Description of Cloud4Y UserGate template

Deploying the image

To start UserGate VMs in your virtual infrastructure, you need to do the following:

  1. In the VCD interface, go to the Virtual Machine Management section, click NEW VM
  2. In the new VM setup window which will appear, fill in the VM name for the VCD and Computer Name (hostname)
  3. Next, find and select the "Usergate_6.1.8"
  4. Click OK and wait for the new VM to be created and started

Preparing the network infrastructure

To get UserGate working correctly from the image you need to prepare the network infrastructure of your VDC:

Create three local networks:

  • Routed network management with an address of 192.168.1.1/24. This network is used for device configuration including initial setup. UG's web interface is only accessible to clients on this network. Management and monitoring services are available: admin console (web), SSH CLI, ping, SNMP
  • Isolated network trusted with address 10.0.0.1/24. This network is used to connect client VMs for which UG is acting as a gateway. A DHCP server is configured in UG for this network. Allowed standard network services: ping, DNS, HTTP(S)-proxy, Authorization Agent, SMTP(S)-proxy, POP3(S)-proxy, SCADA.
  • Routed network untrusted addressing 192.168.2.1/24 Used as a gateway to the Internet. For this network, we need to add a SNAT rule on NSX EDGE to access the Internet. Services available: ping, SMTP(S)\POP3(S)-proxy.

The networks need to be connected in VM UserGate as shown in the screenshot:

Assign IP addresses statically, according to each network:

nic0 - management - 192.168.1.254

nic1 - trusted - 10.0.0.254

nic2 - untrusted - 192.168.2.254

 

NSX Edge configuration:

Unfortunately, due to the peculiarities of VMWare architecture, it's not possible to exclude NSX EDGE completely.

You need to add a rule to swap the IP address of the UG from the untrusted network to the external IP address of your organization. To do this go to Edges, select your edge and go to services:

 

In edge, services select the "NAT" tab, and create an SNAT rule where you specify your external IP and UG address on the untrusted 192.168.2.254 network

Once you have completed the configuration as described, you can enable UserGate and the web interface will be available to clients on your management network.

If you experience any problems, our technical support is available 24 hours a day

Useful Links

UserGate Website

Administrator Guide

Knowledge Base

 

Have you tried Cloud4Y's Cloud Hosting service? Not yet?

Send a request and get 10 days of free access

 

Смотреть подробности   
  • 0 Users Found This Useful
Was this answer helpful?