Configuring remote access to internal file shares with IAG

Updated: February 10, 2010

Applies To: Intelligent Application Gateway (IAG)

Whale Communications Intelligent Application Gateway (IAG) 2007 provides the following two applications that enable remote users to access file systems on the internal network:

  • The Local Drive Mapping application provides access to Windows shared network folders.

  • The File Access application provides access to Windows Network and Novell NetWare file servers.

After configuring local drive mapping and file access, you publish file access in an IAG portal in order to allow remote users to connect to internal file structures. For instructions, see Publishing applications in an IAG portal.

Local drive mapping enables you to map internal Windows shared network folders (shares) to network drives on remote users’ local computers. Users can then connect to the shares directly from the remote computer, and users can then, depending on policy configuration, download and upload files to and from those drives. Local drive mapping is supported on endpoint computers that run Windows XP, Windows Server 2003, and Microsoft Windows 2000 Server operating systems. It is recommended that you enable this feature only for endpoints that comply with your corporate endpoint policy. For example, only endpoints running the latest update of the corporate antivirus program are allowed to access internal file shares. For more information about endpoint policies, see Planning for IAG client endpoint policies.

Configuring local drive mapping consists of mapping a share to a local network drive. You can enable access to multiple shares by adding multiple local drive mapping applications to a portal. Add one for each share. For each share, you can decide how it will be accessible to remote users, as follows:

  • As soon as users log into the portal homepage, the share is automatically added to the Windows Explorer shares on the endpoint computer (default option).

  • Via a link on the portal homepage.

For instructions, see Configuring remote access to mapped Windows shares with IAG.

File Access is a Web application that enables authorized remote users to access, view, and download files from the organization’s Windows Network and Novell NetWare file servers from any location, and it also enables users to upload files to the servers by using a browser. Via the portal, File Access presents remote users with an Explorer-like view from which all permitted file folders can be accessed. The File Access application enables you to define the domains, servers, and shares that will be accessible to authorized remote users over the Internet. The existing network resource definitions are used as the basis for the File Access definitions, including the following:

  • Domains

  • Servers

  • Shares

  • Individual user permissions

After you define the enabled File Access resources, remote users are able to view only the specific folders for which they already have access permissions within the organization. These will invariably be a subset of the cross-organization domains, servers, and shares, defined for File Access. However, if the remote user has permission to access a certain domain, server, or share, which was not defined as part of the File Access, these locations will not be accessible regardless of such permission.

Configuring File Access consists of the following steps:

  • Share Windows network resources through the file access application if required. To allow sharing of Windows network resources, IAG must be a domain member and the file access servers must be in the same domain as users or in a domain that trusts the domain or domains in which users are located. You can join IAG to an existing domain or set the IAG server up as a domain controller in a separate domain. For instructions, see Configuring file access permissions and settings in IAG.

  • Enable file access to Novell NetWare servers if required. For instructions, see Configuring file access permissions and settings in IAG.