Network

The Network menu contains options for checking the status of the network and modifying the network settings.

Select 1 at the main menu to enter the Access Gateway Network Setup sub-menu.

Network commands

  • Manage Interfaces: Enter the sub-menu to manage network interfaces including routing for the Access Gateway appliance.
  • Test network configuration: Enter the sub-menu to attempt connection to several websites and also checks the NGINX configuration and status.
  • Edit the /etc/hosts file: Allows you to edit the /etc/hosts file on the Access Gateway appliance.
  • Set up NIC bonding: Enter the sub-menu to configure a NIC bonding configuration similar to a static network configuration.
  • Proxy Settings: Enter the sub-menu to set up a proxy connection for the Access Gateway appliance, or remove a proxy configuration from the appliance.
  • Ping: Determines if a destination host is reachable from the Access Gateway appliance.
  • Connectivity Test: Validates a connection between the Access Gateway appliance and any other system. Use this tool to valide if a backend application or server is able to reach the Access Gateway.
  • Manage DNS Settings - Configure DNS such as primary and secondary DNS servers.
  • Manage Trusted Domains - Enable, disable, and view trusted domains.
  • Show a running configuration: Displays the current configuration of the Access Gateway appliance.
  • Network: Displays the configuration change plan.
  • Commit changes to system: Commit any unsaved changes to the Access Gateway appliance.
  • Restart Networking: Restart the networking services on the Access Gateway appliance.
  • Exit: Exit to the Management Console.

Manage Interfaces

The Manage interfaces sub menu allows you to:

  • Set up DHCP management for an interface
  • Assign or remove an IP address from an interface (Available since Access Gateway version 2020.07.1)
  • Assign or remove a route from an interface.

All networking changes made using the Manage Interfaces menu collected and must be persisted when complete using the Commit changes to system menu element. Change are made immediately but only persistent when committed using Commit changes to system.

  1. Enter the line number of the interface you want to manage or enter x to exit: Available networking interfaces. Select interface to manage: 1: eth0 2: eth1 3: eth2 . . . x: Exit Interface information for the selected interface is displayed along with the manage interface sub-menu. For example, when you enter 3: Managing interface eth2 (MAC 09:. . . :00) Status: UP DHCP IP Address: 192.168.1.230/24 Routes: default via 192.168.1.1 proto dhcp metric 103 dev eth2 192.168.1.0/24 proto kernel scope link src 192.168.1.230 metric 103 dev eth2 a: Assign static IP address d: Set up DHCP r: Manage Routes x: Exit
  2. Enter a to manage the IP Address of the interface.
    Enter d to set up DHCP for an interface.
    Enter r to manage routes for the interface.

    Assign static IP address
    Enter a to begin the Add static IP address process.

    If a static IP address or a DHCP assigned address already exists for an interface, then this option is unavailable.

    For example:

  3. Enter a to assign a new static IP address.
    Adding static IP for interface ethX displays.
    1. Enter the IP Address and click Enter.
      IP Address: 192.168.1.230 .
    2. Enter the netmask for the address, as 4 hexidecimal digits and select Enter.
      Netmask: 255.255.255.0
    3. Enter the gateway for the static IP address and select Enter.
      Gateway: 192.168.1.1
    4. A confirmation is displayed.
      For example:
      The following network configuration change will be made to your running configuration: Configuring static IP address 192.168.1.230/255.255.255.0 on device eth3 with gateway 192.168.1.1 a: abort chance c: continue with change
    5. Enter c to continue with change or a to abort the change.
  4. Setup DHCP

    Enter d to begin the process of setting up DHCP for an interface.

  5. Enter d. A confirmation displays: Setup DHCP for device ethX Are you sure you want to setup DHCP (y/n):
  6. Click y to confirm or n to cancel. If yes, the following confirmation is displayed:
    The following network configuration change will be made to your running configuration: Configuring DHCP for device ethX a: abort chance c: continue with change

Manage Route
Enter r to begin the Add route process
For example:

The Manage routes sub-menu displays and is similar to:
Managing routes for interface eth3 Routes: default via 192.168.1.1 proto static metric 103 dev eth1 192.168.1.0/24 proto kernel scope link src 192.168.1.230 metric 103 dev eth3 a: Add route d: Delete route x: Exit

  1. Enter x to exit and return to the Managing interfaces menu.
  2. Enter r to add a new route
    Adding route for interface ethX displays.
    1. Specify whether this route is the default route or not and select Enter.
      Default? (y/n) Enter y to make the new route the default route, enter n otherwise.
    2. Enter the gateway for the route and select Enter.
      Gateway: 192.168.1.1
    3. Enter the destination for the route and select Enter.
      Destination (CIDR): 192.168.195.78
    4. A confirmation is displayed.
      For example:
      The following network configuration change will be made to your running configuration: adding route to 192.168.1.1 on dev eth3 a: abort chance c: continue with change
  3. Enter d to delete a route.
    The route list picker displays and is similar to:
    Pick an route to delete
    1: 192.168.128.0/16
    2: 192.168.4.0/16
    x: Exit
    
    1. Enter the line number of the route to delete.
    2. Enter y to confirm, or any other key to cancel.
      The route is unassigned from the interface and you return to the Add/Delete IP addresses sub menu.
  4. Confirm changes
    1. Return to the main networking menu.
    2. Enter c to commit changes.

Test network configuration

  1. Press 3 to begin the network configuration test.

  2. Next, the system attempts a connection to www.okta.com and displays the status. Press Enter to continue.

  3. Finally, the system checks the NGINX configuration and displays the status. Press Enter to return to the Networking menu.

Edit the /etc/hosts file

/etc/hosts is used to configure statically assigned hostnames. If adminstrator needs to override DNS for a specific hostname or provide an address for a host that isn’t in DNS that host can be added to the /etc/hosts file. Typically this is done so that Okta Access Gateway can connect to the correct host.

  1. Press 4 to edit the /etc/hosts file. This shows you the current entries in the hosts file by line number.

  2. Press a to add a new entry.

  3. Add the entry following the standard format of .

  4. To delete an entry, press d and enter the line number that corresponds to the entry you want to delete.

  5. Press c to commit the changes to the hosts file.

  6. Press x to return to the main Networking menu.

Set up NIC bonding

NIC Bonding is the process of combining two ethernet ports together into a bonded virtual port. Typically, NIC Bonding is used if there is sufficient traffic on a single port to saturate a single network connection.

  1. Enter 5 to set up NIC bonding.

  2. Enter the IP address, and select Enter.

  3. Enter the netmask value and select Enter.

  4. Enter the default gateway value and select Enter.

  5. Enter the primary DNS server value and select Enter.

  6. Enter the secondary DNS server value and select Enter.

  7. Enter the search domain address and select Enter.

  8. Press c to commit the changes.

  9. Review the network configuration and enter y and select Enter to confirm the changes. Alternatively, enter n and select Enter to discard your changes and return to the Networking menu.

  10. After the change is complete, use any key to return to the Networking menu.

Proxy Settings

Set a proxy

  1. Press 7 to set up or disable a proxy connection to the internet.
  2. Press 1 to configure the proxy.
  3. Enter the proxy hostname, and press Enter.
  4. Enter the proxy port, and press Enter.
  5. If required enter proxy username, and press Enter.
  6. If required enter proxy password, and press Enter.
  7. Enter the hostnames (separated by commas) that need to bypass the proxy.
    Entered proxy settings will display.
  8. Press y to confirm the proxy settings, or N to abort.
  9. Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu.

Unset a proxy

  1. Press 7 to enter the proxy menu.

  2. Press 2 to remove the proxy configuration.

  3. Enter y to confirm.

  4. Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu.

Ping

The Ping option can be utilized to check if a destination host is reachable from the Access Gateway appliance.

  1. Press 8 to enter the ping menu.

  2. Enter the hostname or IP address for the destination host you want to ping, and press Enter.

  3. The system displays the ping results.

  4. Press Enter to return to the main Networking menu.

Connectivity Test

The Connectivity Test can be used to validate a connection between the Access Gateway and any other system. This tool can also be used to validate if a backend application or server is reachable from the Access Gateway appliance.

  1. Select 9 from the Network menu.

  2. Enter the hostname or IP address of the machine you want to test, and press Enter.

  3. Enter the port number that needs to be tested, and press Enter.

  4. The system displays the connection results.

  5. Press Enter to return to the Networking menu.

Manage DNS Settings

The Manage DNS Setting sub menu is used to add, delete, or modify domain name servers, and search domains.

  1. Select 8 from the network menu. The current DNS Name Server settings are displayed and are similar to:
    Managing DNS Setting Current Name Servers: Primary: 192.168.8.8 Secondary: Tertiary: Search Domains: okta.com someotherdomain.com 1: Manage DNS servers 2: Manage search domains x: Exit

  2. Enter x to exit and return to the parent menu.

Manage DNS servers

  1. Enter 1 to enter the Manage DNS servers sub menu.
    The current DNS servers will display, resembling:
    Managing DNS Servers Primary: 192.168.8.8 Secondary: Tertiary: . . .
  2. Enter 1 to set Primary DNS server.
  3. Enter 2 to set Secondary DNS server.
  4. Enter 3 to set Tertiary DNS server.

    In the event that no DNS servers are set, setting a secondary or tertiary DNS server will result in setting a primary DNS server.

    Primary DNS Server IP addresses can't be blank, while secondary and tertiary DNS servers may be omitted.

  5. Enter the IP address for the selected DNS server and click Enter.
    The updated DNS server list will be displayed.
  6. Enter x to exit and return to the parent menu.

Manage search domains

Access Gateway supports up to six search domains.

  1. Enter 2 to enter the Manage search domains sub menu. The current search domains are displayed, which resembles:
    Current search domains: okta.com someotherdomain.com . . .
  2. Enter a to add a new search domain.
    1. Enter the new search domain followed by Enter.
    2. The new search domain is added and the current list is displayed, which resembles:
      Current search domains: okta.com someotherdomain.com . . .
  3. Enter r to remove an existing search domain. The list of existing search domains is displayed, which resembles:
    Remove which search domain: 1: okta.com 2: someotherdomain.com . . .
    1. Enter the number associated with the search domain to be removed.
    2. The search domain is removed and the current list is displayed. For example, after removing someotherdomain.com, the output is:
      Current search domains: okta.com . . .

Manage Trusted Domains

The manage trusted domains menu is used to enable, disable or view trusted domains.
Available since Access Gateway version 2020.08.3

  1. Select 9 from the network menu. The Manage Trusted Domains sub menu is displayed:
    Manage Trusted Domains (status: Enabled/Disabled) 1 - Enable/Disable trusted domain 2 - View trust domains x - Exit

  2. Enter x to exit and return to the parent menu.

Enable or Display trusted domains

  1. Enter 1 to toggle the Enable/Disable trusted domains setting.
  2. The Manage Trusted Domains menu will re-display showing the current status for trusted domains.

View trust domains

  1. Enter 2 to view trusted domains. The current set of trusted domains appears, resembling:
    UP/DOWN/HOME/END - scroll list x - exit trusted-one.domain.com trusted-two.domain.com . . . trusted-n.domain.com . . .

    The view option is still present but displays a warning if an attempt is made to view trusted domains when disabled.

  2. Enter x to exit the display.
    The Manage Trusted Domains menu appears showing the current status for trusted domains.

Show a running configuration

The show a running configuration option can be used to display details of the current configuration, including Interface, DNS, Routing and Host file contents.

  1. Select s from the network menu.

  2. Press Enter to display running configuration details.

  3. Press Enter to return to the Networking menu.

DNS Lookup

Perform a DNS lookup for a given hostname

  1. Select d from the network menu.

  2. Enter a host name or IP Address.

  3. Enter a host name or IP Address.

  4. Enter a host name or IP Address for a DNS server.

  5. Press Enter to execute the lookup.

  6. Press Enter to return to the Networking menu.

Commit changes to system

  1. Select c from the network menu.
    Note:Current set of changes are displayed.

  2. Select y to commit, n to ignore changes.

  3. Press Enter to return to the Networking menu.

Restart Networking

  1. Select r from the network menu.

  2. Networking is restarted.

  3. Press Enter to return to the Networking menu.