Introduction to User Groups

  • To begin, you must edit the Default User Group, which provides the Corente Services Gateway with a list of all machines on the LAN that are participating in the application network. You first created this group when you used the Location Wizard to create the Location.

  • Next, if applicable, you should define your Default User Group – DMZ, which informs the Corente Services Gateway what subnet is designated as the DMZ on your LAN.

  • Then, you should define the Internal Network Description group, which should contain all of the subnets at your site. This allows the Corente Services Gateway to distinguish between computers on the Internet and computers on the LAN that are not participating in the application network.

  • After you define these User Groups, you can create additional named User Groups, which will divide the IP addresses on the LAN into smaller groups. Each named User Group consists of machines that will have the same permissions on the domain or LAN. You can create any number of named User Groups for this Location.

On the Partners Tab or with the Tube wizard, you can further define and restrict permissions by including your User Groups in tubes. Tubes enable you to specify a set of local machines, a set of remote machines or a remote application, and the firewall policy to be used when these machines communicate.

Important

The following network addresses are restricted and cannot be assigned to any hosts on the LAN:

  • 1.1.1.0

  • 1.1.1.1

  • 1.1.1.2

  • 1.1.1.3

Instead of using the User Groups tab to include application servers on the LAN in your application network, you may want to register these servers on the Applications Tab.

The main screen of the User Groups tab displays the User Groups that have already been configured for this Location. Three placeholder User Groups appear by default:

  • Entire LAN Group: This group is used on the Partners tab exclusively when creating a LAN to Internet Access or LAN to Location Access partnership. It is predefined and cannot be modified.

  • Location LAN Address: This group is used on the Partners tab when creating a LAN to Location Access partnership or a partnership that allows partners to access the Gateway Viewer application for this Location. It is predefined and cannot be modified.

  • Default User Group: This group contains every IP address on the LAN that will participate in the application network. It is not predefined and must be configured before a new Location gateway can be installed.

  • Default User Group - DMZ: (appears only when a DMZ interface has been configured for this Location on the Network tab) This group contains every IP address on the LAN that is participating in the DMZ. Depending on the choices you made when configuring the DMZ interface, this group may or may not be predefined. This group is used exclusively when configuring the DMZ to Internet Access and LAN to DMZ Access partnerships on the Partners tab.

Copyright © 2016, 2017, Oracle and/or its affiliates. All rights reserved. Legal Notices