How do I request remote access to the self-service portal?
You may request remote access by visiting the Remote Access Self Service Portal ( only available while on VA's internal network). Please note the Self-Service Portal is only accessible from within the VA network, it is not externally accessible.
Why choose PFW Aerospace?
About us. PFW Aerospace GmbH has been one of the most important companies in German aviation for over 100 years. The company is seen as global leader in the field of tubing systems in aircraft. The entire range of services also includes structural components, such as belly fairings, pressure bulkheads, pressurised floors, support constructions,...
What remote access options does Vava support?
VA supports remote access with two different applications 1. Citrix Access Gateway (CAG) and 2. CISCO RESCUE VPN Client. The Citrix Access Gateway is designed for users that do not have VA Government Furnished Equipment (GFE) – CAG is a good option to allow users access to general applications such as email and chat.
How do I use pfSense with a VPN?
The safest way to accomplish the task is to setup a VPN that will allow access to the firewall and the network it protects. There are several VPN options available in pfSense software, such as Once a VPN is in place, reach the GUI safely using a local address on the firewall, such as the LAN IP address.
What is VPN in PfSense?
There are several VPN options available in pfSense software, such as. IPsec. OpenVPN. SSH tunneling. Once a VPN is in place, reach the GUI safely using a local address on the firewall, such as the LAN IP address. The exact details vary depending on the VPN configuration.
What to do if a restrictive ruleset is in place on the LAN?
If a restrictive ruleset is in place on the LAN, make sure it permits access to the web interface before continuing.
Why is the firewall GUI restricted?
To enhance the security of a network , in many environments access to the firewall GUI is limited by firewall rules. Restricting access to the management interface is the best practice , for reasons as to why, see the blog post Securely Managing Web-administered Devices.
How to restrict webgui port?
If the webGUI port must be accessible to the Internet, restrict it by IP address/range as much as possible. Ideally, if there is a static IP address at the location to manage from, allow traffic from that IP address or subnet and nowhere else. Aliases also help, and they can include fully qualified domain names as well. If the remote management clients have a dynamic DNS address, add it to a management alias.
What is an alias in a firewall?
1. Example alias for networks allowed to access management interface. 2. Example alias for ports allowed to access management interface. Now add a firewall rule allowing the sources defined in the management alias to the destination of the firewall, with the port used or alias created for those using multiple ports.
Is moving the GUI to a non-standard port good?
Moving the GUI to a non-standard, random port is also beneficial. This does not improve the actual security of the GUI itself, but can potentially reduce the number of brute force attempts. The GUI can still be found by scanners unless the port is properly filtered.
The company
PFW Aerospace GmbH supplies leading aerospace companies with systems, structural parts and components.
Company
The creation of solutions for aviation, which contribute to greater safety and resource efficiency – that’s the task which PFW Aerospace GmbH has been setting itself for more than 100 years.
Products
As a sole supplier of key technologies, PFW Aerospace GmbH holds an excellent strategic position on the market. Bended and welded pipe systems, structural components and fuel tanks are represented together with their entire added value.
Competences
The core competence of PFW Aerospace GmbH is the processing of steel, aluminium and titanium, but also plastics (PEEK). Extensive production lines are complemented by a high level of process automation, engineering and the development of concepts, including series production support.
Career
As a supplier to the aviation industry, quality and excellence are amongst our most important values. Values which our teams also live by. That’s why we, as employer, also value the qualities of our employees. We know it’s important to keep brilliant minds committed to us, because we too have to make brilliant decisions.
How to request remote access VA?
You may request remote access by visiting the Remote Access Self Service Portal ( only available while on VA's internal network).
What is a rescue GFE?
RESCUE GFE provides a security posture check and ensures VA data is encrypted from the end device into the VA trusted network. Prior to the device connecting and being allowed onto the VA trusted network the system is checked for multiple security baselines.
How to disable automatic server selection in VPN?
In the VPN tab of the setting screen, uncheck Enable automatic server selection. Close the settings.
How to stay productive while teleworking?
Take regular breaks throughout the day. Teleworking can tempt you to work through breaks and lunch, but this isn’t a good practice long term. Your mind and your body need to take breaks to stay productive
Is PIV card reader site specific?
Today, the distribution of PIV card readers is site-specific. We are discussing the possibility of alternative distribution methods. If distribution processes or procedures change, we will provide updated instructions.
Is VA responsible for non-VA websites?
This page includes links to other websites outside our control and jurisdiction. VA is not responsible for the privacy practices or the content of non-VA Web sites. We encourage you to review the privacy policy or terms and conditions of those sites to fully understand what information is collected and how it is used.
Does RESCUE GFE support Windows 10?
This software is installed on all GFE laptops prior to being provided to the user. Currently RESCUE GFE supports Windows 7, Windows 8, Windows 10 and MAC OSX.
