Vulcan gateway enables connectivity from on-premise/VPC systems to the Vulcan platform by creating a secure encrypted tunnel from the enterprise network. It is deployed as a virtual appliance on the organization's virtualization platform.
Pre-requisites
Open Port 1939 to gateway.vulcancyber.com (Connectivity from Vulcan Gateway to Vulcan platform)
Open Port 443 to gatewayconfig.vulcancyber.com
Open TCP connection to all needed connectors
Working DNS configuration
If URL whitelisting isn't allowed in the environment, you can also whitelist the Vulcan IP's below
54.149.7.165
35.164.90.196
52.34.233.125
52.89.194.122
13.248.243.34
76.223.106.228
Vulcan's OVA requirements
2 vCPU
2 GB Memory
50 GB Disk space
Installing Vulcan's OVA
Contact your Vulcan contact to get the link for the OVA
Deploy 'Vulcan Gateway.ova'
Start OVA
Choose the first option (as in image):
4. Login with the user 'vulcan'
5. Insert the password provided by your Vulcan contact
Important Note: the installed system should be protected as any other organizational asset. Specifically - make sure to restrict SSH access to this machine to known IP addresses, and to replace the default login password. Keep the system updated and patched, and make sure that it configured to align with your security guidelines.
Stay safe!
**NOTE**- If DHCP is not supported in the OVA environment, please assign the VM a static IP. You can either run the "nmtui" command and walk through the NetworkManager wizard (easiest), or further details here-
Now that your OVA it set up and access was verified, we'll set up the Vulcan Gateway Connector in Vulcan's platform.
Configure Vulcan Gateway Connector
You can set up Vulcan Gateway by navigating to Connectors and add Vulcan Gateway
The Vulcan Gateway key is permanent, and will be used for authentication between Vulcan instance to the deployed OVA
Change the default Name of the connect if multiple gateways are being setup.
Click on Create.
Once created, selected the Vulcan Gateway Connector and copy the Vulcan Gateway Key.
Access the OVA and type the Vulcan Gateway Key
In each connector you want to communicate via the Vulcan Gateway, select the Vulcan Gateway you want to use.
Note: The URL in each connector that uses Vulcan Gateway will be in the following format:
'https://server_url:PORT'
Click Save Changes
Note: In order for the on-prem OVA to receive the new configuration you can choose out of these options:
Every 60 minutes the Vulcan Gateway updates its configuration, so you can wait for Vulcan Gateway to pull the new connectors details
Run the following command for instant update 'sudo connect_tunnel.py'
In order to initiate the new connectors sync, disable and enable again the connector
That's it! Your connector is now communicating via Vulcan Gateway.
Troubleshooting
Problem: Can't run OVA with:
Solution: Change the OVA "Settings" --> "General" --> "Basic" --> Change the "Type" to "Linux" + "Version" to "Other Linux (64-bit)":
Problem: Can't run OVA with:
Solution: Run in CMD as Administrator "bcdedit /set hypervisorlaunchtype off" and reboot.
To revert: "bcdedit /set hypervisorlaunchtype auto"
This mostly occurs when Docker is installed on the windows box.
Problem: While running the script you get the following error:
Solution: Make sure that DNS is configured properly under /etc/resolv.conf
Problem: When trying to configure the Vulcan platform URL you receive the following error:
Solution: Make sure that the URL is entered correctly, and that port 443 is accessible to that URL.
Problem: When running the script you encounter these error messages:
Solution: Make sure that the Gateway can reach the internal connector via the port configured in the Vulcan Platform web interface.