Create Gateways
Prerequisite
The company admin must ensure that the following prerequisites are met prior to installation of InstaSafe ZTAA gateway. It is recommended to set up a backup InstaSafe Gateway, with the same configuration for the purpose of redundancy.
| Virtual Machine Parameter | Requirement |
|---|---|
| Operating System | Ubuntu 22.04.2 LTS(server edition) |
| OS Type | 64-bit |
| RAM | Minimum 8 GB |
| Hard Disk | Minimum 30GB of free space |
| CPU | 2 x Dual Core processor (x64 based) |
Network requirements for Gateway installation
| Source | Application Type | Port | Direction |
|---|---|---|---|
| any | Network | UDP 8443 | Inbound |
| any | RDP & SSH | TCP 8080 | Inbound |
| any | Web applications (Agentless) | TCP 443 | Inbound |
| any | Web applications (via Agent) | TCP 8081 | Inbound |
| InstaSafe Gateways | any (private/public internet) | any | Outbound |
Please Note
1. InstaSafe ZTAA Gateway has inbuilt firewall features and hence is equipped to handle network traffic coming from unknown sources,
even when a network firewall allows traffic from any source.
2. If any proxy configuration is present, it must be ensured that direct connection from the firewall is allowed.
3. ZTAA VPN component only works on NAT and hence the gateway needs to be installed in DMZ.
Installing the Gateway
- Login as a Tenant admin.
- Create a Service Account user and set its password. Keep a record of the username and password as it will be required during the gateway installation. Please refer to the below video on creation of a Service Account.
- Click on Perimeter Management -> Gateways.
- Click on the '+' icon for new gateway creation.
- Check the 'Private Gateway' option.
- Click on the 'Next' button.
- Copy the gateway installation script available under the "Private Gateway Installation Script".
- Paste the gateway installation script in the Ubuntu instance where you would like to have the gateway installed.
- Provide inputs in the gateway installations CLI.
- Provide the name of the Tenant. If your tenant url is "https://example.app.instasafe.io/" then the Tenant name to be provided is example.
- Provide the Service Account username and password which was created in step 2.
- The gateway installation will be complete. It will take between 2 to 5 mins for the gateway to become available in the Admin console.
- Click on Perimeter Management -> Gateways and the installed gateway will be available.
The above video illustrates the steps on how to install a gateway.
