You can configure the security protocols and cryptographic algorithms that are used to encrypt communications between clients and the Unified Access Gateway appliance from the admin configuration pages.

About this task

The Unified Access Gateway admin user interface URL is in the format https://<mycoUnifiedAccessGatewayappliance.com>:9443/admin/index.html. To log in, enter the administrator user name and password you configured when you deployed the OVF.

Prerequisites

  • Review the Unified Access Gateway Deployment Properties. The following settings information is required

    • Static IP address for the Unified Access Gateway appliance

    • IP Address of the DNS server

    • Password for the administration console

    • URL of the server instance or load balancer that the Unified Access Gateway appliance points to

    • Syslog server URL to save the event log files

Procedure

  1. In the admin UI Configure Manual section, click Select.
  2. In the Advanced Settings section, click the System Configuration gearbox icon.
  3. Edit the following Unified Access Gateway appliance configuration values.

    Option

    Default Value and Description

    Locale

    Specifies the locale to use when generating error messages.

    • en_US for English

    • ja_JP for Japanese

    • fr_FR for French

    • de_DE for German

    • zh_CN for Simplified Chinese

    • zh_TW for Traditional Chinese

    • ko_KR for Korean

    Admin Password

    This password was set when you deployed the appliance. You can reset it.

    Passwords must be at least 8 characters long, contain at least one uppercase and one lowercase letter, one digit, and one special character, which includes ! @ # $ % * ( ).

    Cipher Suites

    Most cases, the default settings do not need to be changed. This is the cryptographic algorithms that are used to encrypt communications between clients and the Unified Access Gateway appliance. Cipher settings are used for enabling various security protocols.

    Honor Cipher Order

    Default is NO. Select YES to enable TLS cipher list order control.

    TLS 1.0 Enabled

    Default is NO. Select YES to enable TLS 1.0 security protocol.

    TLS 1.1 Enabled

    Default is YES. The TLS 1.1 security protocol is enabled.

    TLS 1.2 Enabled

    Default is YES. The TLS 1.2 security protocol is enabled.

    Syslog URL

    Enter the Syslog server URL that is used for logging Unified Access Gateway events. This value can be a URL or a host name or IP address. If you do not set the syslog server URL, no events are logged. Enter as syslog://server.example.com:514.

    Health Check URL

    Enter a URL that the load balancer connects to and checks the health of Unified Access Gateway. For example, https://mycoUnifiedAccessGateway.com:443/favicon.ico

    Cookies to be Cached

    The set of cookies that Unified Access Gateway caches. The default is none.

    IP Mode

    Select the static IP mode, either STATICV4 OR STATICV6.

    Session Timeout

    Default value is 36000000 milliseconds.

    Quiesce Mode

    When performing an upgrade, set this mode to YES only if Unified Access Gateway is used with a load balancer. After the upgrade is complete, set this mode to NO.

    Monitor Interval

    Default value is 60.

    Request Timeout

    Default settings is 3000.

    Body Receive Timeout

    Default is 5000.

  4. Click Save.

What to do next

Configure the edge service settings for the components that Unified Access Gateway is deployed with. After the edge settings are configured, configure the authentication settings.