1. Home
  2. Docs
  3. SecureAccess Appliance
  4. Resource Worksheet

Resource Worksheet

It will expedite the process to gather and verify resource information in the Resource Worksheet below before starting appliance installation and setup. An example of the worksheet is provided below with descriptions for the information it includes. A blank copy of the worksheet, which can be printed, is included in the Appendix.

Note: Incorrect network configuration could compromise or impede the appliance.

Table: Worksheet Form Example

PropertyNetwork Information (example)Explanation
Computer nameUsed in – Configuration : Use the Setup Wizard : Wizard Instructions

The appliance must be assigned a computer name. The computer name must be 15 alphanumeric characters or less.

Administrator password[Celest1x] (default; to be changed during setup)Used in – Configuration : Use the Setup Wizard : Wizard Instructions

The administrator account is a member of the local administrator group. The factory default password is case sensitive with brackets included.

Important: The default should be changed as it is public knowledge.

Workgroup or domain nameUsed in – Configuration : Use the Setup Wizard : Wizard Instructions : Hostname and Domain

Required for appliance setup.

Record the name of the Workgroup or Domain that will be joined during setup.

LAN information (LAN1)

Private or internal network interface

IP address

Subnet mask

Default gateway

Primary/secondary DNS server(s)

Static routes:

Network address

Gateway address

Used in –

Configuration : Use the Setup Wizard : Wizard Instructions : Network Interfaces

Required for appliance setup.

The LAN (private network interface) adapter of the appliance is the interface assigned to internal network traffic.

WAN information(LAN2)

Public or external network interface

IP address

Subnet mask

Default gateway

Primary/secondary DNS server(s)

Static routes:

Network address

Gateway address

May be needed in – Configuration : Use the Setup Wizard : Wizard Instructions : Network Interfaces

The WAN (public network interface) adapter of the appliance is the interface assigned to external network traffic. This configures how the WAN, or public interface, connects to the Internet.

DMZ (LAN 2 +) information

Additional network interfaces

Include the IP address/subnet mask for each adapter to be used.May be needed in – Configuration : Use the Setup Wizard : Wizard Instructions : Network Interfaces

The DMZ adapters are optional configuration. This information is only necessary to assign static IP addresses to these adapters.

Active Directory Domain Services (AD DS)Active Directory serverIP address

Hostname

User account/password

Used in – Configure Remote Access : Use the Setup Wizard : Wizard Instructions
ADFSAD DS FQDN

Administrator account

Used in – Configuration : Install Features : Web Application Proxy

ADFS is required for Web Application Proxy.

Network Policy ServerNetwork Access Server (RADIUS Client)

IP Address

Shared secret

Network policy criteria

Authentication protocol options

May be needed in post-configuration for NPS or Remote Desktop Gateway.

Setting up RADIUS authentication requires designating the NPS clients that will forward access requests, the criteria that will serve as the policy to grant access, and the protocols that will be used for authentication.

DirectAcces/VPNDA server

Static IP address(es)

Public address for client connections

GPOs (if using customized policies)

NLS certificate (if using external server)

Infrastructure server(s)

DA client

Public address

Subnet mask

Default gateway

DNS

VPN server

Client IP address pool (if not using DHCP)

RADIUS server information (if not using Windows authentication)

Used in – Configuration : Configure Remote Access : Use the Setup Wizard : Wizard Instructions.

The Remote Access/VPN wizard will require server information. The client information will be required to set up remote devices.

Note: Infrastructure server information refers to resources not discoverable by Active Directory.

PKI (if applicable)IP addressMay be needed in post-configuration for DirectAccess.

PKI is recommended but no longer required for DirectAccess deployment, with a few exceptions, like OTP authentication.

Note: Root certificate required.

Web Application ProxyADFS FQDN

SSL certificate

Used in – Configuration : Configure Web Application Proxy : Use the Setup Wizard : Wizard Instructions

Note: Root certificate required.

SSO PortalFirewall rules for HTTPS and SSH communication

Application requirements:

URL

Certificate

Hostname

Port

File format

The SSO portal is a WAP feature.

Rules need to be created in the edge firewall to allow application communication.

While each application type is different, the list of application requirements covers common information for publishing a variety of applications.

SyslogSIEM:

FQDN/IP

Port

Certificate

The Logging feature, sometimes referred to as syslog, is a security information and event management solution (SIEM) feature. Server information is needed if a SIEM server is deployed on the network. An SSL certificate is required for encrypted remote logging.
Remote Desktop GatewayRD Gateway (join domain)

IP address

Hostname

External FQDN

 

AD DS

IP address

Subnet mask

Default gateway

DNS

RD Session Host (domain joined)

IP address

Hostname

RD Connection Broker (domain joined)

IP address

Hostname

RD Web Access (domain joined)

IP Address

Hostname

Firewall rules

Used in – Configuration : Install Features : Feature Details : Remote Desktop Gateway : Required Configuration After Installation
Remote Desktop Web AccessRD Web Access Server (domain joined)

IP address

Hostname

AD DS

IP address

Subnet mask

Default gateway

DNS

RD Session Host (domain joined)

IP address

Hostname

RD Connection Broker (domain joined)

IP address

Hostname

Remote Desktop Virtualization Host server (optional)

IP address

Hostname

Firewall rules

Used in – Configuration : Install Features : Feature Details : Remote Desktop Web Access : Required Configuration After Installation

 

Work FoldersSync share name

SSL certificate

AD security group for user accounts

Sync share DNS entry (recommended)

Used in – Configuration : Configure Work Folders : Use the Setup Wizard : Wizard Instructions
RADIUS serverIP address

Hostname

May be needed to set up Remote Access with VPN or NPS.
RADIUS clientsIP address

Hostname

May be needed to set up Remote Access with VPN or NPS.
DNSADFS FQDN

Host/cluster IP

DNS must be updated to resolve the SSO portal FQDN to the WAP IP address.
Public domain registrarCredentialsIn SSO portal deployments, the portal FQDN should be added as a record to the public DNS host service for the federated domain.
SMTP serverIP address

SMTP gateway name

May be needed in – Configuration : Use the Setup Wizard : Wizard InstructionsAlerts Email

Optional configuration; SMTP is required for Alert Email.

Workplace JoinAD DS FQDN

AD DS service account

ADFS IP address

ADFS FQDN

DRS DNS entry

This information would be used to extend functionality needed to set up BYOD access.
Application serverIP address

Hostname

May be needed in post-configuration for:

Web Application Proxy

Remote Desktop Gateway

RD Web Access

Bold items are required

 

PropertyDetailYour Information
Computer name
Administrator password[Celest1x] (default; to be changed during setup)
Workgroup or domain name
LAN information (LAN1)

Private or internal network interface

IP address

Subnet mask

Default gateway

Primary/secondary DNS server(s)

Static routes:

Network address

Gateway address

WAN information(LAN2)

Public or external network interface

IP address

Subnet mask

Default gateway

Primary/secondary DNS server(s)

Static routes:

Network address

Gateway address

DMZ (LAN 2 +) information

Additional network interfaces

Include the IP address/subnet mask for each adapter to be used.
Active Directory Domain Services (AD DS)IP address

Hostname

User account/password

ADFSAD DS FQDN

Administrator account

Network Policy ServerNetwork Access Server (RADIUS Client)

IP Address

Shared secret

Network policy criteria

Authentication protocol options

DirectAcces/VPNDA server

Static IP address(es)

Public address for client connections

GPOs (if using customized policies)

NLS certificate (if using external server)

Infrastructure server(s)

DA client

Public address

Subnet mask

Default gateway

DNS

VPN server

Client IP address pool (if not using DHCP)

RADIUS server information (if not using Windows authentication)

PKI (if applicable)IP address
Web Application ProxyADFS FQDN

SSL certificate

SSO PortalFirewall rules for HTTPS and SSH communication

Application requirements:

URL

Certificate

Hostname

Port

File format

SyslogSIEM:

FQDN/IP

Port

Certificate

Remote Desktop GatewayRD Gateway (join domain)

IP address

Hostname

External FQDN

 

AD DS

IP address

Subnet mask

Default gateway

DNS

RD Session Host (domain joined)

IP address

Hostname

RD Connection Broker (domain joined)

IP address

Hostname

RD Web Access (domain joined)

IP Address

Hostname

Firewall rules

Remote Desktop Web AccessRD Web Access Server (domain joined)

IP address

Hostname

 

AD DS

IP address

Subnet mask

Default gateway

DNS

RD Session Host (domain joined)

IP address

Hostname

RD Connection Broker (domain joined)

IP address

Hostname

Remote Desktop Virtualization Host server (optional)

IP address

Hostname

Firewall rules

Work FoldersSync share name

SSL certificate

AD security group for user accounts

Sync share DNS entry (recommended)

RADIUS serverIP address

Hostname

RADIUS clientsIP address

Hostname

DNSADFS FQDN

Host/cluster IP

Public domain registrarCredentials
SMTP serverIP address

SMTP gateway name

Workplace JoinAD DS FQDN

AD DS service account

ADFS IP address

ADFS FQDN

DRS DNS entry

Application serverIP address

Hostname

Bold items are required