Search the ManageEngine site:  
 

Help Center

Quick Start

File Auditing

File Analysis

Data Risk Assessment

Endpoint DLP

Cloud Protection

General settings

Policy Configuration

Release notes

Troubleshooting

Guides

Third-party software Contact us

Configuring a gateway server in endpoints

A gateway server is an HTTP proxy server, and the server’s proxy settings can be configured manually on an individual endpoint or configured in bulk for a group of endpoints.

Steps to configure a gateway server on an individual endpoint:

  • Open the Internet Properties window on the endpoint using one of the following methods:
    • Type inetcpl.cpl in the Run window.
    • Open Internet Explorer, click the settings symbol in the top-right corner, and then select Internet Options.
    • Open the Control Panel and select Internet Options.
    • On devices running Windows 10, you can also navigate to Settings > Network and Internet > Proxy.
  • In the Internet Properties window that opens, navigate to the Connections tab and click the LAN settings button.
  • In the Local Area Network (LAN) Settings window that appears:
    • Uncheck the Automatically detect settings checkbox.
    • Uncheck the Use automatic configuration script checkbox.
    • Check the Use a proxy server for your LAN option.
    • Enter the IP address of the gateway server in the Address text box and include its port number in the Port text box.
  • Click OK.

The gateway server is now configured on the endpoint.

Steps to configure gateway servers on multiple endpoints via a Group Policy Object (GPO):

  • Launch the Group Policy Management console using any of the following methods:
    • Navigate to Server Manager > Tools > Group Policy Management Console.
    • Press Win+R and in the Run dialog box that appears, type gpmc.msc and click OK.
  • The Group Policy Management Console window opens. You can create a new GPO or modify an existing one.
  • To create a new GPO, right-click the domain, site, or OU where you want to apply the policy and click Create a GPO dialog in this domain and Link it here.
  • Enter a name for the GPO in the New GPO dialog box and click OK. The GPO is now created.
  • Right-click the newly created GPO or an existing one and select Edit.
  • In the Group Policy Management Editor, navigate to User Configuration > Preferences > Control Panel Settings > Internet Settings.
  • Right-click Internet Settings and select New > Internet Explorer 10.
  • In the IE Settings window, go to Connection and click the LAN settings button.
  • In the Local Area Network (LAN) Settings window that appears:
    • Uncheck the Automatically detect settings checkbox.
    • Uncheck the Use automatic configuration script checkbox.
    • Check the Use a proxy server for your LAN option.
    • Enter the IP address in the Address text box and include the port number in the Port text box.
  • Click OK.

The gateway server is now configured across multiple endpoints.

To configure gateway servers on multiple endpoints via a Proxy Auto-Configuration (PAC) script, update your PAC script with the IP address and port number of the gateway server.

 

Learn more about PAC scripts.

Installing a CA certificate

When deep packet inspection is enabled on the gateway server, the server will sign the SSL certificates of all websites with DataSecurity Plus' CA certificate. Thus, the endpoints must trust the CA certificate that is created in DataSecurity Plus.

  • To create a new CA certificate, follow the steps mentioned on this page.
  • To assign a new CA certificate or modify the existing certificate, follow the steps on this page.
  • To download a CA certificate that you have created, follow the steps given here.

Once downloaded, the CA certificate can be installed on individual endpoints manually or on multiple endpoints via a GPO.

Steps to install the CA certificate on individual endpoints manually:

  1. Double-click the downloaded CA certificate and click Install Certificate.
  2. In the Certificate Import Wizard window, choose Place all certificates in the following store and then choose Trusted Root Certification Authorities.
  3. Click Next.

The endpoint will now trust the CA certificate you generated.

Steps to install the CA certificate on multiple endpoints via a GPO:

To install the certificate on all client devices, create a group policy in the domain controller in which end-user settings are configured.

  • In the domain controller, navigate to Start > Administrative Tools > Group Policy Management.
  • Right-click your domain and select Create A GPO In This Domain And Link It Here.
  • Enter a suitable name for the GPO and click OK.
  • Right-click the newly created GPO and click Edit. The Group Policy Management Editor opens.
  • In the Computer Configuration, navigate to Policies > Windows Settings > Security Settings > Public Key Policies.
  • Right-click Trusted Root Certification Authorities and select Import.
  • Click Browse and select the generated CA certificate.
  • Click Finish > OK.

The client devices will now trust the CA certificate you generated.

Topics in this page:

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     

  • Request additional resources

    Send us your requirements.

     

© 2024 Zoho Corporation Pvt. Ltd. All rights reserved.