The options available in the Network Admin menu allow you to monitor and control the connections that this Corente Services Gateway provides. The options in this menu are intended for use by administrators only.
When you attempt to access an option from the Network Admin menu, a dialog box may appear that requests a user name and password. Enter these items and click OK. You will only be asked for this information once per administration session. Your user name and password will be saved until you close your browser window.
Section 17.5.1, “NAT Info” allows you to view the Outbound NAT and Auto Resolve/Inbound NAT information for the IP addresses on the network.
Section 17.5.2, “Monitor Computer” allows you to select what type of computers will be updated in the list on the Local Network page.
Section 17.5.3, “Add Computer” allows you to add one or more computers to the local Corente Services Gateway network.
Section 17.5.4, “Remove Computer” allows you to delete computer(s) from the local Corente Services Gateway network.
Section 17.5.5, “Mobile User Report” allows you to view the mobile users currently connected to the local Corente Services Gateway.
The Gateway NAT information page displays information about the IP addresses that the local Corente Services Gateway is using for Network Address Translation (NAT). When connecting locations for your secure application network, overlapping IP addresses will create a problem. If two networks in different locations contain IP addresses in the same address space, packets will not get routed to the appropriate computers. NAT is often used to solve this problem.
This page allows you to check the NAT settings for the local Corente Services Gateway and determine what addresses the Corente Services Gateway is using to NAT each local or remote subnet, according to how NAT has been enabled for this Corente Services Gateway in the App Net Manager application.
The information is divided into categories for each NAT option: Outbound NAT and Auto Resolve/Inbound NAT.
- Outbound NAT
Outbound NAT is enabled on the local Corente Services Gateway for local subnets that are participating in the secure network. A network administrator identifies a local subnet that the Corente Services Gateway will NAT to another subnet before the subnet is made visible to remote Location Partners. The administrator is able to specify the subnet that will be used for NATing.
The User Group column lists the real IP addresses and netmasks of all local subnets that are participating in the secure network.
If Outbound NAT has been specified for a local subnet, the NAT column will display the NATed IP address of that subnet. (This is the subnet of IP addresses that Location Partners will use to make connections to the machines.) If Outbound NAT has not been enabled for this subnet, the column will display "N/A" and Location Partners will use the real IP addresses of the machines for secure connections.
If there are any Corente Clients that connect to this Location, any subnets that are being NATed by Outbound NAT will be listed twice. One entry will list the subnet as NATed, the other entry will not. This occurs because NAT does not function between Corente Client Partners and their host Corente Services Gateway. Corente Clients connect to the Corente Services Gateway like local clients rather than remote partners, so they connect to servers using real IP addresses.
To facilitate data viewing, you can sort the entries in this table by User Group subnet or by NAT subnet simply by clicking on the headings at the top of each column. The entries will be sorted in order, from lowest to highest subnet.
- Auto Resolve/Inbound NAT
Auto Resolve/Inbound NAT are enabled on the local Corente Services Gateway for each partner. Inbound NAT will re-map all IP addresses in the partner's User Group to a new set of addresses that have been chosen by a network administrator, while Auto Resolve NAT will automatically perform NAT if a conflict is detected between the User Group of the local Corente Services Gateway and the User Group of the partner. If an IP address conflict is detected when Auto Resolve is enabled, the local Corente Services Gateway will NAT the partner's subnets to a new subnet (chosen by the Corente Services Gateway) so that local machines will be able to access computers in the partner's User Group. Both types of NATing will only occur locally; the NAT will be invisible to the remote computers.
The Partner column lists the fully-qualified name of the partner (e.g.,
domainname.gatewayname) that is participating in NAT with the local Corente Services Gateway.The User Group column lists the real IP addresses and netmasks of the subnets of this Location Partner. (Depending upon what is included in the Location Partner's User Group, there may be multiple subnets per partner.)
The NAT column will display the NATed IP addresses of these subnets. Local computers will use these translated IP addresses for secure network connections.
Auto Resolve NAT partners will not be listed unless Auto Resolve NAT is currently occurring with this partner. In order for Auto Resolve NAT to solve addressing conflicts between two partners, it must be enabled on both sides of the connection (i.e., both the local Location and the Location Partner must enable Auto Resolve for each other).
To facilitate data viewing, you can sort the entries in this table by Partner, User Group subnet, or by NAT subnet simply by clicking on the headings at the top of each column. The entries will be sorted in order, either alphabetical (for Partner entries) or from lowest to highest subnet (for User Group or NAT entries).
The Monitor Computers on the Local Corente Gateway Network page allows you to select what type of computers will be automatically listed and updated on the Local Networks page.
When a computer connects and disconnects from the secure application network, it is automatically removed or added to the Local Network page. It is also automatically removed or added to the Remote Networks page of any partners with the proper permissions to access that computer. By default, all computers on the local network (both Windows and non-Windows) are automatically monitored, and therefore automatically added or removed from the lists.
However, you may want the Corente Services Gateway to monitor only Windows computers if you are concerned about extra traffic on the local network, as non-Windows computers are monitored via periodic query requests from the Corente Services Gateway. Windows computers, however, are monitored via the announcements to the LAN from these computers. This does not generate any additional traffic on the local network.
- Monitor all computers on local network
Select this option to monitor all computers on the local network. (This option is selected by default.)
- Monitor only Windows computers on local network
Select this option if you do not want the non-Windows computers to be automatically monitored.
Any change to the Monitor Computer option takes effect immediately. If you select Monitor only Windows computers and click the Submit button, all non-Windows computers will be deleted immediately from the Local Network page and the Remote Networks pages of partners. If you later decide to select Monitor all computers again, all non-Windows computers that the Corente Services Gateway can detect will be re-added to the pages immediately.
If you have selected Monitor only Windows computers, yet users also need to access certain non-Windows computers, you can manually add these non-Windows computers to the Local Network page using the Add Computer option.
You can change the Monitor Computer option only when the Corente Services Gateway software is running.
The Add Computers to the Local Corente Gateway Network page enables you to add any computers on the local network to the secure application network. However, there should be no need to use the Add Computer interface to add any machines to the local Corente Services Gateway network.
If there is a Windows machine and you would like other users on the secure network to view that computer, you should simply install the File and Printer Sharing for Microsoft Networks component on that system. As long as a Windows PC is running file/print services, it will be added to the local Corente Services Gateway network automatically.
Computers that are on the same subnet as the Corente Services Gateway are automatically added to the local network (including those computers that provide file/print services as well as non-Windows computers). Windows computers that are on a different subnet than the local Corente Services Gateway can also be automatically added if the router of that subnet can be configured to forward the UDP broadcast packets within its network to the Corente Services Gateway.
If you are unable to re-configure a computer and/or a subnet so that the computer(s) will be automatically added to the network, you can manually add that machine with the Add Computer option. You can specify both the name and the IP address of the machine to be added. Both name and IP must be unique within the local network in order for the machine to be added successfully.
A computer that is manually added with this option will be listed on the Local Networks page. It will be listed with a hyperlink when Gateway Viewer is accessed with Internet Explorer; you can simply click the link to browse the shared resources on that server or place your cursor over the link to view the server's IP address.
A manually-added machine will be persistent, i.e., it will never be deleted automatically and can only be removed by using the Remove Computer option. If a machine is added manually, it will not be updated dynamically.
Remember that appropriate Corente Services Gateway access permissions (i.e., User Groups and/or shared applications) are needed so that the appropriate computers on the local Corente Services Gateway network will appear automatically on the Remote Networks pages of other networks within the secure network.
You will receive an error message if you try to add a computer when it has already been added to the network.
You can add a computer to the local network only when the Corente Services Gateway software is running.
The Remove Computers From the Local Corente Gateway Network page displays computers on the local Corente Services Gateway network and allows you to remove those computers that should no longer be accessible on the secure application network.
This option should be used to remove only local computers that have been added with the Add Computer tool. All other local computers are automatically added and removed from Gateway Viewer as they are added and removed from the physical network. To prevent a computer that was not added with the Add Computer tool from being listed in a partner's Gateway Viewer, you must modify the User Groups of this Corente Services Gateway in the App Net Manager application and remove the computer's IP address from the Default User Group.
This interface can be used to remove computers that normally are added and removed automatically only if these computers have disconnected from the network and Gateway Viewer has not yet registered this information (as computers can take 30-45 minutes to be removed automatically from the Local Networks page). If you remove this type of computer when it is not disconnected, be aware that it will be re-added to the interface.
To remove a computer on this interface, simply check the computer and click the Submit button. There is no limitation on how many computers can be deleted at once.
If a computer has been added using the Add Computer button, it will never be deleted automatically from the Local Network or Remote Networks pages, even when it disconnects from the network or is shut down. You must use this interface to remove such computers from the secure network.
The computer that you are currently using will be highlighted in gray.
You can remove computers from the local network only when the Corente Services Gateway software is running.
The Corente Gateway Mobile User Report in Gateway Viewer allows an administrator to view which Mobile Users are currently connected to the Corente Services Gateway.
Time displays the time when the Mobile User first connected.
User ID displays the Mobile User name of the device.
Network Interface displays the network interface of the Corente Services Gateway to which the Mobile User is connected.
IP Address displays the IP address that was assigned to the Mobile User when they connected to the Corente Services Gateway.
Log History lets you view a history of Mobile User connections to the Corente Services Gateway.
The Log History page displays a historical record of Mobile User connections to the Corente Services Gateway.
Time displays the time when the Mobile User first connected.
User ID displays the Mobile User name of the device.
Duration displays the duration of the connection.
Bytes Sent displays the number of bytes sent by the Mobile User to the Corente Services Gateway.
Bytes Received displays the number of bytes received by the Mobile User from the Corente Services Gateway.