RAP Clientless SSL Web Portal
User Manual
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Table of Contents
TABLE OF CONTENTS .............................................................. 2
TABLE OF FIGURES................................................................... 3
1. INTRODUCTION ...................................................................... 4
2. RAP SYSTEM OVERVIEW .................................................... 5
2.1 THE LOGIN PAGE................................................................. 5
2.2 THE MAIN PAGE .................................................................. 6
3. SSL PORTAL........................................................................... 7
3.1 ACCESS INTERNAL WEB SERVER ........................................ 7
3.2 FILE SHARING ...................................................................... 8
4. ACCESS CLIENT / SERVER APPLICATIONS.................. 9
4.1 RESTRICTED CLIENT / SERVER APPLICATION (JAVA
APPLET) ........................................................................................ 9
4.2 GENERIC CLIENT / SERVER APPLICATION (ACTIVEX) .... 10
5. TUNNELING VPN .................................................................. 12
6. OTHER FUNCTIONS ............................................................ 13
6.1 SERVICES OF TELNET, SSH AND MS TERMINAL SERVICE
13
6.2 FTP SERVICE .................................................................... 13
6.3 NATIVE EMAIL SERVICE .................................................... 14
7. SYSTEM TASKS (TOOL BAR ON THE TOP OF MAIN
PAGE) ........................................................................................... 15
7.1
7.2
7.3
7.4
7.5
7.6
MAIN PAGE ........................................................................ 15
USER PROFILE................................................................... 15
CHANGE PASSWORD......................................................... 15
ACCESS HISTORY.............................................................. 16
DOCUMENTS ...................................................................... 16
LOGOUT ............................................................................. 16
HELM SYSTEMS
-2-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Table of Figures
Figure 1: The Login Page......................................................................... 6
Figure 2: Main Page ................................................................................. 6
Figure 3: SSO Login Page ....................................................................... 7
Figure 4: Simplify User name Password web application server ....... 8
Figure 5: View and download the shared files within the Network
Neighborhood ............................................................................................ 8
Figure 6: Upload the shared files within the Network Neighborhood .. 9
Figure 7: Restricted C/S Plug-in............................................................ 10
Figure 8: Access web based server in Generic C/S mode................. 11
Figure 9: Virtual Adapter Download and Installation........................... 12
Figure 10: SSH, Telnet and MS Terminal Service emulator .............. 13
Figure 11: FTP Service........................................................................... 13
Figure 12: From Native Email to Web Mail .......................................... 14
Figure 13: User Profile............................................................................ 15
Figure 14: Change Password ................................................................ 15
Figure 15: User Access History............................................................. 16
Figure 16: On Line Documents.............................................................. 16
HELM SYSTEMS
-3-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
1. Introduction
RAP (Remote Access Pass) has an all-in-one SSL PORTAL appliance, which allows you
to remotely access internal servers and services even behind firewall securely for your
maximum benefit. With the RAP you will gain remote access to your files, directories,
and applications with any internet-ready PC. RAP also provides to remote access sharing
files, SSH, telnet, MS Terminal Service, native email server, FTP services and based on
TCP level Client/Server.
RAP supports:
Browser based access: Web-based (HTTP/HTTPS, DHTML/HTML, Script
languages)
Web File Sharing Access: SMB
Light weight plug-in (Java applet access): Telnet, SSH, FTP (Passive and Active),
MS Terminal Service, POP3, IMAP and Restricted Client/Server application
Light weight plug-in (ActiveX): Generic client/Server application (dynamic ports,
non-configurable for client agent)
Remote Access and control Windows, Linux and Unix OS based PC
Tunneling: IP level based application.
Four Security Levels:
Browser based pure clientless access,
Java applet access and remote control PC are pure clientless SSL PORTAL, which
only using a standard port.
ActiveX access and TCP/UDP client/server applications
Tunneling is an On Demand running a client in the remote PC that can transfer the
IP data over TCP level and through the channel of RAP to RAP server and
communicate to internal application server.
The user manual will show how the RAP can help you to access the computer in your
office through firewall and all of Internet connected computers you use at home, while
traveling, and at play.
Administrator grants all the functionality accessing right for user.
You may have password, USB Dangle or RSA ScureID token.
If the remote PC is behind a firewall, which must allow data of 443 and 80 ports both in
and out.
If the remote PC is behind a proxy, it works well.
HELM SYSTEMS
-4-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
2. RAP System Overview
Start by pointing the viewing computer’s browser to RAP public IP mapped by firewall
and log in with your User ID and password.
2.1
The Login Page
The UserID and password assigned by administrator or MS Active Directory. (Email
or personal)
Click Recover Password, you can get a new temporary password after you set the
secrete question and answer.
When RSA SecurID authentication is available, the user should enter the dynamic
token ID into Password field.
When the mobile phone authentication is available, the next login page is shown after
user login successfully.
HELM SYSTEMS
-5-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Figure 1: The Login Page
2.2
The Main Page
Figure 2: Main Page
HELM SYSTEMS
-6-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
3. SSL PORTAL
3.1
Access internal web server
There are two mode pre-set by admin:
o
Select the internal web based application server from the server list that is the
accessing privilege assigned by administrator. Click “GO” to access this
server’s first page on a new window.
This functionality could make user to access the intranet resource (servers)
o
Input the internal URL that user had known. Click “GO” to access this
server’s first page on a new window.
Select the URL or name of the intranet servers you have known on the list of
“Intranet Server’s URL” and then click the “Connect” button. You can access the
server from the remote browser through the RAP securely. This functionality could
make user to access the intranet resource although they may not have themselves
target computer in the LAN.
This function makes the communication between branches of the company
available.
It will show the Single SignOn login page to control the target accessible of the
application connected when SSO service is available.
Figure 3: SSO Login Page
When set this application server to simplify multiple login using specific format for
registration of application server URL in RAP admin tool, pop up a new login
window. The user must set the application user ID and password when first login or
RAP user password has been changed. Otherwise, do nothing. Click “Continue”.
HELM SYSTEMS
-7-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Figure 4: Simplify multiple logins web application server
3.2
File Sharing
Click “File Sharing” to view, download and upload the shared folders and files in
the LAN like “MS My Network Places”. When click the file link in the right area,
you can download this file. When click “Upload” icon, you can upload the local file
to some shared folder.
Use or share files and applications within the Network Neighborhood. Retain
permissions granted to your User ID within the LAN. Manage access to shared
visible directories from your PC to other PCs on the local area network. Enables or
disables LAN file sharing while protecting your desktop.
Figure 5: View and download the shared files within the Network Neighborhood
HELM SYSTEMS
-8-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Figure 6: Upload the shared files within the Network Neighborhood
4. Access Client / Server Applications
There are two kind of client / server applications that depend on the usage are registered
by admin.
4.1
Restricted Client / Server Application (Java Applet)
When user select the application is Restricted C/S mode, JRE must be downloaded and
installed as well as popup a new plug-in window.
The client agent should be changed IP address of server to the new IP displayed on the
frame in the plug in page. Ex. (127.10.0.1)
The connection is disconnected when close this plug-in page.
This mode is for C/S application that has fixed port, fixed local PC installed client agent.
The security level of this mode is higher that Generic Client / Server mode.
HELM SYSTEMS
-9-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Figure 7: Restricted C/S Plug-in
4.2
Generic Client / Server Application (ActiveX)
When user select the application is Generic C/S mode, a small ActiveX agent
will be downloaded and installed.
A small icon
will display on the right taskbar of Windows in the remote PC.
Right click icon
select “Exit”, the connection of Generic C/S is disconnected.
Access the web based server registered by admin: Click the server link on the new
page
HELM SYSTEMS
-10-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
Figure 8: Access web based server in Generic C/S mode
Access the C/S application: Run the client agent directly like in the intranet
HELM SYSTEMS
-11-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
5. Tunneling VPN
This function is integrated with OpenVPN, which is open source
Support the all of the non TCP level applications that can not be supported by C/S
function like IPSec VPN.
Clicks the Tunneling icon, it will on demand download a Java Applet and startup an
agent on your remote PC. Then a secure channel of TCP level is created from the
remote PC to RAP. The on demanded agent of RAP can make IP application data to
TCP level through the channel to RAP server that recover to IP level to the internal
application server.
This is a generic function can support all protocol of applications such as HTTP,
TCP, UDP and IP. It can access the intranet directly. The secure level is lower than
other functions of RAP.
Use this function only for the applications that can not be support by Clientless
SSL PORTAL and other functions of RAP
It still uses the standard relay port of RAP that is more secure than IPSec VPN.
The HELMVPN client must be installed manually when use Windows Vista, 7 or
XP SP3 above OS. Clicks the “HELMVPN Client” button in the plug in page to
download and install the tunneling HELM VPN client following the comments step
by step, the plug in page will be closed automatically as well. Click the Tunneling
icon in the main page again to connect to tunneling VPN after HELMVPN driver is
installed.
Figure 9: Virtual Adapter Download and Installation
HELM SYSTEMS
-12-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
6. Other Functions
6.1
Services of Telnet, SSH and MS Terminal Service
The services of supporting Telnet, SSH, MS Terminal Service are all need MS JVM or
SUN JAVA JRE (PLUGIN) to support On Demand applet. If some browsers did not
installed JVM or JRE, you must download it from SUN or Microsoft download web site.
Figure 10: SSH, Telnet and MS Terminal Service emulator
6.2
FTP Service
Access the FTP server just like access SSH, Telnet server. The FTP service can support
both static ports and dynamic ports and basic commands of native FTP (Sun Java Plug-in
only).
Figure 11: FTP Service
HELM SYSTEMS
-13-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
6.3
5.5
5/25/2010
Native Email Service
Click Email icon to access the internal mail server and RAP can transfer the info and
commands from native email server to web based email (same as Yahoo Mail).
Everything display in browser and are protected by SSL channel.
Figure 12: From Native Email to Web Mail
HELM SYSTEMS
-14-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
5.5
5/25/2010
7. System Tasks (Tool bar on the top of Main page)
7.1
Main Page
Return to Main page. See Figure 2
7.2
User Profile
Allow you to modify your personal account information
Figure 13: User Profile
7.3
Change Password
Allow you to change your User ID password. Please visit this link to set your
personalized password reset question. All passwords are strongly encrypted and cannot be
recovered, but they are reset if you can answer your own personalized question. A
personalized password reset is already set for the remote desktop password.
If RSA SecurID or MS Active Directory or LDAP authentication is enabled, this function
is not available.
Figure 14: Change Password
HELM SYSTEMS
-15-
Email: info@helmsys.com
Remote Access Pass
Version:
RAP User Manual
Date:
7.4
5.5
5/25/2010
Access History
Shows a log of the date and time you logged–in and accessed your computers.
Figure 15: User Access History
7.5
Documents
Click the link of “User Manual” to on line display this file
Figure 16: On Line Documents
7.6
Logout
Securely closes your session with the RAP server. You must close all browsers that
have accessed your computer in order to securely close your session with your target.
If you do not close the browser, your session could be re-started by the next person to
use the viewing computer within 15 minutes.
HELM SYSTEMS
-16-
Email: info@helmsys.com