Skip to Content
DocsInstallation/Update

Installation and Update of Oplon Secure Access

If you are installing Secure Access for the first time, check the minimum requirements.

Before any update, make sure you have a complete system backup.

Installation procedure with environment variables

For the first installation use the mandatory environment variables. For updates, they are not required. Run commands with sudo or as root.

The variables used by the script are:

  • Mandatory: USERNAME, PASSWORD, WORKSPACE_ADDRESS
wget -N "https://www.oplon.net/OPLON_INSTALL_LASTUPDATE.sh" && \
USERNAME="root" \
PASSWORD="!1AdminAdmin" \
WORKSPACE_ADDRESS="0.0.0.0" \
bash OPLON_INSTALL_LASTUPDATE.sh

Optional environment variables (click to expand)

  • DELEGATED_USERNAME: falls back to USERNAME
  • DELEGATED_PASSWORD: falls back to PASSWORD
  • ZTNA_MODE: y or n, falls back to y
wget -N "https://www.oplon.net/OPLON_INSTALL_LASTUPDATE.sh" && \
USERNAME="root" \
PASSWORD="!1AdminAdmin" \
WORKSPACE_ADDRESS="0.0.0.0" \
ZTNA_MODE="n" \
DELEGATED_USERNAME="root" \
DELEGATED_PASSWORD="!1AdminAdmin" \
LICENSE="/path/to/license" \
bash OPLON_INSTALL_LASTUPDATE.sh

Offline Installation/Update or Specific Version

Show offline/specific version procedure details

Use this method if:

  • The system does not have Internet access
  • You need to install a specific version (not the latest)
  • You need to comply with corporate software distribution policies

Phase 1: Download necessary files

Perform these steps from a machine with Internet access:

  1. Access the download page and download the .zip package of the desired version.

  2. For first installation only: Also download the instscratch bootstrap files:

    # Replace VERSION with the downloaded version (e.g., OPLON_011_003_000)
VERSION="OPLON_011_003_000"
 
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/instscratch.sh"
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/instscratchDocker.sh"

    The instscratch files are required only for the first installation on a new system. For updates of existing systems, you can skip this step.

  3. Transfer all downloaded files to the destination server (use scp, USB, or other available method).

Phase 2: Installation on the server

  1. Log in as root or use sudo for all following commands.

  2. Create the /share directory (if it doesn’t exist) and assign correct permissions:

    mkdir -p /share && chmod 777 /share

  3. Transfer all downloaded files to the /share directory.

  4. Move to the /share directory:

    cd /share

  5. Extract the package (replace ${VERSION} with the downloaded version):

    # Example: unzip OPLON_011_003_000_OPLON_NETWORKS_SUITE.zip
unzip ${VERSION}_OPLON_NETWORKS_SUITE.zip

  6. For first installation only: Run the bootstrap files:

    bash instscratch.sh && bash instscratchDocker.sh

    This step initializes the Docker environment and necessary dependencies. It is required only for new installations.

  7. Run the update script:

    bash OPLON_INSTALL_UPDATE.sh

    For updates, environment variables are not required.

Advanced container configuration

Show advanced configuration details

There are cases where you want to customize the configuration of Docker containers used by Oplon Secure Access. For example, to modify allocated resources, networks used, or recording paths.

Download OPLON_INSTALL_CONTAINERS.sh

# Replace VERSION with the downloaded version (e.g., OPLON_011_003_000)
VERSION="OPLON_011_003_000"
 
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/OPLON_INSTALL_CONTAINERS.sh"

Available parameters

The OPLON_INSTALL_CONTAINERS.sh script accepts the following optional parameters:

ParameterDescriptionDefault value
-nChanges the Docker bridge network used by containers192.168.252.0/24 or 172.18.0.0/16
-biSets the listening IP address for Browser Isolation127.0.0.1
-bimSets the memory limit (in MB) for Browser Isolation. Use 0 for no limitPercentage calculation on residual RAM
-rdlogpathChanges the host path for RDP recordings/opl-recording
-sshlogpathChanges the host path for SSH recordings/opl-recording-ssh

Usage examples

Change Docker network

bash OPLON_INSTALL_CONTAINERS.sh --changenet 172.18.0.0/16

Configure Browser Isolation listening address

# Listen on localhost (default case for single-node installation)
bash OPLON_INSTALL_CONTAINERS.sh --bilistner 127.0.0.1
 
# Listen on specific IP (case for dedicated multi-node browser isolation installation)
bash OPLON_INSTALL_CONTAINERS.sh --bilistner 192.168.1.100

Set memory limit for Browser Isolation

# 4GB limit (4096 MB)
bash OPLON_INSTALL_CONTAINERS.sh --bimemory 4096
 
# No memory limit
bash OPLON_INSTALL_CONTAINERS.sh --bimemory 0

Modify recording paths

# Change only RDP path
bash OPLON_INSTALL_CONTAINERS.sh --changerdlogpath /mnt/recordings/rdp
 
# Change only SSH path
bash OPLON_INSTALL_CONTAINERS.sh --changesshlogpath /mnt/recordings/ssh
 
# Change both paths
bash OPLON_INSTALL_CONTAINERS.sh \
  --changerdlogpath /mnt/recordings/rdp \
  --changesshlogpath /mnt/recordings/ssh

Warning: Modifying these parameters can affect system behavior. Make sure you understand the implications before proceeding and that you have a system backup.

Minimum RequirementsSetup