External Authentication with Citrix GoToMyPc Corporate Edition Authenticating Users Using SecurAccess Server by SecurEnvoy

Similar documents
External Authentication with Ultra Protect v7.2 SSL VPN Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Windows 2008R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

External authentication with Citrix Xen App (Web Interface) version 5 Authenticating Users Using SecurAccess Server by SecurEnvoy

SecurEnvoy Microsoft Server Agent

SecurEnvoy Microsoft Server Agent Installation and Admin Guide v9.3

External Authentication with Windows 2016 Server with Remote Desktop Web Gateway with Single Sign On

SecurEnvoy Windows Login Agent

Microsoft O365 Integration Guide

Integration Guide. SecureAuth

NetMotion Integration with GreenRADIUS - Quick Start Guide

SecurEnvoy Windows Logon Agent Installation and Admin Guide v9.3 Including support for SecurPassword

Checkpoint R80.10 Integration Guide (ASA)

Remote Access User Guide for Mac OS (Citrix Instructions)

STRS OHIO F5 Access Client Setup for ChromeBook Systems User Guide

Barracuda Networks SSL VPN

mystanwell.com Accessing using Apple devices Information and Business Systems

STRS OHIO Telework F5 BIG-IP Edge Client for Mac Systems (Imac, Air, Macbook, Mini) User Guide

Accessing Skyward Mobile Access App

ISA 2006 and OWA 2003 Implementation Guide

EOH-SASOL - Setup Sasol Mobile Express (Client)

Authlogics Forefront TMG and UAG Agent Integration Guide

Appserv Internal Desktop Access Mac OS Device with Safari Browser. Enter your Appserv username and password to sign in to the Website

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

HOB HOB RD VPN. RSA SecurID Ready Implementation Guide. Partner Information. Product Information Partner Name. Last Modified: March 3, 2014 HOB

Pulse Secure Policy Secure

Microsoft Outlook Web Access 2016 Installation Guide

SecurEnvoy Security Server Installation Guide

Attachmate Reflection for Secure IT 8.2 Server for Windows

San Jacinto College. Secure SSL VPN Instruction Manual. Contents

Remote Desktop How to guide

KB181: Gaining Secure Remote Access via Citrix

SecurEnvoy Security Server 9.3 Installation Guide

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

NetIQ Advanced Authentication Framework - Virtual Desktop Authentication (VDA) Shell. User's Guide. Version 5.1.0

Two factor authentication for Citrix NetScaler

How to Integrate RSA SecurID with the Barracuda Web Application Firewall

Enter your Appserv username and password to sign in to the Website

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

Integration Guide. LoginTC

Instructions for Application Access via SecureCitrix

SecurEnvoy Security Server Administration Guide

Barracuda Networks NG Firewall 7.0.0

Configuring Role-Based Access Control

Configuring Remote Access using the RDS Gateway

RSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013

Remote Access. Application Viewer User Guide

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

Webthority can provide single sign-on to web applications using one of the following authentication methods:

Implementation Guide VMWare View 5.1. DualShield. for. VMWare View 5.1. Implementation Guide

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

GoToMyPC Corporate Administrator Guide

Connect to Wireless, certificate install and setup Citrix Receiver

NetScaler Radius Authentication. Integration Guide

Two factor authentication for Cisco ASA IPSec VPN Alternative

VMware Identity Manager vidm 2.7

Application Scenarios of DG-NS5004 Cloud Storage Syncbox Feature

Deliver and manage customer VIP POCs. The lab will be directed and provide you with step-by-step walkthroughs of key features.

DIGIPASS Authentication for Cisco ASA 5500 Series

Ekran System v.6.0 Privileged User Accounts and Sessions (PASM)

Two factor authentication for Check Point appliances

Configuring your BlackBerry Internet Service from the BlackBerry device

Establishing two-factor authentication with Juniper SSL VPN and HOTPin authentication server from Celestix Networks

NetIQ Advanced Authentication Framework. Deployment Guide. Version 5.1.0

Locate your Advanced Tools and Applications

OneLogin Integration User Guide

Two factor authentication for Microsoft Remote Desktop Web Access

Configuring an IMAP4 or POP3 Journal Account for Microsoft Exchange Server 2003

Two factor authentication for Cisco ASA SSL VPN

Establishing two-factor authentication with Barracuda SSL VPN and HOTPin authentication server from Celestix Networks

Managed Access Gateway. User Guide

Munroe Regional Medical Center

<Partner Name> RSA SECURID ACCESS Standard Agent Implementation Guide. WALLIX WAB Suite 5.0. <Partner Product>

Print Manager Plus 2010 Workgroup Print Tracking and Control

DIGIPASS Authentication for F5 BIG-IP

User Management in Resource Manager

Managed Access Gateway. User Guide

Microsoft Unified Access Gateway 2010

DIGIPASS Authentication for O2 Succendo

AppScaler SSO Active Directory Guide

Two factor authentication for SonicWALL SRA Secure Remote Access

Remote Access Application Viewer User Guide. Version 2.3

Report HQ. Quick Start Guide. Report HQ Quick Start Guide - Version 1.2

DS2 Support. DS2 / inet System Installation Scenario 2. Scenario 1: - Windows 2003 Server - Utilizing an External SQL Server

RSA Ready Implementation Guide for. Checkpoint Mobile VPN for ios v1.458

Aventail Connect Client with Smart Tunneling

Remote Support 19.1 Web Rep Console

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

MYPLACE USER GUIDE User Guide for myplace.hexagon.com March 08, 2017

RSA SecurID Ready with Wireless LAN Controllers and Cisco Secure ACS Configuration Example

Certificate Manager Configuration Guide

Configure Wireless for Windows 7

Version June 2016

DualShield. for. Microsoft UAG. Implementation Guide. (Version 5.2) Copyright 2011 Deepnet Security Limited

Integrating Barracuda SSL VPN

Adding a VPN connection in Windows XP

Two factor authentication for WatchGuard XTM and Firebox IPSec

Xton Access Manager GETTING STARTED GUIDE

Comodo Endpoint Security Manager Professional Edition Software Version 3.3

Installing AGO2GO on a Mac 10.9 to 10.12

Transcription:

External Authentication with Citrix GoToMyPc Corporate Edition Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 1210 Parkview Arlington Business Park Theale Reading RG7 4TY Phil Underwood Punderwood@securenvoy.com

Citrix GoToMyPc Corporate Edition Integration Guide This document describes how to integrate a Citrix GoToMyPc Corporate Edition with SecurEnvoy two-factor Authentication solution called SecurAccess. Citrix GoToMyPc Corporate Edition provides - Secure Remote Access to the internal corporate PC. SecurAccess provides two-factor, strong authentication for remote Access solutions (such as Citrix), without the complication of deploying hardware tokens or smartcards. Two-Factor authentication is provided by the use of (your PIN and your Phone to receive the one time passcode) SecurAccess is designed as an easy to deploy and use technology. It integrates directly into Microsoft s Active Directory and negates the need for additional User Security databases. SecurAccess consists of two core elements: a Radius Server and Authentication server. The Authentication server is directly integrated with LDAP or Active Directory in real time. SecurEnvoy Security Server can be configured in such a way that it can use the existing Microsoft password. Utilising the Windows password as the PIN, allows the User to enter their UserID, Windows password and One Time Passcode received upon their mobile phone. This authentication request is passed via the Radius protocol to the SecurEnvoy Radius server where it carries out a Two-Factor authentication. It provides a seemless login into the Citrix GoToMyPc environment by entering three pieces of information. SecurEnvoy utilizes a web GUI for configuration, whereas the Citrix GoToMyPc environment uses a mixture of a Hosted Web interface and GUI application. All notes within this integration guide refer to this type of approach. The equipment used for the integration process is listed below: Citrix Citrix GoToMyPc Corporate Edition versions 5 build 370 Microsoft Any compatible Desktop (See www.gotomypc.com) for more information In this integration guide all tests were completed with Microsoft Windows XP (SP2) SecurEnvoy Windows 2003 server SP1 IIS installed with SSL certificate (required for management and remote administration) Active Directory installed or connection to Active Directory via LDAP protocol. SecurAccess software release v3.0.010 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 2

Index 1.0 Pre Requisites... 3 1.1 Administration Centre of GoToMyPc Corporate Edition... 3 2.0 Configuration of GoToMyPc software... 5 3.0 Configuration of SecurEnvoy... 7 4.0 Test Logon... 8 5.0 APPENDIX... 9 1.0 Pre Requisites It is assumed that Citrix GoToMyPc Corporate Edition software has been installed upon the relevant client pc, and that a designated administrator for the company has been setup. Securenvoy Security Server has been installed with the Radius service and has a suitable account that has read and write privileges to the Active Directory, if firewalls are between the SecurEnvoy Security server, Active Directory servers, and the client pc, additional open ports will be required. NOTE: Add radius profiles for each GoToMyPc that you wish to use Two-Factor authentication. 1.1 Administration Centre of GoToMyPc Corporate Edition Log on to the Web site www.gotomypc.com, using the company GoToMyPc administrator account. Navigate to the Manage Groups screen, select or create a new group of users. In this example an existing group SecurEnvoy was selected. 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 3

The following screen is displayed Select Authentication Method Select Radius and Click Show RADIUS configuration in GoToMyPc configuration. 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 4

Click Save Settings, click Logout 2.0 Configuration of GoToMyPc software Right mouse click the GoToMyPc icon within the systray. Select Preferences. The following screen is displayed; select the authentication tab. Click Configure Radius NOTE: If the Configure RADIUS button is not shown, please close and open GoToMyPc, once authenticated, the new profile will be pushed to your pc from the GoToMyPc web site. 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 5

Add the IP address of the SecurEnvoy Security server. Enter the username of the PC user; enter the pre-shared key for the radius communication. If SecurEnvoy has already been setup with Radius profiles for each GoToMyPc, and the designated user has received their passcode to the mobile phone. Click Test Configuration otherwise see section 3.0 Configuration of SecurEnvoy. This configuration guide uses the Windows password as the PIN component. Enter your PIN appended with your passcode, the PIN can either the Windows password or a 4-8 digit alphanumeric sequence. Example Passw0rd213243 NOTE: to provide an easier solution, SecurEnvoy can be setup to only authenticate the passcode component. Therefore the user authenticates to the GoToMyPc web site with their agreed password, and then authenticates to their PC only using the passcode. See appendix. Click OK, the following screen is displayed 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 6

3.0 Configuration of SecurEnvoy To help facilitate an easy to use environment, SecurEnvoy can utilise the existing Microsoft password as the PIN. This allows the users to only remember their Domain password. SecurEnvoy supplies the second factor of authentication, which is the dynamic one time passcode (OTP) which is sent to the user s mobile phone. Launch the SecurEnvoy admin interface, by executing the Local Security Server Administration link on the SecurEnvoy Security Server. Click Config Select Windows Microsoft Password is the PIN under PIN Management This will now use the users existing password as the PIN. Click Update to confirm the changes 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 7

Click the Radius Button Enter IP address and Shared secret for each PC that has GoToMyPc installed and wishes to use SecurEnvoy Two-Factor authentication. Click Update to confirm settings. Click Logout when finished. This will log out of the Administrative session. 4.0 Test Logon To access the GoToMyPc environment go to: www.gotomypc.com Login using your email address and GoToMyPc password, the company administrator will setup and provide these details. The following screen is displayed. Select the Pc you wish to connect. 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 8

The following screen is displayed. Enter your access code (this is supplied by your company administrator of GoToMyPc). Enter your Radius credential; this is your PIN appended with the passcode. In this example the Microsoft Windows password appended with the passcode is entered. Example Passw0rd213243 Click OK to authenticate and access your PC remotely. NOTE: Citrix GoToMyPc has a limitation on the maximum number of characters it can pass for the RADIUS credential. This maximum is 16, therefore when using the Microsoft password is the PIN, the Microsoft password should be 10 characters or shorter. APPENDIX SecurEnvoy can be setup to authenticate the passcode only component. Two-Factors are still being utilised. They are the Citrix GoToMyPc Access codes (which is static) and the dynamic one time passcode. To set up passcode only authentication. Go to the SecurEnvoy admin GUI, select Radius, and then select the relevant radius entries. Click the checkbox to allow authenticate passcode only. Click Update to confirm settings 2005 SecurEnvoy Ltd. All rights reserved Confidential Page 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback