Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Changes title of section "Log in to console menu" to "Log in to console menu and set initial password"

This instruction describes how to deploy Nexus Hybrid Access Gateway and how to do initial setup. 

Hybrid Access Gateway console

Expandall

Prerequisites

Expand
titlePrerequisites

To see the deployment requirements for Hybrid Access Gateway, go here.

Deploy Hybrid Access Gateway

Expand
titleDownload appliance files
  1. Go to the Nexus Support portal. Find Nexus Hybrid Access Gateway and the latest release.

  2. Open the appliance folder. 

  3. For Hyper-V, download:

    • appliance file: access-gateway.zip

    • digest file: access-gateway-digests.txt 

  4. For VMware, Virtual Box or other virtualization platforms, download:

    • appliance file: access-gateway.ova

    • digest file: access-gateway-digests.txt


Expand
titleVerify checksum
  1. In the command-line interface, navigate to the search path where the files are stored.

  2. Verify the checksum for the .zip file or the .ova file with the shasum command:

    Code Block
    titleExample
    $ shasum access-gateway.ova 
    bdc2a093caef0c0589325d6f509c1b19de1e36d7 access-gateway.ova


  3. Compare the result with the digest file with the grep command.

    Code Block
    titleExample
    $ grep bdc2a093caef0c0589325d6f509c1b19de1e36d7 access-gateway-digests.txt 
    bdc2a093caef0c0589325d6f509c1b19de1e36d7   access-gateway.ova 


  4. If you are on a Windows machine, you can also check the digest using PowerShell, with the Get-FileHash command:

    Code Block
    languagebash
    titlePowerShell example
    PS> Get-FileHash -Algorithm SHA1 .\access-gateway.ova 
    
    Algorithm   Hash                                       Path
    ---------   ----                                       ----
    SHA1        bdc2a093caef0c0589325d6f509c1b19de1e36d7   C:\Users\joachim.kessel\
    Downloads\access-gateway.ova



Expand
titleDeploy appliance file
  1. In the virtualization platform, import the appliance file.
  2. Check the network settings, and modify them if needed.
  3. Start the appliance, it boots. 
Tip
titleTroubleshooting: If appliance does not start

To start the virtual appliance on your personal computer, virtualization must be enabled in your BIOS. If the appliance fails to start, please check your virtualization settings in your BIOS: 

  1. Restart your computer. Press the required key(s) to enter the BIOS settings (see your screen at startup).
  2. Go to Security > Virtualization. Set Intel/AMD Virtualization Technology to Enabled.
  3. Save and Exit.



Expand
titleLog in to console menu and set initial password
  1. Log in with the agadmin user. Since this is the first time you log in, choose a you must set the password:

    Panel
    bgColorwhite
    titleBGColor#f1f1f1
    titleExample: Log in with agadmin user

    ag-appliance login: agadmin
    You are required to change your password immediately (root enforced)

    Enter new UNIX password:
    Retype new UNIX password:

    The license agreement is shown.

  2. Press any key to continue. The console menu opens.

Do initial setup

Expand
titleDo basic settings

The first time you log in you need to do some basic settings, for example set network parameters for the network adapter, and time settings.

  1. In the console menu, choose Setup system > Modify interfaces > [select adapter] 
  2. Either use DHCP or set up the IP address, netmask and default gateway manually:
    1. modify IP
    2. Enter the IP address, received from the IT department. Return.
    3. Check the netmask and default gateway. Modify if needed.
    4. Save
  3. Optional: Modify hostname.
  4. Modify DNS, received from the IT department.
  5. Return to main menu.


Expand
titleSet up Network Time Protocol (NTP)

To use SAML federations or time-based one-time passwords (OTPs), it is required to set up a Network Time Protocol (NTP):

  1. In the console menu, choose Setup system > Setup NTP
  2. Enter a valid NTP address that is reachable by Hybrid Access Gateway, for example 0.pool.ntp.org. Confirm with Enter.
    Hybrid Access Gateway tries to connect to the NTP server and takes over time settings.
  3. Return to the main menu.


Expand
titleOpen administration interface
  1. In a web browser: Enter HAG with the ip address set up earlier and port number 8443:
    https://<ipadress>:8443.

    Code Block
    languagetext
    titleExample
    https://192.168.56.101:8443/


  2. Since a built-in, self-generated certificate is used, you get an error message the first time you enter Hybrid Access Gateway: Your connection is not secure. Add a security exception to avoid it:
    In the browser, click Advanced > Add exception > Confirm Security Exception
    Until next time, replace the self-generated certificate with a proper one.
  3. In Administration interface, click Log on.
  4. You enter the Setup System Wizard. Choose the built-in demo license or upload a proper license received from Nexus.
  5. In Setup Access Gateway, set the root username and password for the administration interface.
    Example:
    username: agadmin, different password

    Info
    titleImportant!

    Store this information in a secure place.


  6. Click Next, and then Finish Wizard.

The settings made during the wizard can be updated later.


Expand
titleLog in and publish
  1. Log in to the Hybrid Access Gateway administration interface with the user name and password entered in the wizard.
  2. Click Publish and the initial setup is done.


Video tutorial

How to deploy Hybrid Access Gateway:

Widget Connector
width250
urlhttps://www.youtube.com/watch?v=-dLoeHq2h4g&list=PL30XJMN7yL-SiZ05KwIdMl7Q_pMM959je&index=1
height200

Related information

Links