Sie sind auf Seite 1von 8

1 TIKS 2010 Request

In order to access AdminLAN using VPN client, you have to use a smartcard. If you
dont have one, you can request it fill in the below document and sending it to the
FMB.TS-IB-INFRAESTRUCT-CORPORATIV@t-systems.com mail address.
Your responsible should be copied on the request e-mail for approval proposals.

Formulario_TIKS_201
0.xlsm

2 TIKS 2010 Software & Certificates


NOTE: This step only can be done on T-Systems network (physically or connected to
VPN)

We should download the following zip file which only is accesible from T-Systems
network:
file://filesystem/repositorio/DescargasIntranet/AreaDescargas/TIKS-2010-Manual-Installation-
v9.zip
Once unzipped, inside the new folder created there are 3 certificates, an installation
manual and an executable file which are necessary to get the TIKS cards working on
our computer.

NOTE: The executable file is only for 32-bits Windows version. It does not work
properly on 64-bits Windows version. In case you have a 64-bit Windows version, you
should use this:
http://smf-box.t-
systems.com/kb/Tools/TIKS2010%20Client%20Software%20Package%20W7-
64_1.0.2_DE_EN.exe.7z

2.1 Software installation


IMPORTANT: Dont insert the TIKS card in the computer after installation is completed

2.2 32-bit Windows systems


Execute TIKS2010 Client Software Package_1.0.X_DE_EN.exe and follow the
installation wizard keeping default options. Software and certificates should be installed
automatically so you dont need to install them manually.
2.3 64-bit Windows systems

Install the three certificates inside the new folder created previously manually by
clicking them.
After the certificates are installed, you should execute the "TIKS2010 Client Software
Package W7-64_1.0.2_DE_EN.exe" file provided for "Infraestructuras Corporativas"
team.

2.4 Check the installation


After the installation wizard has finished, we should check the installation has been
successful. In order to do this, we should open Internet Explorer and click on Tools,
Internet Options and the Content tab.

We must click on Certificates button:

Then click on Intermediate certification entities and check that T-Systems


Company CA 2 certificate is present:
Now check Trusted Root certification Entities tab and check that Deutsche Telekom
Root CA 1 is also present.

In case some certification is missing, it is possible to add them manually clicking on


Import button and then selecting the proper certificate under the folder where we have
unzipped the software on the first step (10.1)

2.5 Check the installation


In order to check the card is properly working and configured we should insert the card
in the computer reading and start TCOS Base CSP Management Tool (Start > All
programs > IT-Security)
Once open, click on the tool icon on the system tray:

If we keep the cursor over the card reader we must see the ID of the card:
If we click on the card ID the card info is displayed:

3 Citrix Receiver

Citrix Receiver software can be downloaded from http://www.citrix.es/downloads/citrix-


receiver/windows/receiver-for-windows-431.html. Once the software is downloaded,
you should execute the installation file and follow the installation wizard keeping the
default options. It will also install the plug-ins needed by Firefox to integrate the
software into Firefox navigator.

4 CheckPoint SecuRemote

You should unzip the previous file and follow the installation wizard keeping the default
options.
http://smf-box.t-systems.com/kb/Tools/AdminLAN_CheckPointVPN_V1.zip
5 Mozilla Firefox
Mozilla Firefox navigator can be downloaded from
https://download.mozilla.org/?product=firefox-stub&os=win&lang=es-ES and follow the
installation wizard steps. Once its installed in our computer we should check that Citrix
add-ons are both selected to Always Activate on Add-ons:

Additionally we should go to Firefox Options click on Advanced tab and then click on
Settings button:
Once the connection settings window opens we must select Automatic proxy
configuration URL option and add the following URL
http://proxy-pac.adminlan.telekom.de/ianproxy.pac

6 Connect to T-Systems Germany VPN

The first thing we must do is to check that TCOS software is already running and the
TIKS card is in the computer reader. If not, you should start TCOS software from Start
> All programs > IT-Security, launch the program and then insert the card in the
computer reader.
After this we should open CheckPoint SecuRemote client and click on Connect
button:
A new window should pop-up and we must introduce the following data:
Site: Germany Classic / Admin-LAN_DE / 10.206.14.10
Gateway: FCDCISGPCL
Certificate: Select your own certificate from the list

Once the data is introduced we should click on the Connect button and then the system should
ask for our TIKS card PIN

After that, CheckPoint client should show Connected status:


6.1 Connect to Citrix

Once connected to the VPN you can use Citrix to run different applications. In order to access
Citrix applications you should click the following url using your WiW account:
http://164.34.223.20

Then you should select Mnchen folder: