Adding Natted IP into PAM and its configuration
When a client wants to provide the PAM access to the users that are not within company’s network , instead they are from outside Network. For this if outside users are using Natted IP for accessing both API and Gateway server then we need to add an new URL (second DNS) so that we will configure this new URL for outside users without effecting the inside users. For Example https://arcon-pam-outside ( URL for outside users) and https://arcon-pam-insideusers (URL for inside users).
Also we need to add Natted IP in Natted IP setting of PAM as shown in the picture below.
NOTE: If any outside users tries to access the Pam with other URL which is used by inside users it will give an error “unable to create channel” while accessing any service.
CONFIGURATION OF NATTED IP IN VPN SERVER
STEP 1: Click on the Manager Tab ----> Go to Application Settings ---> Natted IP Settings.
STEP 2: Here add the URL from which outside users are using to open the Pam. In next tab Add the Natted IP of API which outside users are using to access API. Then Click on “Is Active” and click on Add.
A popup message will be displayed “Natted IP added successfully”.
Now Open the Server Manager or Admin Settings to configure the Natted IP for Gateway server.
STEP 3: Go to Tools --> Advance configuration --> Default Configuration --> VPN Servers.
Here you will see the Gateway server which client is using for tunneling .Right click on the IP Address which is active and click on “Set VPN Servers - Virtual IP’s “.
STEP 4: In Remote IP enter the DNS/IP/ used by outside users to access Pam.
In server IP enter the Natted IP used by outside users for gateway server.
in server Port enter port number of gateway server i.e. 22. Then click on “is Active” and Add.
Now close the window and ask the outside user to check the connection of services assigned to him/her. Client will able to use the Pam outside their Network as well.
Related Articles
Cisco Duo configuration/setup and faced errors in PAM
Open Server Manager. Select the respective user. Right click and select Edit User Settings. Select Cisco Duo from the Drop Down and select "Enable Dual factor Type" and select "Confirm Status". Open Admin Settings and find "Cisco Duo MFA". Click on ...HTTP Error 404 in accessing Report downloaded from PAM
Issue When client tries to download Report from PAM, the user is redirected to a screen which shows up with the error "Not Found: HTTP Error 404. The requested resource not found". The error comes after opening the link The client gets a mail for any ...How to get Windows RDP service Text log from PAM in U16_SP2_
Having both video and text logs for Windows activities will significantly enhance our ability to monitor and audit privileged access effectively. prerequisite. 1. Windows service should be accessible through PAM 2. TS plugin Should be Installed On ...How to enable Copy/paste for Linux Services for PAM Ver U16 SP2.
If users are unable to copy/paste text from Linux servers to Notepad or Vice Versa in PAM Ver U16 SP2 or above. Kindly enable the "Enable/Disable Copy paste on Putty" and select "Enable copy paste everywhere" from the dropdown as shown below. ...How to Change the TACACS/TACACS+ Password
To change the TACACS/TACACS+ password, follow these steps: 1) Begin by configuring the TACACS/TACACS+ URL in the password change default settings. 2) Click on the multiple configuration option and add the TACACS/TACACS+ configuration. 3) Select ...