Security Server Configuration

Configuring a Binding

A Binding specifies addresses to be used for incoming client connections and the outgoing host connection.  If the addresses are different, the Security Server acts like a bridge or router spanning different networks.  Bindings may span dissimilar networks, such as Ethernet to Token-ring, provided TCP/IP is bound to both NICs in the Windows operating system Network Settings.  Up to 64 Bindings can be defined per server.

NOTE  A Binding MUST be defined before a Connection may be defined.

Configure a Binding

  1. Right-click on the Bindings icon in the tree view and select Create or click the Create Binding icon on the ToolBar.

  2. Enter a name for the Binding in the Binding Name: edit box.  You can keep the name Default if you wish.

  3. Enter the Client Side NIC's IP Address.  This is the IP address of the NIC listening for SSL client connections.  IPv4 and IPv6 IP Addresses, as well as Machine Names, are supported.

NOTE  The advantage of using a Machine Name is that a NIC Card can be assigned multiple IP Addresses.  So, if you want to allow connections on all the IP Addresses assigned to the NIC's on this server, use the Server's Machine Name instead if a single IP Address.

  1. Enter the Host Side NIC's IP Address.  This is the IP address of the NIC communicating with the host system.  On a single homed system (one NIC and one IP Address), this IP address will be the same as the Client Side IP Address.  IPv4 and IPv6 IP Addresses, as well as Machine Names, are supported.

NOTE  In some cases, when using a VPN connection, it may be necessary to set the Host side address to 0.0.0.0 in order to facilitate VPN connections that create virtual IP connections to the server.  By entering 0.0.0.0, the Security Server will bind to any available IP address.

  1. Enter the Client Side NIC's URL.  This is used only when using the Security Server for HTTPS Off-Load.  Enter the URL assigned to the Client Side NIC's IP Address that the End User's enter into their web browsers (minus the http://).  This value is substituted into the data stream by the Security Server.

If you're not using the BlueZone Security Server for HTTPS Off-Load, leave this field blank.

CAUTION!  When using the BlueZone Security Server for HTTPS Off-load, all A HREF links contained in the HTML pages should contain "relative" paths and not "fully qualified" URL's.  Using "fully qualified" URL's will cause the Security Server to encounter errors when encrypting and decrypting the HTML pages.

  1. Click the OK button to apply the changes and exit this dialog.

Edit a Binding Configuration

  1. In the Tree View panel, double-click the Binding name to be edited.

  2. Make the necessary changes.

  3. Click the OK button to apply the changes and exit.

Related Topics:

Configuring a Connection