1. No category

User Manual - BAE Systems


Add to my manuals
11 Pages

advertisement

User Manual - BAE Systems | Manualzz

User Manual - VPN Connection to BAE Systems Hägglunds AB

User Manual

VPN Connection to BAE Systems Hägglunds AB

Version: 2.00.00

Published: 2008-10-25

Copyright© 2007 BAE Systems Hägglunds AB

1

User Manual - VPN Connection to BAE Systems Hägglunds AB

Table of Contents

Table of Contents........................................................................................................ 2

Basic Information ........................................................................................................ 3

AppGate Client ........................................................................................................ 3

AppGate Personal Firewall ...................................................................................... 3

Installation ................................................................................................................... 4

Step-by-step Instructions to Install ....................................................................... 4

Connecting .................................................................................................................. 6

Connecting using Actividentity tokens ..................................................................... 7

Actividentity token - First time .............................................................................. 7

Actividentity token - Create One-time Passwords ................................................ 8

Actividentity token - Menu choices....................................................................... 8

Connecting using AppGate Client ........................................................................ 9

Connecting using One-time Password SMS.......................................................... 10

Troubleshooting ........................................................................................................ 11

Contact Helpdesk............................................................................................... 11

2

User Manual - VPN Connection to BAE Systems Hägglunds AB

Basic Information

AppGate Client

The AppGate VPN connection package consists of two applications – the AppGate

Client and the AppGate Personal Firewall.

The AppGate client opens up an SSH-tunnel to the AppGate at apg.haggve.se, which in turn points at two clustered machines.

The server responds to client requests through three different TCP/IP-ports:

SSH:

HTTP:

HTTPS:

You must allow at least one of above ports to be able to communicate with the server.

Per default, port 80 (HTTP) is used.

If you, for some reason, need to communicate through any of the other ports, check the Properties button in the main connection window in the AppGate client application. Right next to the server name, there’s a drop-down list of the usable ports.

AppGate Personal Firewall

The Personal Firewall option is required for communicating with BAE Systems Hägglunds.

This firewall does not restrict communication when you’re not connected to BAE Systems Hägglunds. The default policy when not connected is wide open (i.e. pass in, pass out). This should keep any interference with other personal firewalls or applications down to a minimum.

When connected to BAE Systems Hägglunds the server updates the AppGate Personal Firewall with a very strict rule set, thereby isolating the client completely from any other communication with the outside world. This includes local resources, like network share mappings and network based printers.

When you close the connection, the AppGate Personal Firewall returns to its normal

(default) state.

AppGate IP Tunneling Driver

The AppGate IP Tunneling Driver is only required for some specific services and is not usually needed, if not installed and a services that is required it is enabled a information dialog will appear with instructions on how to install AppGate IP Tunneling

Driver.

3

User Manual - VPN Connection to BAE Systems Hägglunds AB

Installation

The first step before installing the AppGate Client and Firewall is to download the installation package from BAE Systems Hägglunds; this can be done by entering the following URL in a web browser: http://www.haggve.se/vpn .

Click on the link named Client Connection package to download the executable installation file. Choose to save this file on the computer in a directory you will remember, for example in a temporary folder (C:\TEMP).

You can safely remove this file later, when the installation is done.

Step-by-step Instructions to Install

Double-click on the downloaded executable installation file which you saved on your computer, the file is named agpkg.exe.

The following screen should show after a short time.

1. Start the install by clicking the Next button.

4

User Manual - VPN Connection to BAE Systems Hägglunds AB

2. Choose the destination folder for the AppGate application. If you don’t want to install in the default folder, choose another folder for the AppGate application by clicking the Browse… button. When satisfied click Install to begin the installation process.

3. The installation starts.

4. When the installation is done your computer wants to restart. Click Yes to restart the computer.

5

User Manual - VPN Connection to BAE Systems Hägglunds AB

Connecting

When you start the AppGate client you will get a window looking like this.

Depending on what type of authentication you are using you have to read different chapters, we support two authentication methods.

Actividentity keyring tokens

NordicEdge One-time Password SMS

6

User Manual - VPN Connection to BAE Systems Hägglunds AB

Connecting using Actividentity tokens

The security token Actividentity Keychain v2 consist of 12 buttons:

Digits button

Menu (down-arrow)

On the back of the token there’s a barcode and a Serial Number. This number identifies your security token to us at BAE Systems Hägglunds and should be available whenever you need to contact the support for problem solving.

Actividentity token - First time

The security keyring token, Actividentity, you received with this instruction needs activation. To be able to use the security token for identification to BAE Systems Hägglunds VPN-system you need to contact our Help Desk, either by telephone +46-

(0)660-80213 or by e-mail to [email protected]

You will be asked to state your serial number on the back of the keyring token and in return you will be given the initial PIN-code to unlock the token for its first time use.

When you have received the initial PIN-code you need to follow these instructions:

5. When you start the token with the power button for the first time, it responds with: ENTER PIN.

6. You enter the PIN-code you received from us and end input with a push on the power button.

7. If the PIN-code is correct, the message NEW PIN appears.

8. You now enter a personal 4-digit PIN-code, which you choose by yourself.

Keep this in mind. Confirm with a push on the red button.

9. The display responds CONFIRM

10. Repeat the personal PIN-code once more and push the red button again to confirm it.

11. The display reads COMPLETE.

Your security token is now ready to be used!

7

User Manual - VPN Connection to BAE Systems Hägglunds AB

Actividentity token - Create One-time Passwords

For secure identification against BAE Systems Hägglunds AppGate system:

1. Start the security token with the power button.

2. Enter your personal PIN-code and push the power button again.

3. An 8-digit code is generated which you can enter as the password phrase in the client application.

The code is valid for approximately 10 minutes. The token shuts down by itself after a while due to inactivity.

Actividentity token - Menu choices

As soon as you have entered your personal PIN-code and a one-time password has been generated, you have the option to go into the menu on the token to set different options.

You browse through the different choices by pushing the menu button:

PIN

VIEW

VIEW

VIEW

SEC MOD S

You choose a menu option by pushing the power button.

Change PIN

With this choice you can alter your personal PIN-code on the token. You are adviced with the message NEW PIN at which you enter a new 4-digit personal PIN-code and confirm it with a push on the power button.

You’re asked to (once again) enter the new PIN-code and you confirm this again with the red button.

The message COMPLETE is shown on the display.

Note: You will not be able to use a weak PIN-code, like ”1234” or your current PINcode – then the message ERROR is shown on the display and you have to try again.

View SN

This option shows the serial number which also can be found on the backside of the token. If the serial number on the backside becomes unreadable for some reason, this is the only way to identify this security token.

View Clock

This function is reserved for troubleshooting with the Helpdesk.

View Count

This function is reserved for troubleshooting with the Helpdesk.

SEC MOD S

This function is reserved for troubleshooting with the Helpdesk.

8

User Manual - VPN Connection to BAE Systems Hägglunds AB

Connecting using AppGate Client

First make sure Method is RADIUS, type in your username and the one-time password you generated using the Actividentity token. Click OK to connect. If your username and one-time password is correct, you will be logged in to BAE Systems Hägglunds internal network.

When you’re logged in it will look something like this, depending on what types of services you’re allowed to use.

Double-click on the icon for which application you want to use.

Note: Some application does not have an icon, like access to different licenses and you should start your local installation of the application.

To end the connection to BAE Systems Hägglunds, click the Connection menu, and then choose Close connection. The client asks you if you want to close the connection, click OK to disconnect. When you’re disconnected, click the Connection menu and choose Exit to close the application.

9

User Manual - VPN Connection to BAE Systems Hägglunds AB

Connecting using One-time Password SMS

If you are using a mobile phone for OTP make sure Method is SMS, type in your username and password. Click OK to connect, the one-time password will then be sent to you in a SMS in the form ‘OTP: 123456’, enter the numbers when prompted.

If your username and one-time password is correct, you’re logged in to BAE Systems

Hägglunds internal network.

When you’re logged in it can look something like this, depending on what types of services you’re allowed to use.

Double-click on the icon for which application you want to use.

Note: Some application does not have an icon, like access to different licenses and you should start your local installation of the application.

To end the connection to BAE Systems Hägglunds, click the Connection menu, and then choose Close connection. The client asks you if you want to close the connection, click OK to disconnect. When you’re disconnected, click the Connection menu and choose Exit to close the application.

10

User Manual - VPN Connection to BAE Systems Hägglunds AB

Troubleshooting

The most common error is that the client computer is missing, or has a faulty Internet connection. Make sure you have a working connection before going to the next step.

The easiest way of checking this is to use your Internet Explorer and open up a webpage.

If you type the wrong username or one-time password at the login screen this window shows:

Just click OK and go to the Connection menu and choose Open Connection and the login window will appear again.

If you’ve typed the right login name but the wrong password, you get the following requester, telling you to type your password again.

You should re-generate a new one-time password using your keyring token.

If you haven’t downloaded the client connection package from us, or for some reason the AppGate Personal Firewall isn’t installed, you can’t connect to BAE Systems

Hägglunds. The Personal Firewall is essential for communicating with the AppGate service and the server checks this on connecting.

This results in an error message. Go to the webpage and reinstall the client connection package.

Contact Helpdesk

IT-Support

Telephone: +46-660-80213

E-mail: [email protected]

11

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

Bosch Rexroth RE15327-WA Hägglunds DOb Manual

Bosch Rexroth

RE15327-WA

  • manual
Bosch Rexroth RE15325-WA Hägglunds DUe drive unit Manual

Bosch Rexroth

RE15325-WA

  • manual
Bosch Rexroth RE15354-WA Hägglunds Atom Manual

Bosch Rexroth

RE15354-WA

  • manual
Bosch Rexroth RE 15312-WA Hägglunds Customized drive unit Manual

Bosch Rexroth

RE 15312-WA

  • manual
Bosch Rexroth RE15326-wa Hägglunds DUc Drive Unit Manual

Bosch Rexroth

RE15326-wa

  • manual
Bosch Rexroth RE15440-X-B2 Hägglunds motors Manual

Bosch Rexroth

RE15440-X-B2

  • manual
Bosch Rexroth RE15301-WA Manual

Bosch Rexroth

RE15301-WA

  • manual
Bosch Rexroth RE15305-WA Hägglunds CA Manual

Bosch Rexroth

RE15305-WA

  • manual
Bosch Rexroth RE15420-X-B2 Hägglunds DUe drive units Manual

Bosch Rexroth

RE15420-X-B2

  • manual
Bosch Rexroth RA15322-WA Manual

Bosch Rexroth

RA15322-WA

  • manual

advertisement