Community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vault Gateway Manage without logging in to the autodesk account

georg_michalik
Submitted by Contributor on ‎01-31-2023 12:23 AM Status: Archived

Vault Gateway Manage without logging in to the autodesk account

Normally, Internet access is not possible on the Vault server. Among other things, because it is required by the standard and the Vault server is a critical attack target for companies.
However, the Vault Gateway Manage function in the ADMS Console requires logging in with a Vault ID. And that's just to call the function. When after that the dialog box appears, you have the option to set up a proxy for the service account. When specifying the service account, you have to log in to manage.autodesk.com again.

 

My suggestion and urgent request is to turn off the first superfluous login so that the administrator can make the proxy settings without internet. Once the proxy setting is made, the service account can then be set up via the existing Internet.

Report
3 Comments (3 New)
POST A COMMENT
3 Comments
ihayesjr
Community Manager
Community Manager
‎01-31-2023 05:27 AM
‎01-31-2023 05:27 AM
Status changed to: Archived

@georg_michalik 

Thank you for posting the idea. The first login requirement is to ensure that only authorized people can turn on Vault Gateway. We ensure this by validating that the account being used is a Primary or Secondary admin at the company. The only way to validate this is to check the account across the internet to our servers. 

Report
0 Votes
Vote
georg_michalik
Contributor
Contributor
‎01-31-2023 06:06 AM
‎01-31-2023 06:06 AM

Thanks for the info. I have already been told the reasoning. Since it is out of question for most companies to allow the Internet on the server because of this Login, only a small customers will use the gateway.
In my opinion quite the login later also out, if the proxy is configured. The login for the service account should also be sufficient.

So the idea is to be able to configure the proxy beforehand. This does not have to be in the Adms console, but before the Manage Gateway function is called.

Report
0 Votes
Vote
ihayesjr
Community Manager
Community Manager
‎01-31-2023 06:23 AM
‎01-31-2023 06:23 AM

Vault Gateway only requires Internet access to *.autodesk.com locations, which is outbound-only traffic. Inbound internet ports do not need to be opened for Vault Gateway. We have larger customers with strict requirements in this area who are okay with this configuration requirement.

 

The proxy server settings only work for the Gateway and not the authorization check to verify the person configuring the Gateway has the correct credentials.

Report
0 Votes
Vote

Forums Links

Can't find what you're looking for? Ask the community or share your knowledge.

Submit Idea  

Report a website issue