Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Operations Management Interface

About a secure gateway built-in authentication server

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

About a secure gateway built-in authentication server

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedDec 09, 2024
  • 2 minute read

The Secure Gateway includes an Authentication Server that provides a layer of security by authenticating end-users before they can access any internal resource. The Authentication Server is disabled by default and should be installed on a computer on the safe side of the firewall that is a member of the domain and which is employed to authenticate users.

Note: The Authentication Server can only be configured for one domain at a time.

Use the Secure Gateway Configuration page to modify some of the settings of the Authentication Server:

Using the Secure Gateway Configuration page to modify some of the settings of the Authentication Server

Other configuration settings are specified in the EricomSecureGateway.Config file, which is located at

C:\Program Files (x86)\Wonderware\InTouch Access Anywhere Secure Gateway\InTouch Access Anywhere Secure Gateway

The user configurable settings are located under the Authentication Server section of the EricomSecureGateway.Config file and defined in the following table.

Setting

Description

Enabled

Boolean value to enable the Authentication Server or not. True enables the Authentication Server. The default is False.

Address

The IP address of the computer hosting the Authentication Server. Localhost is the default.

Port

This is the port on which the Authentication Server listens. Make sure that no other services on the system are using the same port. A port conflict will interfere with the operation of the Authentication Server. The default port is 444.

CertificateDnsIdentity

The connection between the Secure Gateway and the Authentication Server is secured. In case the Authentication Server is not using its default certificate, this parameter must be updated to include the DNS identity of the alternate certificate.

MaxClockSkewMinutes

The maximum difference in minutes between the clocks of the Secure Gateway and the Authentication Server. The default is 180.

KeepAliveFreqSeconds

The keep alive interval in seconds that maintains the connection between the Authentication Server and the Secure Gateway. The default is 30.

When an Authentication Server is enabled, only domain users will be able to authenticate. Local system users (such as Administrator) will not be able to log on through the Authentication Server.

TitleResults for “How to create a CRG?”Also Available in