Configuring Jump Host

This section describes the configuration steps for integrating Windows Terminal Server for launching sessions.

• Before you begin

• Procedure to Configure Jump Server in Sectona PAM Installation

• Adding Thick Client Launcher Settings

• Adding Server NAT Settings

Before you begin

• Install the Sectona client on the server you wish to build as a jump proxy as per the installation instructions mentioned in Installing Sectona Jump Host Component.

• Ensure the PAM server can communicate with the jump Server as per the communication requirement mentioned in Standard Port Requirement for Installation

Procedure to Configure Jump Server in Sectona PAM Installation

• Navigate to System → Landing & Proxy Server.

• Click on +Add New Proxy Server(s) and select Jump Server from the drop-down.

• Enter the Server Name as required

• Hostname: Provide the hostname of the server.

• IP Address: Provide the IP address of the server.

• Port No: The default port is 4389.

• IP Segment / Location: If you wish to route all traffic from local machines to target assets with this session proxy, set it to All Asset. You can select specific locations / IP segments to use a specific session proxy.

• Instances: Select applicable instances for this proxy configuration.

• Bypass Session Proxy: Certain connectors that do not support loopback IP addresses for session management enforce a direct connection configuration from Terminal Server to target assets. Select session proxy to bypass from the drop-down menu.

• Log Server: Specify the location of the node where logs generated by accessing through should be stored. The system lists all configured nodes ( HA / DR / Remote Sites) to be selected.

• Availability Check: Enable this option if multiple proxies are configured to access the target asset environment. This enables internal load balancing and reachability checks before the connection is initiated.

• Make sure you tick the Active checkbox.

• Click on Save.

Adding Thick Client Launcher Settings

• Select the action tab on the launcher configured Jump Host proxy configuration and choose Launcher Settings.

• Include the installation path of each application on the terminal server you would like to configure to use via Jump Server.

• Click Save.

Adding Server NAT Settings

If a user can access Sectona Web Access from multiple locations and terminal server access is enabled from a specific zone/range, you need to configure Network Address Translation (NAT) configuration to allow user access from multiple zones.

• Select the Jump server type and select Server NAT.

• In the IP range field, add the IP range of the device you wish to access via Jump Server.

• In the Virtual IP field, fill in the IP address of the Jump Server.

• In the Virtual Port field, fill in the port of the access type you have configured to get access via Jump Server.

• Click Save.