Secure Remote Access Connector Configuration

the following steps should be read carefully to successfully install secure remote access connector on the regarding machine check the secure reboot enabled before the installation by running mokutil sb state command in case the secure reboot is enabled, it might cause an error during the wireguard installation please disable it to continue the installation!!! 1 download the secure remote access connector’s installation script on the machine that will be used for secure remote access connector the support team can provide the installation script after downloading the script, unzip the installation script on the machine the user can use unzip command to extract the files from the installation script file linux cli \[root\@con ]# unzip rap mtc onprem 1 2 0 zip in case of bash unzip command not found error being shown, the unzip package should be installed via sudo dnf install y unzip command if somehow the user needs to start the script again (maybe, because of the wrong input or missing file etc…), please remove all installation files except for compressed secure remote access connector’s installation script file and unzip the compressed installation script file again after this you can execute the script we highly recommend this method since the extracted files might be modified after the script execution for the first time, and executing the script with modified files might cause the faulty installation! 2 navigate to the on prem directory linux cli \[root\@con ]# cd on prem/ 3 run the configuration script linux cli \[root\@on prem ]# sh configure sh in case you need to set script permissions to execute it, you need to run chmod +x configure sh command you need root privileges to run this script 4 the secure remote access connector’s installation script should be restarted after the forced reboot the installation script asks user either a for the first time installation on the premise, the whole secure remote access connector should be configured from scratch, thus, the first option should be selected by entering 1 and pressing the enter key the secure remote access connector’s installation script asks several configuration details o the wireguard ip address that will be assigned to secure remote access connector’s side, o aws public ip address of remote access portal (rap) environment, o the port number of wireguard, o the ip segment of wireguard, o the public ip address of kron pam, o the public ip address of secure remote access connector, o a public key generated by the remote access portal (rap)’s script connector configuration descriptions example values wireguard ip address that will be assigned to the secure remote access connector’s side 10 0 0 2 aws public ip address of remote access portal (rap) environment 54 173 245 231 the port number of wireguard 51820 the ip segment of wireguard 10 0 0 0/29 the public ip address of kron pam 10 20 42 129 the public ip address of secure remote access connector 10 20 42 17 a public key generated by the remote access portal (rap)’s script bbbbbbb28p4pen/ya2fj0ngugiwsv40nmbryiz3iri= after every information are filled in, the user should press y to continue, however, if the user fails to fill in every information successfully (either missing or wrong info), the user can press n to reenter information again once the secure remote access connector installation asks the user to enter the public key, if the user doesn’t know the public key generated by the remote access portal (rap)’s installation script yet, the user can set temporary public key for now (e g , aaaaaaa0nn0751jbnxoj5r8m3utw8nmaktgi5bly4=) but please do not forget to set the public key by using the secure remote access connector’s script (please check 4 b of this section below), after the remote access portal (rap)’s script generates a public key at the end of secure remote access connector’s script, the public key generated by this script is ready to use on the remote access portal (rap) environment (e g , cccccq8tpc6nmnezizutnxnuvepgdpvyf6rfhybdmu= ) please do not forget to add this info on the remote access portal (rap) environment by using remote access portal (rap)’s installation script (please check 6 b at the section 3 2) b once the secure remote access connector has been fully installed, only one configuration is missing here regarding public key that would be generated by the remote access portal (rap)’s installation script if the user executes the remote access portal (rap)’s installation script on the cloud (please, check 6 a at the section 3 2), it generates a public key which would be used in the secure remote access connector here, thus now this option can configure the secure tunnel configuration file with the generated public key from remote access portal (rap)’s side the user should select the second option by entering 2 and pressing the enter key set the public key data of the secure tunnel configuration file with a public key generated by the remote access portal’s installation script (e g , bbbbbbb28p4pen/ya2fj0ngugiwsv40nmbryiz3iri=)