Listeners¶
determines server connection mode (proxy, gateway, transparent, bastion) as well as its specifics.
Adding a listener
Warning
Data model objects: safes, users, servers, accounts and listeners are replicated within the cluster and object instances must not be added on each node. In case the replication mechanism fails to copy objects to other nodes, contact technical support department.
Note
- A proxy type listener can link to only one account to a server with the same protocol through different safes.
- A bastion type listener cannot link to an anonymous account on a server with the same protocol as the listener’s protocol.
- A listener cannot link to an anonymous and a regular or forward account to the same server with the same protocol as the listener’s protocol.
- A listener cannot link to two regular or forward type accounts to the same server with the same protocol as the listener’s protocol, to which a single user has access.
- For a given linked RDP listener and RDP server, both have to use either Standard RDP Security or TLS or NLA.
- Select > .
- Click .
- Define configuration parameters.
Parameter | Description |
---|---|
General | |
Name | Object name. |
Blocked | Select if defined object should be unavailable after creation. |
Protocol | Server communication protocol. |
HTTP timeout (HTTP only) | Idle time after which the user will be required to authenticate again. |
Enable SSLv2 support (HTTP only) | SSL version 2 support. |
Enable SSLv3 support (HTTP only) | SSL version 3 support. |
Security (RDP only) | RDP connection’s security mode. Enhanced RDP Security (TLS) + NLA allows hiding Wheel Fudo PAM’s login screen upon connecting to destination host. |
Announcement (RDP/VNC only) | Local server announcement displayed on user login screen. |
Permissions | |
Granted users | Users allowed to manage given object. |
Connection | |
Mode | Select connection mode to determine how the user will connect to target hosts.
|
Local address (applicable to bastion and proxy modes) |
An IP address and a port number used for connecting to the target host. A unique combination of those parameters allows for unambiguous identification of the target server. For more information on IP address assignment, refer to the Network settings topic. |
Interface (applicable to gateway and transparent modes) |
Network interface used for communication with monitored servers. |
Use HTTPS (HTTP only) | Select this option to have connections to Wheel Fudo PAM encrypted with the SSL protocol. |
HTTPS certificate | Wheel Fudo PAM SSL certificate required for establishing secure HTTP connections. |
HTTPS private key (HTTPS only) | Wheel Fudo PAM SSL private key required for establishing secure HTTP connections. |
TLS certificate (Enhanced Security RDP only) | TLS certificate for RDP connections requiring Enhanced RDP Security. |
Server public key (RDP only) | Proxy server’s public key. |
Listener public key | Upload or generate listener’s public key. Note Click the hash function specifier to switch between SHA1 and MD5 fingerprint representation. |
- Click .
Modifying a listener
- Select > .
- Find and click desired listener to access its configuration parameters.
- Modify configuration values as needed.
Note
Unsaved changes are marked with an icon.
- Click .
Blocking and unblocking a listener
Blocking a listener disables access for users using it to connect to servers.
Warning
Blocking a listener will terminate current connections with server which uses it.
- Select > .
- Find and select desired listener.
- Click to block access to given resource or to allow using given object to connect to selected servers.
- Provide descriptive reason for blocking given resource and click .
Deleting a server definition
Warning
Deleting a listener will terminate current connections with server which uses it.
- Select > .
- Find and select desired listener.
- Click .
- Confirm deleting selected objects.
Related topics: