Registering Ivanti Connect Secure Gateway

Once you have logged into the Ivanti Neurons for Secure Access, the next step is to launch Ivanti Connect Secure Gateway UI, then register one or more ICS.

To launch ICS Gateway UI

  1. In the Ivanti Neurons for Secure Access UI, select the Gateway Switcher icon located on the top left corner.

    _images/gw-switcher.png

    FIGURE 13 Gateway Switcher

  2. From the list, select Ivanti Connect Secure.

    The Ivanti Connect Secure UI page is displayed.


To register ICS Gateway:

  1. From the Ivanti Connect Secure menu, click the Gateways icon, then select Gateways > Gateways List.

    The All Gateways page is displayed.

    _images/all_gws_list_blank.png

    FIGURE 14 Gateways list option

  2. In the All Gateways page, click the Add drop-down list.

    _images/add-gateway.png

    FIGURE 15 Add Gateway Selection

  3. From the Gateway types list, select ICS Gateway.

    The Register ICS Gateway page is displayed.

    _images/pcs-gw-regn.png

    FIGURE 16 ICS Gateway Registration

  4. Enter a unique name for ICS gateway.

    Note

    The name should be maximum 15 characters, only alphanumeric, underscores, and hyphens are allowed between characters, and must start with a letter.

  5. Enter your Location details such as Country, State/Region, City, and then click Register.

    _images/pcs-gw-regn-summary.png

    FIGURE 17 ICS Gateway Registration Summary

    The Registration Summary page contains the FQDN URL and Registration Key, which you need to enter in the ICS Gateway to complete the registration. See Completing Registration of a ICS Appliance.

  6. Click Close.

    The newly added ICS Gateway gets listed as “Unregistered” under ICS Gateways list.

Completing Registration of a ICS Appliance

For all platforms, make sure the firewall rules for the Public Subnet in which your ICS Gateway External Interface resides is configured to accept inbound client connections on TCP port 443.

Furthermore, make sure you configure the Network Gateway serving your Private Subnet to allow outbound traffic to the nSA Controller in the following ways:

  • Allow outbound TCP traffic on port 443 to the Controller service

  • Allow outbound UDP traffic to the following Network Time Protocol (NTP) services:

    • time.windows.com (port 123)

    • time.nist.gov (port 123)

Note

We recommend you use NTP server to ensure the clocks are synchronized and features on Ivanti Neurons for Secure Access work properly.

To complete registration of a ICS appliance:

  1. Log in to the ICS appliance as an Admin.

  2. Select the System > Configuration > Ivanti Neurons for Secure Access > Settings tab.

  3. Enter the Registration FQDN and Registration Code.

    Note

    The Registration FQDN and Registration Code were displayed during ICS Registration with nSA” .

    _images/pcs_nsa_settings.png

    FIGURE 18 ICS: Ivanti Neurons for Secure Access Settings

  4. Click Save Changes.

    The Status Information displays the Registration Status in green.