Celestix E6600 Installation Manual page 32

▪ Network Location Server – the wizard will configure a default NLS on the appliance if an
external server is not designated.
▪ Group Policy Objects – the wizard will create the two required GPOs with default settings
unless customized group policies are available to assign.
▪ Security group – an AD security group is required to apply customized group polices to
client computers. All remote computers in the domain can use DirectAccess unless an AD
client group is specified to restrict access.
▪ RADIUS – configuration for an external RADIUS server can be included to add strong
authentication methods like one-time passwords (OTPs).
• VPN
▪ VPN deployments using static IP addresses for clients need a defined range; otherwise,
DHCP should be used.
▪ VPN deployments not using Windows authentication need settings for a RADIUS server.
Example Information
To help make the instructions clear, the following examples are used to identify components.
ad01.intexample.com
FQDN
ad01
Host Name
intexample.com
Domain Name
Use the Setup Wizard
The setup wizard is a walk-through to configure components for Remote Access.
While working through the wizard, the appliance may need to reboot.
Access the screen through the web UI at Celestix Edge|Features|Remote Access with VPN|Wizard.
Wizard Instructions
Component Selection – select a Remote Access configuration option:
•
Configure both services DirectAccess and VPN
and a VPN.
•
Configure DirectAccess services only
•
Configure VPN services only
Note: DirectAccess should be enabled for managed clients, while VPN should be enabled to support
unmanaged clients.
Configure both services DirectAccess and VPN
1. DirectAccess
a. Basic – define the appliance location and the URL that clients will use to access resources.
i. Select the type of network environment:
31
Internal Domain
Celestix Edge01.intexample.com
Celestix Edge01
intexample.com
– select to add access through DirectAccess connections.
– select to add access through a VPN connection.
• Edge – requires two network adapters; one to the public Internet and one to
the internal network.
• Behind an edge device (with two network adapters) – one adapter
connects to the perimeter network, and the other connects to the internal
network.
• Behind an edge device (with one network adapter) – the adapter connects
to the internal network.
Celestix Edge Appliance
– select to add access through both DirectAccess
Public Domain
da.example.com
E Series Installation Guide