Add Windows Hybrid Workstation, Not on Domain

To add a Windows workstation that is not and will not be part of your Active Directory domain, but will sometimes be on the LAN, and sometimes be remote, follow the steps below:

Set Up Host in Management UI

Follow the steps from the Add Test Connection documentation until you get to the Tunnel page of the Add Endpoint Wizard. On this page, do the following:

  1. Adjust the IP address ranges listed in the Except for field on left side of the page to include the networks or hosts on the LAN and at the remote site that the workstation needs to access (if necessary).

    Also, if you will need to access the workstation over RDP (or other remote-access system) to install the agent, also include the IP address of your own administrative workstation from the perspective of the remote workstation (for example if the public IP address of the Internet access point used by your admin workstation is 198.51.100.123, add 198.51.100.123/32 to the Except for field).

  2. Adjust the IP addresses listed in the WireGuard Address fields on the right side of the page if you have selected a specific set of addresses for the workstation, or if you have already assigned the suggested addresses to some other computer.

  3. Click the Next button. This will take you to the Extras page of the Add Endpoint Wizard.

  4. Select Private for the Firewall Zone dropdown.

  5. Select the Use custom DNS settings when tunnel is up option, and make sure the DNS Server list includes DNS resolvers to which the workstation will be able to connect when it is on the LAN and when it is remote.

    If the workstation needs to use a different set of DNS resolvers when it is on the LAN versus when it is remote, include both the LAN DNS resolvers (first) and remote DNS resolvers (second) in the DNS Server list.

  6. Click the Next button. This will take you to the Review page of the Add Endpoint Wizard.

  7. Click the Apply button. This will add the workstation to the ACSC network.

  8. Click the Set Up Agent icon on the Point panel on the right side of the page. This will take you to the Set Up page for the workstation.

  9. Click the acsc.conf and acsc-setup.conf links. This will download the unique acsc.conf and acsc-setup.conf files for the workstation.

Install Agent on Host

To install the ACSC agent on the workstation, perform the following steps on the workstation as an Administrator user:

  1. Create a new C:\Program Files\Anti-Cloud\Secure Connect\agent\cnf\ directory on the workstation.

  2. Copy the workstation’s unique acsc.conf and acsc-setup.conf files you downloaded above into this directory on the workstation.

  3. Copy the agent’s MSI (Microsoft Installer) package to the workstation, and execute it.

  4. If the PowerShell execution policy on the workstation is Restricted (or Default), change its policy to RemoteSigned (or AllSigned):

     PS> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned