Clientless Access
Last update:2023-08-29 15:50:15
1. Usage Scenario
Except for the ESA client, we also offer non-client access to enterprise applications via web browser. We support clientless access to applications with http/https/ssh*/rdp*. It provides a simple access for:
- External users, like: partners, part-time workers.
- Internal users with BYoD
- Temporary users
2. Operation Steps
1) Go to Web Security Gateway–>Basic Configuration to configure your web proxy server.
2) For security access, we recommend customers to use your own certificate and domain for web access.
Here are the steps:
- Config a domain and upload certificate. We suggest to use 4-level domain name, For example: alex.esa.ABC.com. ABC refers to your company name.
- Contact CDNetworks technical service to config CNAME to ESA platform. After configuration, CDNetworks technical service will return the CNAME domain, for example: nsesa.cdnetworks.com
- On your name server, CNAME or NS your domain: **.esa.ABC.com* to nsesa.cdnetworks.com
- After configuration completed, please send the alex.esa.ABC.com URL to your users.
![[New Feature] WAF Rule Template](https://www.wangsu.com/wos/draft/help_doc/zh_cn/24246/27345/1689756542795_image.png)
3) User login: Copy the proxy URL: alex.esa.ABC.com to browser and then you will get ESA login page.
![[New Feature] WAF Rule Template](https://www.wangsu.com/wos/draft/help_doc/ko_kr/24246/27345/1684746151111_image.png)
After login to ESA via URL, when user visit the application, for example: ERP, the actual visiting URL will be erp.esa.ABC.com. Users are visiting the proxied domain instead of real domain. By doing this, we can shield your applications from been exposed to Internet.
For login and ID verification guide, please refer to: ESA User Guide