Cisco Cisco Virtualization Experience Client 2212 Administrator's Guide
A-15
Cisco Virtualization Experience Client 2112/2212 ICA Administration Guide for WTOS 7.0_214
OL-215152-01
Appendix A Central Configuration: Automating Updates and Configuration
Configuring Session Services
Configuring for Transport Layer Security (TLS) Connections Over a LAN
The IEEE 802.1x standard allows a switch port to remain wired or enabled but not permit traffic to
traverse the switch until the identity of the client is confirmed. IEEE 802.1x is a security feature. It
defines the process of authenticating a wired client to allow the client to communicate with the network.
WTOS supports IEEE 802.1x for zero clients to be authenticated to access an Ethernet network. To
enable this connection, you must download certificates from a Certificate Authority (CA), and then
install and configure them for the zero client.
traverse the switch until the identity of the client is confirmed. IEEE 802.1x is a security feature. It
defines the process of authenticating a wired client to allow the client to communicate with the network.
WTOS supports IEEE 802.1x for zero clients to be authenticated to access an Ethernet network. To
enable this connection, you must download certificates from a Certificate Authority (CA), and then
install and configure them for the zero client.
To configure the authentication options:
Procedure
Step 1
Open the Network Setup dialog box (click the desktop to open the menu, select System Setup, and then
click Network).
click Network).
Step 2
Click the Security tab.
Step 3
Select the Enable IEEE802.1x Authentication check box.
Step 4
In the EAP Type drop-down list, select an Extensible Authentication Protocol option.
Tip
In Wire mode, only the TLS EAP type is available.
Step 5
Use the following guidelines to configure the EAP Type option you selected:
•
TLS—If you select the TLS option, click Properties to open and configure the Authentication
Properties dialog box (you can use Browse to find and select the Client Certificate file and
Private Key file you want). Note that the CA certificate must be installed in the device.
Properties dialog box (you can use Browse to find and select the Client Certificate file and
Private Key file you want). Note that the CA certificate must be installed in the device.
Step 6
In the Network Setup dialog box, select an Import From option (either USB Key [the default] or File
Server) to configure where a user can import a new certificate, click Import, and then use the following
guidelines to configure the option you selected:
Server) to configure where a user can import a new certificate, click Import, and then use the following
guidelines to configure the option you selected:
•
USB Key: Select a certificate and click OK to import it to local memory.
•
File Server: Enter the path to the certificate, and then enter a username and password.
Configuring Session Services
Before you use the information in this section to configure your ICA and RDP session services, be sure
you understand and use the following guidelines:
you understand and use the following guidelines:
•
General Guidelines—Be aware of the following:
–
The Thin-client session services are made available by servers hosting Citrix ICA and Microsoft
RDP software products.
RDP software products.
–
A browser must be available through one of the session services to access any on-line help
documentation for users.
documentation for users.
–
There can be more connections than desktop space to display them.