Access Gateway Management Console Command reference

The purpose of this guide is to list the current Access Gateway Command line console commands available within the oag-mgmt user account. These commands can be used to configure and monitor Access Gateway Management.

 

Jump to a specific command or section:

 

First Login

The first time you log in to the Access Gateway Management Console, we highly recommend that you change the password for the oag-mgmt user. Note: When using SSH to access the Access Gateway Management Console some features will be disableIn order to access the Management Console, you must have physical access to the Access Gateway environment. You cannot SSH into the Access Gateway Management Console.

  1. Start the Access Gateway VM and open a terminal window. Default credentials are given below:

    1. Username: oag-mgmt

    2. Password: <OktaAdmin@123>

    The first time you log in to the Access Gateway Management Console, we highly recommend that you change the password for the the oag-mgmt account. See the Change Password section for more information

     

Once you are logged in, the system will provide you with various menu options.

mgmt-console-user-guide.01.png

Network Menu

The Network menu contains options for checking the status of the network and modifying the network settings.

  1. On the initial screen, press 1 to enter the Network menu.

    mgmt-console-user-guide.network.1.png

Static Networking

  1. Press 1 to select static networking setup.

  2. Enter the IP address, and press Enter.

  3. Enter the netmask value, and press Enter.

  4. Enter the default gateway value, and press Enter.

  5. Enter the primary DNS server value, and press Enter.

  6. Enter the secondary DNS server value, and press Enter.

  7. Enter the search domainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https). address, and press Enter.

  8. Press c to commit the changes.

  9. Review the network configuration, and press y and Enter to confirm the changes.

  10. Alternatively, press n to cancel the changes and return to the networking menu.

Jump_to_top_↑

DHCP Networking

  1. Press 2 to select the DHCP networking menu and enable dhcp.

  2. Press y and Enter to confirm, or press n to return to the networking menu.

    By enabling DHCP, all changes will be immediately implemented.

  3. Once the network interface is restarted, press Enter to continue.

Jump_to_top_↑

Test Network Configuration

  1. Press 3 on the networking menu to Test Network Configurations.

  2. The system attempts to connect to www.okta.com and displays the status.

  3. Press Enter to continue.

  4. Lastly, the system checks the NGINX configuration and displays the status.

  5. Press Enter to return to the Networking menu.

Jump_to_top_↑

Edit /etc/hosts file

/etc/hosts is used to configure statically assigned hostnames. If adminstrator needs to override DNS for a specific hostname or provide an address for a host that isn’t in DNS that host can be added to the /etc/hosts file. Typically this is done so that Okta Access Gateway can connect to the correct host.

  1. Press 4 on the Networking menu to edit the /etc/hosts file.
    The screen will show you the current entries in the hosts file by line number.
  2. Press a to add an entry.

  3. Press d to delete any entry by entering the line number you want to delete.

  4. Press c to commit your changes to the hosts file.

  5. Press x to return to the Networking menu.

Jump_to_top_↑

Setup NIC Bonding

NIC bonding is the process combining two ethernet ports together into a bonded virtual port. Typically NIC Bonding is used if there is sufficient traffic on a single port to saturate a single network connection.

  1. Press 5 to set up NIC bonding.

  2. Enter the IP address, and press Enter.

  3. Enter the netmask value, and press Enter.

  4. Enter the default gateway value, and press Enter.

  5. Enter the primary DNS server value, and press Enter.

  6. Enter the secondary DNS server value, and press Enter.

  7. Enter the search domain address, and press Enter.

  8. Press c to commit the changes.

  9. Review the network configuration, and press y and Enter to confirm the changes. Alternatively, press n and Enter to discard your changes and return to the Networking menu.

  10. After the change is complete, press any key to return to the Networking menu.

Changing Interface

Change which interface the console is using. Note you must know the name of the switch to interface. For example eth0 or eth1.

  1. Press 6 on the Networking menu to change the network interface.

  2. Enter the name of the Network Interface that you would like to modify, and press Enter.

  3. Press Enter to return to the Networking menu.
    The interface option 6 will change to reflect your modifications.

Jump_to_top_↑

Proxy Settings

Set up Proxy

  1. Press 7 on the Networking menu to set up or disable a proxy.

  2. Press 1 to set up a proxy.

  3. Enter the proxy host address, and press Enter.

  4. Enter the proxy port, and press Enter.

  5. Enter the host names, separated by commas, that should be bypassed by the proxy

  6. Review the proxy information, and press y to confirm.

  7. Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu

Jump_to_top_↑

Unset Proxy

  1. Press 7 to enter the proxy menu.

  2. Press 2 to remove the proxy configuration.

  3. Enter y to confirm.

  4. Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu.

Jump_to_top_↑

Ping

  1. Select 8 from the Networking menu.

  2. Enter the hostname or IP Address for the destination you want to ping, and press Enter.

  3. The ping results are displayed.

  4. Press Enter to return to the Networking menu.

Jump_to_top_↑

Connectivity Test

The Connectivity Test can be used to validate a connection between the Access Gateway and any other system. This tool can also be used to validate if a backend application or server is reachable from the Access Gateway appliance.

  1. Press 9 from the Networking menu to test the connectivity.

  2. Enter the hostname or IP Address of the machine you want to test.

  3. Enter the port number followed by [return].

  4. Press Enter to return to the Networking menu.

  5. Press x to return to the Management Console Menu.

Jump_to_top_↑

Service Menu

The Services menu allows you to start, stop, and restart services on the Access Gateway appliance, as well as check the status of the running services and regenerate an SSL certificate. The available services you can view are NGINX, Access Gateway Admin, and NTP.

Press 2 on the Management Console menu to enter the Services Menu.

mgmt-console-user-guide.services.1.png

NGINX

The NGINX menu allows you to start, stop, and restart the NGINX service, check the status of the service, and regenerate the SSL certificate.

  1. Press 1 in the Services menu to enter the NGINX menu.

Jump_to_top_↑

Regenerate SSL Certificate

  1. Press 5 on the NGINX menu to re-generate an SSL Certificate.

  2. A self-signed certificate already exists on the appliance, so the system will prompt you to confirm the overwrite operation for the existing certificate. Press y to continue.

  3. Enter the domain name originally used to set up the Access Gateway appliance, and press Enter.

  4. Press y to confirm.

  5. Press Enter to return to the NGINX menu.

Jump_to_top_↑

Update SSL Certificate

  1. Press 6 on the NGINX menu to update an SSL certificate.

  2. Review the certification format requirements, and press Enter to continue.

  3. Enter the domain name, and press Enter.

  4. Follow the directions, and press Enter when you are prepared to insert your certificate file.

  5. Enter the new SSL cert information, and press Esc when you are finished.

  6. Type :wq and press Enter to close the window.

  7. After the certificate is validated, review and press Enter to return to the Services menu.

Jump_to_top_↑

Access Gateway Admin

The Access Gateway Admin menu allows you to start, stop, and restart the Access Gateway Admin service, and check the status of the service.

  1. Press 2 on the Services menu to enter the Access Gateway Admin menu.

NTP

The NTP menu allows you to start, stop, and restart the NTPD, check the status of the NTPD, and set the system time.

  1. Press 3 on the Services menu to enter the NTP menu.

Jump_to_top_↑

Session Cache

  1. Press 4 on the Services menu to enter the Session Cache menu.

Kerberos Menu

The Kerberos menu allows you to list or destroy Kerberos tickets.

When listing a ticket, the software provides the Kerberos principal and Kerberos ticket held in the credential cache or keytab file.

Destroying a user’s active Kerberos authorization is achieved by overwriting and deleting the credential cache that contains them.

  1. Press 3 on Management Console menu to enter the Kerberos menu.

Monitoring Menu

The Monitor menu allows you to view the Access Gateway logs.

  1. Press 4 on the Management Console menu to enter the Monitoring menu.

  2. Press 1 to view logs

  3. After reviewing the logs, press Ctrl+C to return to the Monitoring menu

    Press Enter.

System Menu

The System menu allows you to change the hostname of the Access Gateway instance and reboot or shut down the Access Gateway instance.

  1. Press 5 on the Management Console menu to enter the System menu.

Jump_to_top_↑

Change Hostname

  1. Press 1 on the System menu to change your hostname.

  2. Enter in a new hostname and press Enter.

  3. Press y and enter to confirm the change.

  4. Press Enter to return to the System menu

Jump_to_top_↑

Change Access Gateway Console Password

The Change Acccess Gateway Console Password menu allows you to change the password for the oag-mgmt user. You will be asked to confirm the current password and enter/confirm the new password to successfully change the password.

  1. Press 6 on the Management Console menu to change the password for the oag-mgmt user account.

  2. Enter the current password for the oag-mgmt user, and press Enter.

  3. Enter a new password for the user. Follow the password requirement directions displayed on this screen.

  4. Confirm the new password, and press Enter.

  5. If your password matches, the successful token authentication message is displayed.

Jump_to_top_↑

Change Access Gateway Web Console Password

The Change Access Gatewa Web Console Password menu allows you to change the password for the administrator on the Access Gateway Admin UI. You will be asked to confirm the current password and enter/confirm the new password to successfully change the password.

  1. Press 7 on the Management Console menu to change the password for the admin user on the Access Gateway Web Console.

  2. Enter a new password for the admin user, and press Enter.

  3. Confirm the new password, and press Enter.

  4. If the password is accepted, you will Password reset successful!

  5. Press Enter to continue.

Jump_to_top_↑

Update

  1. Press 8 on the Management Console menu to update the Access Gateway.

    mgmt-console-user-guide.content.1.png

  2. Press y to proceed with the update.

Jump_to_top_↑

Top