Skip to Content
DocsOplon Secure Access Setup

Oplon Secure Access Setup

IP Address Change (Optional)

If you want to change the IP address of your (virtual) machine, you need to elevate to root privileges using sudo -i, then launch the Network Manager tool nmtui (if available in the appliance).

sudo -i nmtui

This command opens a semi-graphical interface that lets you easily configure network parameters that would otherwise require manual editing of system files, such as:

  • IP Address
  • Gateway
  • DNS

IP / Gateway / DNS Assignment

Once you’ve assigned the desired settings, you can restart the network interface from within the nmtui interface to apply the changes.

Restart Network Interface

Verify IP and Login via SSH

Now verifying that our system has a fixed ip assigned with:

ip a

eg: 192.168.1.9, we can continue the configuration from any ssh console:

ssh administrator@<the-ip-address>

First configuration Management Console and Password Delegate

To configure the root credentials of the Management Console it is necessary to open the graphical utility by typing:

sudo -i oplonsetup

Now we configure:

  • Management Address: i.e. the address where the Management interface listens
  • Root password: used to access the interface
  • Delegate password: used for multi-node Oplon Secure Access instances.

`oplonsetup` command execution

<Save and Exit> and then:

oplonrestart

to restart the Oplon Secure Access services.

Accessing the Dashboard and Installing Licenses

To access Oplon Global Distributed Gateway services, open a browser and navigate to:

https://x.x.x.x:4444

Where x.x.x.x is any IP address of the system, unless you changed the default 0.0.0.0 during oplonsetup configuration.

Dashboard access
  • Login: root (or the username chosen during setup)
  • Password: The password defined during setup

Login screen

For Oplon Secure Access to function correctly, you must install at least:

  • the Catalog license (also known as Node license)
  • and one of the available ADC licenses: Platform, Standard HA, or Enterprise HA

Make sure to select the license corresponding to the ADC type you plan to use in this installation.

This guide shows how to install the Catalog and Platform licenses.


Installing the Catalog License

  1. Click the gear icon in the upper-left menu to access Settings
  2. Select “Install License”
  3. Upload the .xml file for the Catalog license

Catalog License Installation - Step 1

Catalog License Installation - Step 2

Installing the Platform (or other ADC) License

  1. Go to “Modules > ADC & GLB”
  2. Select the desired ADC (e.g., Platform) using the arrow next to the name
  3. Click “Actions > Install License”
  4. Upload the .xml file for the ADC license

Platform License Installation - Step 1

Platform License Installation - Step 2

Quick Setup (Version >= 11.0.0)

Starting from version 11.0.0 of Oplon, you can skip the entire “Manual Setup” process. Just follow the steps below, which automatically include the required rewrite rule configuration.

  1. Go to ADC Settings > Listener
  2. Locate the SecureAccess listener (already preconfigured)
  3. Enable the listener by clicking the blue icon:

Enabling SecureAccess listener
  1. Set Enable to true and configure the desired listening IP address
  2. Click Save, then Reinit to apply changes

Listener configuration
⚠️

Quick Setup also includes the basic MFA setup.
You will still need to manually import the certificates and customize the 2faGeneric rewrite rule, as explained in:

Manual Setup (All Versions)

⚠️ If you’re using Oplon version 11.0.0 or later, it’s recommended to follow the Quick Setup, which automates most of the configuration.

This section is intended for those who:

  • are using an older version of Oplon
  • or prefer to perform a fully customized and manually controlled setup

Manual Setup walks you through the essential configuration steps — like rewrite rules and listeners — which are automatically applied in the Quick Setup.
This is the recommended method for advanced environments, in-depth testing, or scenarios where default settings must be avoided.

Copy of the Rewrite Header Rules

  1. Rewrite Header Rules Research we check the Templates view and search for the string secure in search.

Research rewrite headers
  1. Rewrite Header Rules Copy we copy the Templates in our A10_LBLGoPlatform Platform

Rewrite headers copy

Summary Video Rewrite Header Rules Research and Copy

Copy of the Rewrite Body Rules

  1. Rewrite Body Rules Research we check the Templates view and search in search for the string secure

Rewrite headers research
  1. Rewrite Body Rules Copy we copy the Templates in our platform A10_LBLGoPlatform

Rewrite headers copy

Summary Video Rewrite Body Rules Research and Copy

Copy of the Endpoints Grouping

Accessing the section Grouping from ADC Settings we copy the group from templates

  1. Endpoints Grouping Research we check the Templates view and search for the string secure in search

Listeners Research
  1. Endpoints Grouping Copy we copy the templates in our platform A10_LBLGoPlatform

Endpoints Grouping Copy

Summary Video Endpoints Grouping Research and Copy

Copy Of The Listener

at this point we can put a listener in Listener with associated OSA group we will proceed, as in the previous examples, to a copy from the templates inside our platform

  • Listeners Research: we check the Templates view and search for the string secure in search

listeners research
  • Listeners Copy: we copy the templates in our platform A10_LBLGoPlatform

Endpoints Grouping Copy
  • Listener Customization: according to our needs we proceed to give our listener a name, an ip address where it will be connected and an a port where it will be listening. To this we assign the right Endpoint Grouping previously copied.
  • endPointsGrouping: SecureAccess

Listener Customization

Summary Video Listener Research and Copy

Automatic Module Startup

If you’re installing Oplon Secure Access for the first time, it’s essential to configure the automatic startup of the following modules:

  • R00_DesktopBridge
  • R00_SshBridge
  • R10_RemoteAccessGateway
  • A10_LBLGoPlatform (or alternative ADCs)

In this example, we’ll show how to configure the R10_RemoteAccessGateway module. The process is the same for the other modules.

How to Enable Automatic Startup for the R10_RemoteAccessGateway Module

  1. Go to Modules > All Modules and use the search bar to find R10_*. Once you find the module, click the blue button:

  2. On the module page, open the General Start Parameters menu and set the Module Start field to automatic.

Saving the Changes

After applying all the necessary changes, save them and proceed with a reinit to apply:

Verifying Proper Operation

To verify that everything is working correctly, open a browser and enter the following address:

https://<ip_address>:443

Depending on your configuration (with or without MFA), you’ll see one of the following:

  • The MFA login screen, with a redirect to super.oplon.cloud.
  • The Secure Access screen, which may display various errors due to missing MFA configuration. You can configure MFA from the appropriate section if needed: MFA Setup.
Last updated on