Configure Terminal Services Settings

To enable your users to authenticate to your Firebox over a Terminal Server or Citrix server, you must configure the authentication settings for terminal services. When you configure these settings, you set the maximum length of time a session can be active and specify the IP address of your Terminal Server or Citrix server.

You can specify a maximum of 512 Terminal Services Agents in a Firebox configuration. If you specify more than 512 agents, Fireware only recognizes the first 512 agents.

In Fireware v12.7.1 and lower, you can only specify a maximum of 128 Terminal Services Agents.

When you configure the Terminal Services settings, if your users authenticate to your Firebox, the device reports the actual IP address of each user who logs in. This enables your device to correctly identify each user who logs in to your network, so the correct security policies can be applied to each user's traffic.

You can use any of your configured authentication server methods (for example, Firebox authentication, Active Directory, or RADIUS) with terminal services. To use single sign-on with terminal services, you must use an Active Directory server.

The single sign-on option for the Terminal Services Agent does not use any of the WatchGuard Single Sign-On solution components (SSO Agent, SSO Client, Event Log Monitor, Exchange Monitor). You do not have to install any of the WatchGuard Single Sign-On components to use the single sign-on option for the Terminal Services Agent.

In Fireware v11.11 2 and higher, the Backend-Service user account is automatically added to the Users and Groups list when you enable Terminal Services on the Firebox. This user account is used by the Terminal Services agent. For more information, go to Install and Configure the Terminal Services Agent.

Related Topics

About User Authentication

Set Global Firewall Authentication Values

Enable Active Directory SSO on the Firebox