Using Private Gateways

This section guides you how to deploy a Private Gateway that the OPSWAT Client on devices can connect to for accessing protected resources. Private gateways can be deployed either on-premise or in your cloud provider network.

  1. Log into MetaAccess console

  2. Click “+ Gateway” button at the top right to navigate to a gateway download page. Download the Private Gateway OVA file.

    Note: This image is suitable for VMware environments. If you don’t have access to an enterprise VMware environment, try https://www.vmware.com/products/workstation-player.html.

  3. Log in as the admin user using the default password.

  4. Update that default password to something more secure.

  5. Give the VM a static IP address. This form will default to the IP address assigned by DHCP, but you can set it to whatever makes sense for your environment.

  6. Go back to MetaAccess console, navigate to Settings > Global, copy the registration code on the Account tab

  7. Go back to the Private Gateway Configuration Tool, enter the registration code as the Code. This step can take a while while it generates keys and call back to SDP Controller to register itself.

  8. When registration is complete you’ll be notified to go to the MetaAccess console. In this example I’m using the testing stage, your gateway may be linked against your MetaAccess tenant environment.

  9. Navigating to that link, you will see the new gateway in a list of private gateways waiting to be accepted and activated. New gateways start in a “pending” state. This means that an administrator must approve them before they can be used. If somebody else used your registration code and you don’t recognize the entry here you could remove them instead.

  10. Having accepted the gateway, you must now activate it by selecting the gateway, and then activating it.

  11. This should automatically enable private gateways as the access method for the OPSWAT Client, but this is also configurable via the radio buttons on the left.

  12. Test the Private Gateway connection: follow steps in Private Gateway Test App to enable a testing app built-in the private gateway