... 16 EPA scan fails:... 16 Error while accessing a RDP shortcut - Error: Not a privileged User.... 17 Error when accessing https://rdg.prod.bec.dk... 18 Ref. JN Data A/S RemoteAccess Team Page 2 of 19
Introduction NetScaler Unmanaged replaces some of the Microsoft UAG published services below: https://portal2.prod.bec.dk https://portal4.prod.bec.dk including some Web services and Remote Desktop services. Technical Prerequisites for NetScaler Unmanaged access Prerequisite how to verify NetScaler Control Panel, Programs and Features Gateway Endpoint Analysis must be installed and a least version 11.1.53.11 Anti-virus software must be skal være installed and running. The Anti-virus definitions file must be have been updated within the last 48 hours. Please note that this is verified during preauthenticatio n (End Point Analysis scan). Ref. JN Data A/S RemoteAccess Team Page 3 of 19
NetScaler Unmanaged access usage Web Services: When accessing one of the following services: https://alm11.prod.bec.dk https://boe384v3.prod.bec.dk https://extranet.prod.bec.dk https://sps.prod.bec.dk https://owa2010.prod.bec.dk you are automatically redirected to https://rdg.prod.bec.dk for user authentication. ALM11 (Access to https://alm11.prod.bec.dk is shown in the example below) Pre-authentication is done before user authentication takes place. The Pre-authentication consists of an Endpoint scan of your device. Your device is checked to see if the necessary EPA plugin component has been installed. Wait for the scan to complete to verify whether or not the EPA plugin has been installed. Ref. JN Data A/S RemoteAccess Team Page 4 of 19
If the EPA-plugin has not been installed, it must be downloaded og installed. Click on the Download button. Click on the nsepa_setup.exe file Ref. JN Data A/S RemoteAccess Team Page 5 of 19
Click Yes (to install the EPA plugin which is a prerequisite for accessing the services). Click Install The software is installed Ref. JN Data A/S RemoteAccess Team Page 6 of 19
Click Finish Once the EPA plugin has been installed the End Point scan run which verifies whether or not the device is compliant (prerequisites has been met). If the prerequisites have been met, you are presented with the login page below: Ref. JN Data A/S RemoteAccess Team Page 7 of 19
Here you must type your UPN user name, domain password and generated token code. Example: After your UPN user name, domain password and token code has been specified, click on the Log On button. Ref. JN Data A/S RemoteAccess Team Page 8 of 19
If your user credentials and passwords are validated you are re-directed to the web service. Ref. JN Data A/S RemoteAccess Team Page 9 of 19
Remote Desktop (Terminal Services) access Remote Desktop Gateway URL for accessing the service - https://rdg.prod.bec.dk Once accessing the URL above the pre-authentication check (EPA Scan) is done as described in the Web Services: section. If the prerequisites have been met, you are presented with the login page below: (otherwise please go to the Troubleshooting section) Here you must type your UPN user name, domain password and generated token code. Example: After your UPN user name, domain password and token code has been specified, click on the Log On button. Ref. JN Data A/S RemoteAccess Team Page 10 of 19
If this is the first time you are accessing the RDG service and you do not have any predefined Bookmarks the highlighted message below is shown: There are no apps or desktops available to you at this time. Click on the Bookmark link Ref. JN Data A/S RemoteAccess Team Page 11 of 19
Below you will see an example on how to create a new RDP Bookmark Notice! - FQDN must be specified in the URL input field A Fully Qualified Domain Name (FQDN) is the complete domain name of a certain computer. FQDN consists of two parts: host name and domain name. In the example above the FQDN is b00011b000054.b00011.bec.dk. The computer name is b00011b000054, and the computer is located within the b00011.bec.dk domain. - A tick must be set in the RDP Link checkbox - Remember to click Save to store the bookmark! After the new bookmark has been saved 2 new icons will appear ( FAVORITES og DESKTOPS ) Click on DESKTOPS to locate the newly created bookmark. Ref. JN Data A/S RemoteAccess Team Page 12 of 19
If you have many RDP bookmarks stored it is possible to store the most frequently used bookmarks under the FAVORITES icon This is done by clicking Details on the bookmark you want to add to FAVORITES Then click Add To Favorites : After you have clicked Add To Favorites the RDP shortcut will also be located under FAVORITES Ref. JN Data A/S RemoteAccess Team Page 13 of 19
Access RDP shortcut Clicking on a RDP shortcut an app.rdp file is generated which you must open Click on Connect and tick the Don t ask me again for connections to this computer checkbox (optional). Ref. JN Data A/S RemoteAccess Team Page 14 of 19
The RDP connection is now being established. In the below picture the connection has been established. Notice that the top bar is always shown as rdg.prod.bec.dk and not the servers FQDN (in this example b00011b000054.b00011.bec.dk) Ref. JN Data A/S RemoteAccess Team Page 15 of 19
Troubleshooting EPA scan fails: In case of EPA scan issues you must verify whether or not the previously mentioned prerequisites have been meet. Section: Prerequisites for NetScaler Unmanaged access If the prerequisites have been met and the EPA scan continues to fail we need the below information for troubleshooting: Windows users: Send a copy of C:\Users\%username%\AppData\Local\Citrix\AGEE as attachment when reporting the error. MAC brugere: Send a copy of the epaplugin.log file as attachment when reporting the error. cat ~/Library/Application\ Support/Citrix/EPAPlugin/epaplugin.log Ref. JN Data A/S RemoteAccess Team Page 16 of 19
Error while accessing a RDP shortcut - Error: Not a privileged User. If the below error occurs (Error: Not a privileged User.) Please verify that the correct FQDN of the server has been specified. In the example above an extra 0 has been added to the domain name when creating the RDP bookmark It should have been b00011b000054. b00011.bec.dk If you are certain that the FQDN has been specified correctly for the server and the message continues to display Error: Not a privileged User then your user account is most likely not a member of the Active Directory Group which grants access to establish a connection to the server. Contact the Service Desk. Ref. JN Data A/S RemoteAccess Team Page 17 of 19
Error when accessing https://rdg.prod.bec.dk If the error specified below occurs it is most likely due to the fact that your user credentials have already been validated in connecting to one of the 5 web services. The problem occurs if you try to establish a connection to https://rdg.prod.bec.dk in the same browser session. It is a known error. https://alm11.prod.bec.dk https://boe384v3.prod.bec.dk https://extranet.prod.bec.dk https://sps.prod.bec.dk https://owa2010.prod.bec.dk Workaround: Close the browser (It is not enough to simply close the browser tab) and open the browser again. Google Chrome Ref. JN Data A/S RemoteAccess Team Page 18 of 19
Internet Explorer Firefox Safari (MAC) Ref. JN Data A/S RemoteAccess Team Page 19 of 19