The Protocols subsection includes network settings for RAS server connections to the Host. The Account User can click on the Edit button to view and/or edit any of these configuration options.
Below is a table of the fields, values and actions available on the Protocols popup window:
Field
Description
Network protocol configuration
Check Enabled next to each network protocol that Gateway Server can use to establish a connection to the Host. Select Standard to specify default port number (1505 for UDP/IP and TCP/IP) on which the Host will be listening for a Gateway connection, or enter a custom port number. The list of ports and addresses on which the Host will be listening will appear in a box below each protocol
UDP/IP protocol
Allow the RAS Server to use UDP/IP to connect to the Host; the standard port number is 1505
TCP/IP protocol
Allow the Gateway Server to use TCP/IP to connect to the Host; the standard port number is 1505
Grant or deny access over TCP/IP to specific IP addresses or range of IP addresses by clicking on Restrictions… (see below for more information)
Use encryption
Ensure that RAS server connection between the RAS server and Host is protected with a mutually acceptable encryption algorithm
Select ciphers
When the RAS Server requests a Master connection to the Host, the two applications will negotiate to determine the highest level of encryption that is supported by both
The Select ciphers window lists the encryption ciphers that are supported by the Host in decreasing order of preference. Enable or disable ciphers by dragging and dropping them between the ENABLED and DISABLED sections of the window.
Actions
Actions that can be taken on this popup window
OK
Save changes and close the popup window
Cancel
Discard changes and close the popup window
NOTE: The Host can be installed on a computer that is also running the RAS Server. Both programs can have the IP protocols enabled because each uses a different default port (Host uses 1505, RAS Server uses 2303).
Access to the Host over TCP can be restricted according to the IP address of the RAS Server. The restrictions can be configured by clicking on Restrictions to bring up the following popup window:
Below is a table of the fields, values and actions available on the TCP/IP Address Restrictions popup window:
Field
Description
By default, all computers will be:
Specify general access policy for Account Users requesting access to this Host desktop (Default = Granted access)
Granted access
In general, allow all TCP/IP Master connections to this Host from all IP addresses except those listed below
Denied access
In general, deny all TCP/IP Master connections to this Host from all IP addresses except those listed below
Add
Click on the Add button to create an exception to the general access policy defined above.
If general access policy = Granted access, the clicking the Add button will create an exception that will be denied access.
If general access policy = Denied access, the clicking the Add button will create an exception that will be granted access.
See below for more details about adding exceptions.
Except those listed below
Below is a list of fields, values and commands available for each exception to the general access policy:
Access
Access
Defines the type of access that applies to this exception; if general access policy = Granted access, the value of this field is Denied; if general access policy = Denied access, the value of this field is Granted
Denied
If general access policy = Granted access, then effect of this exception is to deny access request from this network address
Granted
If general access policy = Denied access, then effect of this exception is to allow access request from this network address
TCP/IP Address [Mask]
Displays the specific IP address subject to the type of access defined in exception above, or the subnet mask for a range of IP addresses that should be subject to the access exception; can be either IPv4 or IPv6 format
Actions
Commands that can be taken to view/modify/delete this exception
Edit
View and/or modify configuration settings for this IP address
Remove
Remove this IP address from the exception list
Actions
Actions that can be taken on this popup window
OK
Save changes and close the popup window
Cancel
Discard changes and close the popup window
To add an exception to the list, the Account User can click on the Add button in the popup window (if general access policy = Granted access, the popup window will enable Account User to create an exception that will be denied access; if general access policy = Denied access, the popup window will define exception(s) that will be granted access):
Below is a table of the fields, values and actions available on the Add Exception popup window:
Field
Description
Type
Specify the IP address(es) that should be subject to the exception defined above
Single computer (at one IPv4 address)
Define exception for single IPv4 address by typing in an IPv4 address in Address field
Group of computers (by IPv4 subnet mask)
Define exception for a group of IPv4 addresses by typing in an IPv4 address in the Address field and an IPv4 subnet mask in the Mask field
Group of computers (by IPv4 start address & count)
Define exception for a range of IPv4 addresses by typing in a starting IPv4 address in the Address field and the number of subsequent addresses to include in the range in the Number of addresses field
Single computer (at one IPv6 address)
Define exception for single IPv6 address by typing in an IPv6 address in Address field
Group of computers (by IPv6 subnet mask)
Define exception for a group of IPv6 addresses by typing in an IPv6 address in the Address field and an IPv6 subnet mask in the Mask field
Address
Specify an IPv4 or IPv6 address for exception or range of exceptions
Mask*
Specify subnet mask for separating the IPv4 or IPv6 address into network prefix and host identifier; appears only if IPv4 or IPv6 option with subnet mask is specified
Number of addresses*
Specify the number of sequential addresses that should be added to the address specified about to define the range of addresses that should be subject to the defined exception; appears only if IPv4 option with address & count is specified