This section describes configuration steps for integrating Windows Terminal Server for launching sessions.

Before you begin

Procedure to Configure Jump Server in Sectona PAM Installation

  • Navigate to SystemLanding & Proxy Server.

  • Click on +Add New Proxy Server(s) and select Jump Server from the drop-down.

  • Enter the Server Name as required

  • Hostname: Provide hostname of the server.

  • IP Address: Provide the IP address of the server.

  • Port No: Default port is 4389.

  • IP Segment / Location: If you wish to route all traffic from local machines to target assets with this session proxy, set it to All Asset. You can select specific locations / IP segment to use specific session proxy.

  • Instances: Select applicable instances for this proxy configuration.

  • Bypass Session Proxy: Certain connectors which do not support loopback IP address for session management, enforces a direct connection configuration from Terminal Server to target assets. Select session proxy to bypass from the drop-down menu.

  • Log Server: Specify the location of the node where logs generated by accessing through should be stored. The system provides a list of all configured nodes ( HA / DR / Remote Sites) to be selected.

  • Availability Check: Enable this option if you have multiple proxies configured to access the target asset environment. This enables internal load balancing and reachability check before the connection is initiated.

  • Make sure you tick the Active checkbox.

  • Click on Save.

Adding Thick Client Launcher Settings

  • Select the action tab on launcher configured Jump Host proxy configuration and select Launcher Settings.

  • Include the installation path of each application on the terminal server you would like to configure to use via Jump Server.

  • Click Save.

Adding Server NAT Settings

If a user can access Sectona Web Access from multiple locations and terminal server access is enabled from a specific zone/range, you need to configure Network Address Translation (NAT) configuration to enable user access from multiple zones.

  • Select the Jump server type and select Server NAT.

  • In the IP range field, add the IP range of the device you wish to access via Jump Server.

  • In the Virtual IP field, fill in the IP address of the Jump Server.

  • In the Virtual Port field, fill in the port of the access type you have configured to get access via Jump Server.

  • Click Save.