Mode

RAS Secure Gateway can operate in one of the following modes:

  • Normal Mode: RAS Secure Gateway receives user connection requests and checks with RAS Connection Broker if the user making the request is allowed access. Gateways operating in this mode can support a larger number of requests and can be used to improve redundancy.
  • Forwarding Mode: RAS Secure Gateway forwards user connection requests to a preconfigured Gateway. Gateways in forwarding mode are useful if cascading firewalls are in use, to separate WAN connections from LAN connections and make it possible to disconnect WAN segments in the event of issues without disrupting the LAN.

To use Site default settings, click the Inherit Defaults option. To specify your own settings, clear the option.

Setting the normal mode

To set the normal mode, in the Gateway mode drop-down list, select Normal.

The Preferred Connection Broker drop-down list allows you to specify a RAS Connection Broker that the gateway will connect to. This is helpful when Site components are installed in multiple physical locations communicating through WAN. You can decrease network traffic by specifying a more appropriate Connection Broker. For the gateway to select a Connection Broker automatically, select the Automatic option.

The Forward requests to HTTP Server option allows you to forward requests that do not belong to RAS Secure Gateways (gateways handle HTML5 traffic, Wyse, and URL scheme). To specify multiple servers, separate them with a semicolon. An HTTP server can be specified using an IPv6 address if necessary. Please note that the HTTP server must support the same IP version as the browser making the request.

Setting the forwarding mode

To configure the forwarding mode, in the Gateway mode drop-down list, select Forwarding and specify one or more Gateways. A gateway in forwarding mode will forward all the user connection requests to a pre-configured gateway. Gateways in forward mode are useful if cascading firewalls are in use, to separate WAN connections from LAN connections and make it possible to disconnect WAN segments in the event of issues without disrupting the LAN.

Was this topic helpful?