Amer Networks E5Web GUI User Manual

•

At least Windows Server 2008™ R2.

•

The role Remote Desktop Session Host must be installed.

•

The option IP virtualization per session must be enabled.

Note: DNS lookup is done using the terminal server IP

Any DNS lookups are performed using the IP of the Windows terminal server and not the
session IP assigned to the client. Therefore, IP rules or IP policies may be needed to allow
such DNS lookups through the security gateway.

Monitoring Identity Awareness Activity

The administrator can ask cOS Core to show details of identity awareness activity.

In the Web Interface, the administrator can go to Status > Run-time Information >
Authentication Agents to see that the IDA service is connected to cOS Core. In the CLI, the same
can be achieved with the command:

Device:/> authagent

As users are authenticated, they can be seen in the Web Interface by going to Status > Run-time
Information > User Authentication. In the CLI, the same can be achieved with the command:

Device:/> userauth -list

In order to switch on console monitoring of the communication taking place between cOS Core
and the IDA service on the domain controller server, use the command:

Device:/> authagentsnoop

Entering the command a second time will terminate snooping.

The options for all the above CLI commands are listed in the separate cOS Core CLI Reference
Guide.

Chapter 8: User Authentication

555