SSH Tectia

Configuration Task Flow

SSH Tectia configurations are handled differently from other configurations in SSH Tectia Manager. An SSH Tectia configuration can stay in edit state between administration interface sessions and changes to the configuration do not take effect until the configuration is commited.

It is also possible to view previously commited revisions of SSH Tectia configurations, and to compare previously commited configurations to each other or to the configuration under editing. See Viewing and Comparing Configurations.

The names of SSH Tectia configurations under editing are shown in green and the settings can be changed on the configuration subpages. The names of SSH Tectia configurations that have been commited are shown in black, and the settings can be only viewed on the configuration subpages.

SSH Tectia configurations have the following structure:

  • The SSH Tectia Client configuration is used by SSH Tectia Client and SSH Tectia ConnectSecure. Each client configuration can contain several connection profiles that specify settings for connecting to different Secure Shell servers.

  • SSH Tectia Connector 5.3 uses the General, PKI, Logging, and Connections settings from the SSH Tectia Client configuration and Policy rules, Application definitions, and Tunneling parameters from Connector configuration.

  • The SSH Tectia Server configuration is used by SSH Tectia Server. Each server configuration can contain several service rules that are applied to users based on matching selectors.

SSH Tectia Client and Server configurations

Figure 9.1. SSH Tectia Client and Server configurations

SSH Tectia Client

The client configuration task flow for SSH Tectia Client is illustrated in Figure 9.2.

Defining SSH Tectia Client configurations

Figure 9.2. Defining SSH Tectia Client configurations

  1. Create a new configuration object or open an existing configuration for editing. Define the general, PKI, logging, connection, and transparent tunneling settings.

  2. Optionally, create connection profiles that define special settings for each Secure Shell server the client is connecting to. The profile names must be unique.

  3. Commit the changes to the configuration.

Assign and deploy the configuration set as described in Assigning Configurations per Group and Deploying Configurations.

[Note]Note

Only a configuration that has been commited can be deployed to a SSH Tectia Client/ConnectSecure host. Pressing Save is required after changing check boxes or text fields in the configuration pages, but the saved settings are not immediately deployable.

SSH Tectia Client configuration

Figure 9.3. SSH Tectia Client configuration

Configuring SSH Tectia Server

The server configuration task flow is illustrated in Figure 9.4.

Defining SSH Tectia Server configurations

Figure 9.4. Defining SSH Tectia Server configurations

  1. Create a new configuration object or open an existing configuration for editing. Define the general, PKI, logging, and connection settings.

  2. Create one or more rules and define the selectors for each rule. Selectors define the user group that will use that particular rule. Define the authentication, basic services, SFTP, and tunneling settings for the rule.

  3. Commit the changes to the configuration.

Assign and deploy the configuration set as described in Assigning Configurations per Group and Deploying Configurations.

[Note]Note

Only a configuration that has been commited can be deployed to a SSH Tectia Server host. Pressing Save is required after changing check boxes or text fields in the configuration pages, but the saved settings are not immediately deployable.

SSH Tectia Server G3 configuration

Figure 9.5. SSH Tectia Server G3 configuration