Network
The Network menu contains options for checking the status of the network and modifying the network settings.
Select 1 at the main menu to enter the Access Gateway Network Setup submenu.
Network commands
- Manage Interfaces: Manage network interfaces including routing for the Access Gateway appliance.
- Test network configuration: Attempt to connect to several websites and check the NGINX configuration and status.
- Edit the /etc/hosts file: Allows you to edit the /etc/hosts file on the Access Gateway appliance.
- Set up NIC bonding: Configure a NIC bonding configuration similar to a static network configuration.
- Proxy Settings: Set up a proxy connection for the Access Gateway appliance, or remove a proxy configuration from the appliance.
- Ping: Determines if a destination host is reachable from the Access Gateway appliance.
- Connectivity Test: Validates a connection between the Access Gateway appliance and any other system. Use this tool to validate whether a back-end application or server can reach the Access Gateway.
- Manage DNS Settings: Configure primary and secondary DNS servers.
- Manage Trusted Domains: Enable, disable, and view trusted domains.
- Show a running configuration: View the current configuration of the Access Gateway appliance.
- Network: View the configuration change plan.
- Commit changes to system: Commit any unsaved changes to the Access Gateway appliance.
- Restart Networking: Restart the networking services on the Access Gateway appliance.
- Exit: Exit to the Management Console.
Manage Interfaces
The Manage Interfaces submenu allows you to perform the following tasks:
- Set up DHCP management for an interface.
- Assign or remove an IP address from an interface (available since Access Gateway version 2020.07.1).
- Assign or remove a route from an interface.
All networking changes made using the Manage Interfaces submenu are collected and must be persisted when completed using the Commit changes to system menu element.
Changes are made immediately but are only persisted when committed using Commit changes to system.
- Enter the line number of the interface that you want to manage, or enter x to exit: Available networking interfaces. Select interface to manage: 1: eth0 2: eth1 3: eth2 . . . x: Exit The system displays information about the selected interface, followed by the managing interface submenu. For example, if you enter 3 to view eth2, the looks similar to this example: Managing interface eth2 (MAC 09:. . . :00) Status: UP DHCP IP Address: 192.168.1.230/24 Routes: default via 192.168.1.1 proto dhcp metric 103 dev eth2 192.168.1.0/24 proto kernel scope link src 192.168.1.230 metric 103 dev eth2 a: Assign static IP address d: Set up DHCP r: Manage Routes x: Exit
- Enter a to assign a static IP address.
If an interface already has a static IP address, or has a DHCP-assigned address, then this option is unavailable.
- Enter the IP address and press Enter.
IP Address: 192.168.1.230
- Enter the netmask for the address, as four hexadecimal digits and press Enter.
Netmask: 255.255.255.0
- Enter the gateway address for the static IP address and press Enter.
Gateway: 192.168.1.1
- The system displays a confirmation message: The following network configuration change will be made to your running configuration: Configuring static IP address 192.168.1.230/255.255.255.0 on device eth3 with gateway 192.168.1.1 a: abort change c: continue with change
- Enter c to continue with the change, or a to abort the change.
- Enter the IP address and press Enter.
- Enter d to set up DHCP for the interface.Setup DHCP for device ethX Are you sure you want to setup DHCP (y/n):
- Enter y: The following network configuration change will be made to your running configuration: Configuring DHCP for device ethX a: abort change c: continue with change
Manage Route
Enter r to open the Manage Routes submenu and begin the Add route process.
Managing routes for interface eth3 Routes: default via 192.168.1.1 proto static metric 103 dev eth1 192.168.1.0/24 proto kernel scope link src 192.168.1.230 metric 103 dev eth3 a: Add route d: Delete route x: Exit
-
Enter a to add a route.
- Enter y to make this route the default route, otherwise enter n. Press Enter.
Default? (y/n)
- Enter the gateway for the route and press Enter.
Gateway: 192.168.1.1
- Enter the destination for the route and press Enter.
Destination (CIDR): 192.168.195.78
- The system displays a confirmation message:The following network configuration change will be made to your running configuration: adding route to 192.168.1.1 on dev eth3 a: abort chance c: continue with change
- Enter y to make this route the default route, otherwise enter n. Press Enter.
- Enter d to delete a route. This displays a list of routes that you can choose to delete.
- Enter the number of the route to delete.
- Enter y to confirm. The route is unassigned from the interface and you return to the Add/Delete IP addresses submenu.
- Commit changes
- Return to the main networking menu.
- Enter c to commit changes.
Test network configuration
-
Press 3 to begin the network configuration test.
-
The system attempts to connect to www.okta.com and displays the status. Press Enter to continue.
-
The system checks the NGINX configuration and displays the status. Press Enter to return to the Networking menu.
Edit the /etc/hosts file
The /etc/hosts file is used to configure statically assigned hostnames. Adminstrators can override DNS addresses for specific hostnames or provide addresses for hosts not in DNS by adding entries to /etc/hosts. This helps Okta Access Gateway connect to the correct host.
-
Press 4 to edit the /etc/hosts file. This shows you the current entries in the hosts file by line number.
-
Press a to add an entry.
-
Add the entry following the standard format.
-
To delete an entry, press d and enter the line number that corresponds to the entry you want to delete.
-
Press c to commit the changes to the hosts file.
-
Press x to return to the main Networking menu.
Set up NIC bonding
NIC bonding is the process of combining two ethernet ports together into a bonded virtual port. Typically, NIC bonding is used if there is sufficient traffic on a single port to saturate a single network connection.
-
Enter 5 to set up NIC bonding.
-
Enter the IP address, and select Enter.
-
Enter the netmask value and select Enter.
-
Enter the default gateway value and select Enter.
-
Enter the primary DNS server value and select Enter.
-
Enter the secondary DNS server value and select Enter.
-
Enter the search domain address and select Enter.
-
Press c to commit the changes.
-
Review the network configuration and enter y and select Enter to confirm the changes. Alternatively, enter n and select Enter to discard your changes and return to the Networking menu.
-
After the change is complete, use any key to return to the Networking menu.
Proxy Settings
Set a proxy
- Press 7 to set up or disable a proxy connection to the internet.
- Press 1 to configure the proxy.
- Enter the proxy hostname, and press Enter.
- Enter the proxy port, and press Enter.
- If required, enter proxy username, and press Enter.
- If required, enter proxy password, and press Enter.
- Enter the hostnames (separated by commas) that need to bypass the proxy.
- Press y to confirm the proxy settings, or N to abort.
- Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu.
Unset a proxy
-
Press 7 to enter the proxy menu.
-
Press 2 to remove the proxy configuration.
-
Enter y to confirm.
-
Press Enter to return to the proxy menu, and press Enter again to return to the main Networking menu.
Ping
The Ping option can check if a destination host is reachable from the Access Gateway appliance.
-
Press 8 to enter the ping menu.
-
Enter the hostname or IP address for the destination host that you want to ping, and press Enter.
-
The system displays the ping results.
-
Press Enter to return to the main Networking menu.
Connectivity Test
The Connectivity Test can be used to validate a connection between the Access Gateway and any other system. This tool can also be used to validate if a back-end application or server is reachable from the Access Gateway appliance.
-
Select 9 from the Network menu.
-
Enter the hostname or IP address of the machine that you want to test, and press Enter.
-
Enter the port number that needs to be tested, and press Enter.
-
The system displays the connection results.
-
Press Enter to return to the Networking menu.
Manage DNS Settings
The Manage DNS Setting submenu is used to add, delete, or modify domain name servers, and search domains.
-
Select 8 from the network menu. The current DNS Name Server settings appear.
Managing DNS Setting Current Name Servers: Primary: 192.168.8.8 Secondary: Tertiary: Search Domains: okta.com someotherdomain.com 1: Manage DNS servers 2: Manage search domains x: Exit - Enter x to exit and return to the parent menu.
Manage DNS servers
- Enter 1 to enter the Manage DNS servers submenu. This displays the current DNS servers.
Managing DNS Servers Primary: 192.168.8.8 Secondary: Tertiary: . . . - Enter 1 to set the Primary DNS server.
- Enter 2 to set the Secondary DNS server.
- Enter 3 to set the Tertiary DNS server.
When no DNS servers are set, setting a secondary or tertiary DNS server results in setting a primary DNS server.
Primary DNS Server IP addresses can't be blank, while secondary and tertiary DNS servers may be omitted.
- Enter the IP address for the selected DNS server and click Enter. The updated DNS server list appears.
- Enter x to exit and return to the parent menu.
Manage search domains
Access Gateway supports up to six search domains.
- Enter 2 to enter the Manage search domains submenu. The current search domains appear.
Current search domains: okta.com someotherdomain.com . . . - Enter a to add a search domain.
- Enter the new search domain followed by Enter.
- The new search domain is added and the current list appears.
Current search domains: okta.com someotherdomain.com . . .
- Enter r to remove an existing search domain. The list of existing search domains appears.
Remove which search domain: 1: okta.com 2: someotherdomain.com . . .- Enter the number associated with the search domain to be removed.
- The search domain is removed and the current list appears. For example, after removing someotherdomain.com, the output is okta.com.
Current search domains: okta.com . . .
Manage Trusted Domains
This menu is used to enable, disable, or view trusted domains.
Available since Access Gateway version 2020.08.3
-
Select 9 from the network menu to open the Manage Trusted Domains submenu:
Manage Trusted Domains (status: Enabled/Disabled) 1 - Enable/Disable trusted domain 2 - View trust domains x - Exit - Enter x to exit and return to the parent menu.
Enable or Display trusted domains
- Enter 1 to toggle the Enable/Disable trusted domain option.
- The Manage Trusted Domains menu displays the status for trusted domains.
View trust domains
- Enter 2 to view trusted domains. The list of trusted domains appears.
UP/DOWN/HOME/END - scroll list x - exit trusted-one.domain.com trusted-two.domain.com . . . trusted-n.domain.com . . .
The view option is still present but displays a warning if an attempt is made to view trusted domains when disabled.
- Enter x to exit.
The Manage Trusted Domains menu appears and shows the current status for trusted domains.
Show a running configuration
This option can be used to display details of the current configuration, including interface, DNS, and routing and host file contents.
- Select s from the Networking menu.
- Press Enter to display running configuration details.
- Press Enter to return to the Networking menu.
DNS Lookup
Perform a DNS lookup for a given hostname.
- Select d from the network menu.
- Enter a host name or IP Address.
- Press Enter to start the search operation.
- Press Enter to return to the Networking menu.
Commit changes to system
- Select c from the Networking menu.
- Select y to commit, or n to ignore changes.
- Press Enter to return to the Networking menu.