Appgate Tunneling Driver For Mac
Instructions how to install components needed to run AppGate Client with IP tunneling driver. IMPORTANT PREREQUISITES. Make sure you have administrator privileges on your local computer while instatlling needed components. JAVA must be installed on your local computer. Download and install AppGate (step-by-step ). Contact your local IT department if uncertain about any of above. After above steps are verified/completed elevated user privileges can be restored.
Return to the and choose AppGate Client.
Appgate Tunneling Driver For Mac Windows 10
Installation To start the installation, run agclient.exe or similar, depending on which type of client is to be installed. These files can be found either on the AppGate USB delivered with your server, or on the built-in web server on the AppGate server. The installer uses a graphical dialog which should be familiar to most users.
If anything goes wrong during the installation, the installation log can give useful information about the problem. The log is viewed with the button 'Show details' during installation, and is saved as install.log in the installation directory. An alternative method is to use Java Web Start.
Java Web Start requires that Java version 1.3.x or higher is already installed on the client computer. In order for the 'Write to hosts file' feature to work, the user must be administrator. The AppGate Client Web Start link is found on the built-in web server. JRE considerations The Windows AppGate client installation includes a complete Java Runtime Environment that is solely intended to be used with and by the AppGate clients. For this purpose, the JRE has been modified so that it does not read or modify the registry. This modification ensures that no conflict with other versions of JRE installed on the system, past or future, will occur.
Other unmodified versions of JRE can use the registry entries relevant to JRE for their own purposes without affecting the AppGate clients. It is not recommended to use the JRE included with the AppGate client for other purposes than running the AppGate clients. 3.2.2. Installation on Mac OS X The AppGate clients for Mac OS X are distributed as disk images. To install one, open the disk image and install the meta package in the top level directory. This will install the client and the AppGate Local Forwarder. The default installation path for the client is the system-wide Applications directory, but it is possible to select another path during installation.
Administrator privileges are required to install the meta packages, since they include the AppGate Local Forwarder. If the AppGate Local Forwarder should not be installed, it is possible to install the client package from the 'packages' directory. This does not require administrator privileges, but automatic hosts file writing and forwarding of privileged ports will not be available. Warning Security considerations: By using these features, any user who has access to an account on the machine can, for instance, redirect all connections to a specified web server to a malicious program. The malicious program may try to convince the local user to enter his password. Depending on how the Mac OS X client is used, the administrator should decide whether AppGate Local Forwarder should be installed or not.
If AppGate Local Forwarder has been installed, its features can be disabled by executing the following command as root from a terminal window: chmod u-s /usr/local/libexec/appgatefwd and it can later be enabled again with the following command: chmod u+s /usr/local/libexec/appgatefwd. Host Name Resolution AppGate Local Forwarder writes to the file /etc/hosts in order to transparently redirect connections through encrypted SSH tunnels. This file is normally not read by the system after reboot, but the installation of AppGate Local Forwarder modifies the lookup order to take advantage of this file. This is achieved by creating the file /etc/lookupd/hosts to use the /etc/hosts file before consulting DNS and NetInfo. If the Mac OS X client is configured not to use the files in /etc/lookupd, this will not be effective and the administrator must make the appropriate modifications by hand. NOTE: The modification of the lookup order tries to be conservative so as not to break the existing configuration. If the file /etc/lookupd/hosts already exists, it will not be overwritten, and if NetInfo is used, the files in /etc/lookupd should be ignored.
Some versions of Mac OS X do not honor this, and the existence of the /etc/lookupd directory disables other NetInfo lookups. This may cause systems with local modifications to change their behavior. In this case, the administrator should back out the changes made by the installation of AppGate Local Forwarder. 3.2.3. Installation on Solaris All AppGate clients require that Java is installed on the client machine to be able to run. The client software for the Solaris platform is found on the USB in the AppGate/client/SunOS directory. The directory contains several packages with manual pages and executables.
For instance, to install the AppGate Client package, run cd /usbmountpoint/appgate/AppGate/client/SunOS/`uname -p` cp APPGclnt.pkg.gz /tmp cd /tmp gunzip APPGclnt.pkg.gz pkgadd -d APPGclnt.pkg APPGclnt Installing the client places the files of this package in /opt/APPGclnt. A bin directory and a man directory will be created to hold the executables and the manual pages. Start the AppGate Client by executing /opt/APPGclnt/bin/agclient. No further configuration of this package should be necessary.
3.2.4. Installation on Linux All AppGate clients require that Java is installed on the client machine to be able to run. The client software for the Linux platform is found on the USB in the AppGate/client/Linux directory. The AppGate Client can be extracted/installed by executing the following command: bzip2 -cd /pathto/agclient.i386.tar.bz2 tar xf - A subdirectory structure called opt/APPGclnt will then be created in the current directory. Start the AppGate Client by executing the file opt/APPGclnt/bin/agclient. The user may then click on an icon for the operating system he is using. Under Windows, a File Download dialog box may appear asking whether the user would like to run agclient.exe from its current location or save the file to disk. The user must select one of the two options and click OK for the download and installation to begin.
If the user chooses to run agclient.exe from its current location, the executable will automatically self-extract the package and begin the installation. If the user saves the file to disk, he must double-click on agclient.exe after it has finished downloading in order for the extraction and installation to begin.
From that point onward, the installation will behave identically to a generic USB installation (or a distributed installation package with no pre-configuration). 3.2.6. AppGate IP Tunneling Driver Installation The AppGate IP Tunneling Driver can only be installed on computers running Windows XP SP3 or later, Linux, Mac OS X or Solaris. Administrator privileges are required for the installation. If the AppGate IP tunneling driver should be upgraded, the previous version has to be uninstalled first. To install the IP tunneling driver on Windows run the agptd.exe file. It can be fetched from the AppGate server built in web page. Silent installtion of agiptd is also possible using the /S switch.
It is possible to connect to multiple AppGate servers at the same time and use IP Tunneling to all of them. Each connection will require one instance of the IP tunneling adapter. On Windows the required number of adapter instances has to be created before using the multiple IP tunnels. This might be done at install time by selecting the number of instances in a drop down list in the installer wizard.
The default number of instances is 2. The default value for number of IP tunneling interface instances for agiptd.exe can be changed with the command line switch /NTUN=n It is also possible to install additional instances later if required. This is done by changing directory to '%PROGRAMFILES%/AppGate/AppGate IP Tunneling Driver' and issue the following command in a cmd window: agtuninst.exe install agtun.inf agtun The command should be repeated for each additional instance that is required. The Linux, Mac OS X and Solaris versions dynamically add the number of required adapter instances at run-time and thus do not require this selection to be made at install time. 3.2.9. Over the air provisioning of mobile clients Over the air provisioning is a way to install and configure the AppGate client on a mobile phone over the air.
The administrator can make the AppGate server send SMS:es to the mobile phone. The first SMS contains a link to the client installation package, and once installed, the client will use the second SMS to configure itself. It is also possible to automatically setup email accounts on the phone. The net effect is making it easy for the mobile phone users to get started.
They just need to press OK a couple of times and enter their password before they are set up and can read their email. How over the air provisioning works The first step is that the administrator triggers provisioning for the user. This is done on the local user management screen. Once the user's mobile phone number has been entered, the administrator just needs to press the provisioning button. Pressing the provisioning button causes the AppGate server to send two SMS:es to the phone. The first SMS will contain a short text and a hypertext link back to the AppGate server. Pressing the link will cause the mobile phone to download the appropriate client installation package (the server uses the web request to figure out which phone model the user has).
Once downloaded the client installation will start automatically (on all platforms but SonyEricsson). The default behavior of the AppGate Server is to send the SMS:es through a gateway at appgate.com.
Any firewall between the AppGate server and the Internet must allow the AppGate server to establish a TCP connection to port 443 on provisioning.appgate.com. This gateway will allow all customers with a valid support contract to send a certain number of SMS:es per month (currently 50). Customers wishing to send more need to have a separate contract for SMS sending. When the client starts for the first time it will look for the second SMS which contains the information needed to know where to get the actual configuration. The client will then use this information to download the actual configuration from the AppGate server. The downloaded configuration includes things like name of AppGate server, authentication method and user name.
Appgate Tunneling Driver For Mac
The only thing the users need to enter is their passwords or other authentication data. Once connected, the client downloads the list of services as usual. But there are a couple of new client commands which may help with the user experience in this situation. There is one which creates an ordinary email account. It is also possible to create an Exchange account on Windows Mobile phones, and there is support for downloading the Exchange client for Sony Ericsson and Nokia phones.
Administrator actions This section covers various actions which the AppGate administrator may have to perform to set up over the air provisioning. The basic configuration is done in the AppGate console under 'Clients/Mobile Client Configuration'.
Here it is possible to configure which addresses the clients should use when contacting the server, the text in the SMS and other things related to provisioning. The effort required of the end user becomes small if the administrator sets up client commands to configure and launch the email client. This done with the following client command: mailaccount -domain MAILDOMAIN -launch This client command should normally be set only for the.mobile platform. The -domain and -launch sections are optional.domain will help with the configuration and -launch will start the email client. This client command will check to see if the email account already exists, if not it is created. Finally, if -launch is provided the email client is launched. The situation is more complex if the email server is running Exchange.
Both Nokia and Sony Ericsson make Exchange clients for their phones available on their web sites. AppGate may not, for legal reasons, redistribute those clients but we can redirect users to them. The redirection can be configured in the AppGate console. The administrator may either enter the relevant URL:s manually or configure the AppGate server to automatically download the URL:s from appgate.com once a day. The client command which downloads the Exchange client is: browse appgateserveraddr/agmobile?asclient But this command should only be run if the client is not already installed. Fortunately a client check can be used to check if the client is already installed.
Create the following two client checks.