The Off-Network Remote Management is implemented through gateways that have a dialog between each other. A dialog is a communication through TCP/IP or HTTP tunneling with SSL/TLS encryption.
Gateways
There are several types of Off-Network Remote Management (ONRM) gateways used. It is necessary to install all types to have ONRM working properly.
LAN Gateway:
LAN Gateway is a gateway that works on server side, gets the messages and forward them to the Desktop Authority console.
ExpertAssist Gateway:
ExpertAssist Gateway works on the client side, gets the messages and forward them to ExpertAssist client.
Internet Gateway
Internet Gateway is an auxiliary gateway to bring the ability for LAN Gateway and ExpertAssist Gateway to have a dialog if a client machine is Off-Network.
Encryption
Gateways use TLS Protocol for encryption. Off-Network Remote Management uses custom Certificate Authority (CA) for this, generates the Root certificate during installation of Desktop Authority and uses it later.
There are steps to configure the Certificate Authority:
The Desktop Authority Installer generates public and private keys, saves it to AppSettings.xml
The Desktop Authority Installer creates the certificate RSC Root Certificate and this certificate will become the root certificate for Off-Network Remote Management Custom Authority, so the install places it to the Trusted Root Certification Authorities store.
The Desktop Authority Installer generates SlCert.pfx and publicCA.cer files, using the keys and the root certificate and places it to the LAN Gateway folder.
To use the Internet Gateway it is necessary to open Internet Gateway tab, fill IP addresses fields and generate Internet Gateway installer with correct certificate files, SlCert.pfx and publicCA.cer.
During Expert Assist replication Desktop Authority generates the same certificate files for ExpertAssist that are common for all ExpertAssist clients, it stores the common certificate in the database.
During Expert Assist installation the ExpertAssist Gateway generates each own certificate files using the common one and sends it to the Desktop Authority.
When the ExpertAssist Gateway certificate files, SlCert.pfx and publicCA.cer, are created, ExpertAssist Gateway will use it for TLS handshake process.
© ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책 Cookie Preference Center