Configuring an Instance From the Command Line

Pulse Secure Virtual Traffic Manager: Cloud Services Installation and Getting Started Guide

Configuring an Instance From the Command Line

The Traffic Manager supports performing initial configuration through the command line, as an alternative to using the Web-based Initial Configuration Wizard.

To use the Initial Configuration Wizard, see Using the Initial Configuration Wizard.

To start the configuration program, login to the instance console and type the following command at the prompt:

z-initial-config

Follow the on-screen instructions to proceed.

Pulse Secure Virtual Traffic Manager Installation Program

Welcome to your Pulse Secure Virtual Traffic Manager Appliance

This application will guide you through the process of setting up

your Pulse Secure Virtual Traffic Manager Appliance for basic operation.

This should only take a few minutes. Some initial networking settings

will be required - please contact your support provider if you need any help.

Press return to continue.

Press RETURN to start configuring the Traffic Manager.

------------------------------------------------------------------------

Use of this software is subject to the Ivanti Terms and Conditions

of Sale.

Please review these terms, published at

http://www.pulsesecure.net/support/eula/ before proceeding.

------------------------------------------------------------------------

Enter 'accept' to accept this license, or press return to abort:

Read and accept the Ivanti Terms and Conditions of Sale, available from the URL indicated. If you agree to its terms, type “accept” at the prompt to continue. You cannot proceed with the configuration program, and thus use the software, if you do not accept the terms of the agreement.

The Traffic Manager is available as a range of set-frequency billing subscriptions where the license is built in, and as a Community Edition/Bring Your Own License (BYOL) instance. The following step concerns software licensing options for the Community Edition/BYOL instance only, and might not appear if you are running the configuration program on an instance with a built-in license.

Enter the license key file name, or leave blank for the Community Edition.

Enter 'help' for more information.

License key file:

The Traffic Manager requires a license key to operate fully. The feature set and bandwidth limits are determined by the license applied, the details of which can be seen on the System > Licenses page of the Admin UI after you have finished configuring your instance.

Choose either to install the license key now, or to upload it later from the Admin UI. If you choose to leave this entry blank, the system defaults to running as the Community Edition. For further information, see The Community Edition.

For information about paid licensing, contact Technical Support.

Please specify the time zone of this appliance, or enter 'help'

for the list of available time zones.

Timezone:

Type the time zone you want this instance to use, or type “help” to first display a list of available time zones.

A master 'admin' user is created that you can use to log in to the

Administration Server and SSH console.

Please choose a password for this user:

Re-enter:

Type (and confirm) a password for the Traffic Manager “admin” user. This is the master password that is used when configuring the virtual appliance through a Web browser, or when you log in to the Traffic Manager command line using SSH (with the username "admin").

Do you want to enable SSH intrusion detection?

Enter 'help' for more information:

Enable SSH intrusion detection? Y/N [N]:

The Traffic Manager also contains the option to enable SSH Intrusion Detection to help prevent brute-force SSH attacks on your virtual appliance. Ivanti strongly recommends you enable this option.

Do you want to enable REST API access to the appliance?

Enable REST API? Y/N [N]:

The Traffic Manager provides an industry-standard REST API. Type “Y” to enable or “N” to disable the REST API. For further information, see the Pulse Secure Virtual Traffic Manager: REST API Guide.

Please provide the port on which the REST API should

listen for requests (default 9070).

REST port [9070]:

If you enable the REST API, enter the port number on which you want the REST service to listen for requests.

You have specified the following settings:

No license file: The traffic manager will run as the Community Edition

Timezone: UTC

SSH protection enabled: Yes

REST enabled: Yes

REST port: 9070

Proceed with configuration? Y/N:

Before you finish, check through the summary to confirm your intended settings. To configure your Traffic Manager with these settings, type “Y” at the prompt.

Performing an Unattended Configuration

The Traffic Manager provides the ability to automate z-initial-config using a replay file containing pre-determined responses to the questions asked during the configuration process. To perform an unattended configuration, type the following command at the prompt:

z-initial-config --replay-from=<replay filename>

To create a suitable replay file, capture your responses using the following command:

z-initial-config --record-to=<replay filename>

Removing an Instance

To remove a Traffic Manager instance, delete it from the GCE Web management portal.

If you delete an instance, the instance is shut down and is permanently destroyed. You lose all configuration and data associated with that Traffic Manager instance.