This instruction describes how to deploy Nexus Hybrid Access Gateway and how to do initial setup.
To see the deployment requirements for Hybrid Access Gateway, go here.
Deploy Hybrid Access Gateway
Go to the Nexus Support portal. Find Nexus Hybrid Access Gateway and the latest release.
Open the appliance folder.
For Hyper-V, download:
For VMware, Virtual Box or other virtualization platforms, download:
In the command-line interface, navigate to the search path where the files are stored.
Verify the checksum for the .zip file or the .ova file with the
Compare the result with the digest file with the
If you are on a Windows machine, you can also check the digest using PowerShell, with the
- In the virtualization platform, import the appliance file.
- Check the network settings, and modify them if needed.
- Start the appliance, it boots.
Troubleshooting: If appliance does not start
To start the virtual appliance on your personal computer, virtualization must be enabled in your BIOS. If the appliance fails to start, please check your virtualization settings in your BIOS:
- Restart your computer. Press the required key(s) to enter the BIOS settings (see your screen at startup).
- Go to Security > Virtualization. Set Intel/AMD Virtualization Technology to Enabled.
- Save and Exit.
Log in with the
agadminuser. Since this is the first time you log in, choose a password:
The license agreement is shown.
Press any key to continue. The console menu opens.
Do initial setup
The first time you log in you need to do some basic settings, for example set network parameters for the network adapter, and time settings.
- In the console menu, choose Setup system > Modify interfaces > [select adapter]
- Either use DHCP or set up the IP address, netmask and default gateway manually:
- modify IP
- Enter the IP address, received from the IT department. Return.
- Check the netmask and default gateway. Modify if needed.
- Optional: Modify hostname.
- Modify DNS, received from the IT department.
- Return to main menu.
To use SAML federations or time-based one-time passwords (OTPs), it is required to set up a Network Time Protocol (NTP):
- In the console menu, choose Setup system > Setup NTP
- Enter a valid NTP address that is reachable by Hybrid Access Gateway, for example 0.pool.ntp.org. Confirm with Enter.
Hybrid Access Gateway tries to connect to the NTP server and takes over time settings.
- Return to the main menu.
In a web browser: Enter HAG with the ip address set up earlier and port number 8443:
- Since a built-in, self-generated certificate is used, you get an error message the first time you enter Hybrid Access Gateway: Your connection is not secure. Add a security exception to avoid it:
In the browser, click Advanced > Add exception > Confirm Security Exception
Until next time, replace the self-generated certificate with a proper one.
- In Administration interface, click Log on.
- You enter the Setup System Wizard. Choose the built-in demo license or upload a proper license received from Nexus.
In Setup Access Gateway, set the root username and password for the administration interface.
agadmin, different password
Store this information in a secure place.
- Click Next, and then Finish Wizard.
The settings made during the wizard can be updated later.
- Log in to the Hybrid Access Gateway administration interface with the user name and password entered in the wizard.
- Click Publish and the initial setup is done.
How to deploy Hybrid Access Gateway: