Docs
Oplon Secure Access Installation

Necessary Resources

  1. For installing Oplon Secure Access (OSA) you need to have a Virtualization system suitable for receiving OVA images typical of virtual environments such as VMware / Hyper-V, (and for testing also VirtualBox).

    1. Download the official image
    2. configure conveniently the virtualization environment

  2. If an OVA image is not available a Debian-based image can be used and run the commands as below:

    1. Follow steps 1 through 3 in https://archive.oplon.net/docs/osa-update (opens in a new tab)
    2. wget --no-cache --no-check-certificate -N “https://download.oplon.net/private_members/OPLON_VERSION/distributions/instscratch.sh” (ex: VERSION = 010_011_002)
    3. wget --no-cache --no-check-certificate -N “https://download.oplon.net/private_members/OPLON_VERSION/distributions/instscratchDocker.sh” (ex: VERSION = 010_011_002)
    4. Follow steps 4 through 5 in https://archive.oplon.net/docs/osa-update (opens in a new tab)

Virtual Appliance import and First Boot

The import of VAPP is facilitated by the instruments of virtualizing systems. Each system virtualization provides a console to perform the operation.

Once imported the VAPP the system is ready to perform your first boot:

First boot

at this point it is possible to log in with:

  • username: administrator
  • password: adminadmin

VAPP IP change (Optional)

If we wish to assign a fixed IP to our (virtual) machine, we need to elevate ourselves to root (superuser) with sudo -i and run the network manager tool mntui (if provided with the appliance)

sudo -i
nmtui

This opens a semi-graphic form with which we can set network parameters that normally require editing of files within the operating system such as IP Address, Gateway, DNS...

IP / GW / DNS Assignment

After that, we can restart the network card always from the mntui semigraphic interface we restart the network card

IP / GW / DNS Assignment

Verify IP and Login via SSH

Now verifying that our system has a fixed ip assigned with ip a eg: 192.168.1.9, we can continue the configuration from any ssh console:

ssh administrator@<the-ip-address>

First configuration Management Console and Password Delegate

To configure the root credentials of the Management Console it is necessary to open the graphical utility by typing:

sudo -i
oplonsetup

Now we configure:

  • Management Address: i.e. the address where the Management interface listens
  • Root password: used to access the interface
  • Delegate password: used for multi-node Oplon Secure Access instances.

`oplonsetup` command execution

<Save and Exit> and then:

oplon restart

to restart the Oplon Secure Access services.

Access to Dashboard

To access the services Oplon Global Distributed Gateway type: https://x.x.x.x:4444 (Where x.x.x.x is any address of the system if you have not changed the address 0.0.0.0 or the address you have chosen with oplonsetup).

  • Login: root (or the one chosen during configuration)
  • Password: The one chosen during configuration

⚠️

If a license has been inserted, you must recreate the node (settings -> nodes and create a new node here)

Configuring Oplon Secure Access

Copy of the Rewrite Header Rules

  1. Rewrite Header Rules Research we check the Templates view and search for the string secure in search.

Research rewrite headers
  1. Rewrite Header Rules Copy we copy the Templates in our A10_LBLGoPlatform Platform

Rewrite headers copy

Summary Video Rewrite Header Rules Research and Copy

Copy of the Rewrite Body Rules

  1. Rewrite Body Rules Research we check the Templates view and search in search for the string secure

Rewrite headers research
  1. Rewrite Body Rules Copy we copy the Templates in our platform A10_LBLGoPlatform

Rewrite headers copy

Summary Video Rewrite Body Rules Research and Copy

Copy of the Endpoints Grouping

Accessing the section Grouping from ADC Settings we copy the group from templates

  1. Endpoints Grouping Research we check the Templates view and search for the string secure in search

Listeners Research
  1. Endpoints Grouping Copy we copy the templates in our platform A10_LBLGoPlatform

Endpoints Grouping Copy

Summary Video Endpoints Grouping Research and Copy

Copy Of The Listener

at this point we can put a listener in Listener with associated OSA group we will proceed, as in the previous examples, to a copy from the templates inside our platform

  • Listeners Research: we check the Templates view and search for the string secure in search

listeners research
  • Listeners Copy: we copy the templates in our platform A10_LBLGoPlatform

Endpoints Grouping Copy
  • Listener Customization: according to our needs we proceed to give our listener a name, an ip address where it will be connected and an a port where it will be listening. To this we assign the right Endpoint Grouping previously copied.
  • endPointsGrouping: SecureAccess

Listener Customization

Summary Video Listener Research and Copy

Starting Modules for Osa

To use Oplon Secure Access, if you are installing it for the first time, you need to start these three modules:

  • R00_DesktopBridge
  • R00_SshBridge
  • R10_Remote Access Gateway

To do this you need:

  1. go to Modules > All Modules and search in the search bar for R00_. From here, press the two green Play buttons:

  2. go to Modules > All Modules and search in the search bar for R10_. From here, press the green Play button:

It is also possible, and indeed recommended, to configure all three modules to start automatically. To do this, for each of the three modules, simply click on the small blue edit icon of all three modules, and set the Module Start field to "automatic" from the General Start Parameter menu.

Saving Changes

Now we can save the changes made and reinit.

Recap Configuration Steps

A video that specifies the checks to be done in order to be sure that we did correctly all the previous steps

Minimum requirementsOplon Secure Access Update