This section describes configuration steps for integrating Windows Terminal Server for launching sessions.
Before you begin
Install Sectona client on the server you wish to build as jump proxy as per installation instruction mentioned in Installing Sectona Jump Host Component
Ensure PAM server can communicate with the jump Server as per communication requirement mentioned in Standard Port Requirement for Installation
Procedure to Configure Jump Server in Sectona PAM Installation
Navigate to System → Landing & Proxy Server.
Click on +Add New Proxy Server(s) and select Jump Server from the drop-down.
Enter the Server Name as required
Hostname: Provide hostname of the server.
IP Address: Provide the IP address of the server.
Port No: Default port is 4389.
IP Segment / Location: If you wish to route all traffic from local machines to target assets with this session proxy, set it to All Asset. You can select specific locations / IP segment to use specific session proxy.
Instances: Select applicable instances for this proxy configuration.
Bypass Session Proxy: Certain connectors which do not support loopback IP address for session management, enforces a direct connection configuration from Terminal Server to target assets. Select session proxy to bypass from the drop-down menu.
Log Server: Specify the location of the node where logs generated by accessing through should be stored. The system provides a list of all configured nodes ( HA / DR / Remote Sites) to be selected.
Availability Check: Enable this option if you have multiple proxies configured to access the target asset environment. This enables internal load balancing and reachability check before the connection is initiated.
Make sure you tick the Active checkbox.
Click on Save.
Adding Thick Client Launcher Settings
Select the action tab on launcher configured Jump Host proxy configuration and select Launcher Settings.
Include the installation path of each application on the terminal server you would like to configure to use via Jump Server.
Adding Server NAT Settings
If a user can access Sectona Web Access from multiple locations and terminal server access is enabled from a specific zone/range, you need to configure Network Address Translation (NAT) configuration to enable user access from multiple zones.
Select the Jump server type and select Server NAT.
In the IP range field, add the IP range of the device you wish to access via Jump Server.
In the Virtual IP field, fill in the IP address of the Jump Server.
In the Virtual Port field, fill in the port of the access type you have configured to get access via Jump Server.