Information About

• ACNS Services
• Your CSU eID
• Email Accounts
• Getting Connected
• Computer Security
• Policies & Guidelines
• Computer Labs

Help

• Computing Help Desk
• Self-Help Guides
• Help Desk FAQs
• Repair Shops
• Training
• Current Outages
• Current Virus Alerts

Resources

• Classroom Support Svcs
• RamPoint Portal
• Search
• RAMtech
• Software Downloads
• InCommon Federation
• Telephone Services
• WebCT
• WebMail

Specifically For

• Students
• Faculty / Staff
• Retirees
• IT Professionals
• Web Developers

End of Navigation

Self-Help Guide

Secure Access Gateway (SSL VPN)

Background

CSU has provided a new way to access resources on campus with either a wired or wireless connection. This solution is intended to grant users access to information in a secure manner via an SSL connection. The Secure Access gateway can be used instead of other secure access applications such as the CSU VPN client. When connecting to the CSU Secure Access gateway the user will be presented with a web page. This page can have both predefined links and user-defined links to resources such as web pages, terminal sessions and file shares. Individual users may or may not be able to define links on their own page based on departmental security policies.

Connection Prerequisites

There are system requirements to use the Secure Access gateway, such as having the correct combination of Java version, web browser version and operating system. The Help button on the login page has extensive information about these subjects. If you have problems connecting, please look there for assistance first. If you still need help or cannot connect to the help file at https://secure.colostate.edu, please call the CSU Help Desk at 970-491-7276.

How to Connect to the Secure Access Gateway

1. The link to the Secure Access gateway is: https://secure.colostate.edu. Once there you will be presented with a realm to login to, such as the eID system or a particular domain like CNR.
   
   Choose the authentication realm and enter the credentials.
2. The first time you access the Secure Access gateway in Windows you may be presented with a request to install an ActiveX control from Juniper called JuniperSetupSP1.cab.
   
3. We suggest installing the ActiveX control.
   
4. Additionally you may be presented with a request from Juniper to install software; we suggest always trust or allow / remember this decision. If you choose not to always trust/allow, you will be presented with this prompt each time you access the Secure Access gateway.
   

Using the Secure Access Gateway

There are four sections included below: the Navigation Menu, Web Bookmarks, Files, and Terminal Sessions.

The Navigation Menu

The main navigation buttons are:

• Home - Returns you to the main page
• Preferences - Manage the general layout of the main page
• Session Timer - The Session timer is a countdown timer from one hour at the end of which you will have to re-login to the Secure Access gateway
• Help - The Secure Access gateway comprehensive online help
• Sign Out - Leave the Secure Access gateway

Web Bookmarks

The Web Bookmarks panel on the Secure Access gateway main page provides a centralized location for links to CSU and external resources. A resource can be any web page or web application that can be accessed through the Secure Access gateway. The Secure Access gateway rewrites the links in this panel in order to secure traffic between your computer and the resource. When you click a link or use the Browse field at the top of the Secure Access gateway main page, the transmitted page content is rewritten.

On the right-hand side of this field there are three options:

• Panel Preferences
• Add a bookmark
• Expand or Collapse

How to add a bookmark (this option is not available in the eID realm):

1. Click the + icon to add a web bookmark link:
   
2. Use a descriptive name for the bookmark
3. Complete the URL (e.g. http://www.google.com)
4. Choose your desired display options.
5. Click the add bookmark button at the bottom of the page.

Note: after adding a web bookmark, it appears under the gray bar in the web bookmarks section. The gray bar separates the preset links from user-defined links.

Files

The Files panel on the Secure Access gateway main page provides a centralized location for links to files that reside on an internal-to-CSU network. If your system administrator enables the option for personal bookmarks, you can create your own links in the Files panel.

On the right-hand side of this field there are four options:

• Panel Preferences
• Add a Windows Directory
• Add a Unix/NFS Directory
• Expand or Collapse

Note: You may have a file server already mapped on the main page depending on the realm that you logged into and the security policies of your department.

How to create a Windows/Unix/NFS Directory (This option is not available in the eID realm):

1. Click the appropriate icon to add the Windows directory or Unix/NFS directory link (the icon with the four solid white boxes for Windows; the icon with the X for Unix/NFS):
   
2. Servers that have already been mapped by departmental policy will appear as a list. To add a directory on a server that is not already listed (if allowed by policy), you will have to browse to it via the Browse button just under the Navigation menu.
   
3. Browse to the folder that you want to bookmark and add it to the current bookmarks by checking the box beside the folder name then click the Bookmark Selected button.
   
4. The resulting screen will allow you to provide an optional description for the bookmark; click the Add Bookmark button to finish adding the bookmark. A link to this file share will be available for future use whenever you login to the Secure Access gateway.
   
   Note: after adding a file share it appears as a link under the gray bar in the web bookmarks section. The gray bar separates the preset shares from the user-defined shares.
5. Lastly, when connecting to a predefined file server you may need to provide extra credentials if the server authenticates to a different realm than you logged in to. For example, you logged in using eID credentials but want to access a file server on the CSUDOM domain. In this case, you will be challenged to provide CSUDOM credentials.
   

Terminal Sessions

Services in the Terminal Sessions panel enable a user to connect to a Windows remote desktop or to Telnet/SSH to a UNIX/Linux server. When you run an application on the terminal server, most actions are performed on the server itself rather than on your workstation.

On the right-hand side of this field there are three options:

• Panel Preferences
• Add a Terminal Session
• Expand or Collapse

Note: you may have a terminal session already mapped on the main page depending on the realm that you logged in to and the security policies of your department.

How to create a Terminal Service Session link (This option is not available in the eID realm):

1. Click the Add a Terminal Session icon on the right-hand side of the Terminal Sessions bar.
   
2. Choose the terminal session you want to create from the Session Type drop-down list. The options are:
   • Windows Terminal Services
   • Citrix
   • Telnet
   • SSH Secure Shell
   
   For Telnet and SSH Sessions, one must only configure the Host and Username entries, e.g.:
   
   
   
   For Windows Terminal Services/Remote Desktop Sessions, first define the Host (by IP address or fully qualified domain name) and the Server Port (generally 3389):
   
   
   One may also consider the settings located in the Connect Devices section at the bottom of the screen - these will allow printers or drives connected to the remote system to be visible in the terminal session:
   
3. Click the Add button at the bottom of the page, and the link will be added to the Terminal Sessions section on the main page.
   

About ACNS | Contact ACNS | Disclaimer | Equal Opportunity | Privacy Statement | Site Accessibility

©2009 Colorado State University | Last updated: October 16, 2009

Accessed 334 times.