Configure Terminal Services Settings

To enable your users to authenticate to your Firebox or XTM device over a Terminal Server or Citrix server, you must configure the authentication settings for terminal services. When you configure these settings, you set the maximum length of time a session can be active and specify the IP address of your Terminal Server or Citrix server. You can specify a maximum of 32 Terminal Services Agents in a Firebox or XTM device configuration.

If your device runs Fireware XTM v11.0–v11.3.x, terminal services is not available and the configuration settings do not appear in Policy Manager.

When you configure the Terminal Services settings, if your users authenticate to your Firebox or XTM device, the device reports the actual IP address of each user who logs in. This enables your device to correctly identify each user who logs in to your network, so the correct security policies can be applied to each user's traffic.

You can use any of your configured authentication server methods (for example, Firebox authentication, Active Directory, or RADIUS) with terminal services. To use single sign-on with terminal services, you must use an Active Directory server.

The single sign-on option for the Terminal Services Agent does not use any of the WatchGuard Single Sign-On solution components (SSO Agent, SSO Client, Event Log Monitor, Exchange Monitor). You do not have to install any of the WatchGuard Single Sign-On components to use the single sign-on option for the Terminal Services Agent.

To configure Authentication Settings for terminal services:

  1. Select Authentication > Terminal Services.
    The Terminal Services page appears.
  2. Select the Enable Terminal Services Support check box.
    The terminal services settings are enabled.

Screen shot of the Authentication Terminal Services page

  1. In the Session Timeout text box, type the maximum length of time in seconds that the user can send traffic to the external network.
  2. To add a Terminal Server or Citrix server to the Agent IP list list, in the text box, type the IP address of the server and click Add.
    You can add a maximum of 32 Terminal Servers or Citrix servers to the list.
    The IP address appears in the Terminal Services Agent IPs List list.
  3. To remove a server IP address from the Agent IP list list, select an IP address in the list and click Remove.
  4. Click Save.

See Also

About User Authentication

Set Global Firewall Authentication Values

Enable Single Sign-On (SSO)

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base