Add Windows Test Connection
To set up your first test connection on a Windows machine, follow the steps below:
Set Up Host in Management UI
First, set up the host in the ACSC management UI, with the following steps:
- Log into the ACSC management UI, and switch to the appropriate organization.
- Click the Hosts link in the page header. This will take you to the Hosts page.
- Click the name of the Anti-Cloud Hub host. If you don’t see this host in the list, use the Filter by name… input at the top of the page to search for it by name. This will take you to the Anti-Cloud Hub host page.
- Click the hub link in the Interfaces panel. This will take you to the hub interface page.
- Click the Add icon on the Endpoints panel. This will take you to the Add Endpoint page.
- Select the Use guided set-up wizard option, then click the Next button. This will take you to the Type page of the Add Endpoint Wizard.
- Select the Point-to-Internet, Anti-Cloud Hub as Internet option, then click the Next button. This will take you to the Identity page.
- Click the New button of the Point Peer field. This will open the Add Peer dialog.
- Enter a name for the server in the Name field (eg “Test One”).
- Click the Generate button. This will generate a new key pair for the server, filling in the Public Key and Private Key fields.
- Click the Add button. This will complete the Add Peer dialog, and create a new peer identity with the key pair.
- Click the New button of the Point Host field. This will open the Add Host dialog.
- Click the Add button. This will complete the Add Host dialog (but not yet create the host record).
- Click the Next button. This will take you to the Transport page of the Add Endpoint Wizard.
- Click the Next button. This will take you to the Tunnel page of the Add Endpoint Wizard.
- Adjust the IP address ranges listed in the Except for field on left side of the page to include the LAN network to which the Windows machine is connected (eg “192.168.1.0/24”).
- Click the Next button. This will take you to the Extras page of the Add Endpoint Wizard.
- Select Private for the Firewall Zone dropdown.
- Select the No changes to DNS settings when tunnel is up option.
- Click the Next button. This will take you to the Review page of the Add Endpoint Wizard.
- Click the Apply button. This will add the server to the ACSC network.
- Click the Set Up Agent icon on the Point panel on the right side of the page. This will take you to the Set Up page for the Windows machine.
- Click the acsc.conf and acsc-setup.conf links. This will download the unique
acsc.confandacsc-setup.conffiles for the Windows machine.
Install Agent on Host
Next, to install the ACSC agent on the Windows machine, perform the following steps on the machine as the local Administrator user:
-
Create a new
C:\Program Files\Anti-Cloud\Secure Connect\agent\cnf\directory on the machine. -
Copy the unique
acsc.confandacsc-setup.conffiles you downloaded above into this directory on the machine. -
Copy the agent’s MSI (Microsoft Installer) package to the machine, and execute it.
-
If the PowerShell execution policy on the machine is
Restricted(orDefault), change its policy toRemoteSigned(orAllSigned):PS> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Check Host in Management UI
The ACSC agent should be up and running on the host. Verify this by returning to the ACSC management UI; if your browser is still pointed to the host Set Up page, click the main page for this host link. Otherwise, follow these steps:
- Log into the ACSC management UI, and switch to the appropriate organization.
- Click the Hosts link in the page header. This will take you to the Hosts page.
- Click the name of the Test One host (or whatever you named the test host above). If you don’t see this host in the list, use the Filter by name… input at the top of the page to search for it by name. This will take you to the Test Host host page.
Check the Agent panel on the host page. It should show Good Ping in its Status field. If not, consult the Agent Troubleshooting documentation.
Test Connection on Host
Return to the Windows machine, open a command prompt, and run the following command to check the status of the ACSC network interface:
> netsh interface show interface
Admin State State Type Interface Name
-------------------------------------------------------------------------
Enabled Connected Dedicated Ethernet
Enabled Connected Dedicated acsc0
Then run the following command to verify that your Internet traffic is now emerging from the Anti-Cloud data center:
> curl ifconfig.me
162.210.184.102
Next Steps
To test using ACSC to connect from one Windows machine to another, try adding following the above steps with a second machine. Once both machines are up and running on the ACSC network, you can connect from the first machine to any network services running on the second machine to which Windows Defender Firewall allows access.
For example, if the second machine allows ping (ie ICMP Echo Request) through its firewall, and the second machine’s ACSC address is 10.12.34.56, you can run the following in a command prompt on the first machine to ping the second:
> ping 10.12.34.56
Pinging 10.12.34.56 with 32 bytes of data:
Reply from 10.12.34.56: bytes=32 time=89ms TTL=128
Reply from 10.12.34.56: bytes=32 time=89ms TTL=128
Reply from 10.12.34.56: bytes=32 time=89ms TTL=128
Reply from 10.12.34.56: bytes=32 time=89ms TTL=128
Ping statistics for 10.12.34.56:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 89ms, Average = 89ms
See the Add Windows Remote Server, Not on Domain documentation for more details about opening up the firewall on a Windows server to allow access to its network services exclusively via ACSC.
To enable Windows machines to join an Active Directory domain through the ACSC network, you must first add a domain controller to the ACSC network. See the Add Windows Local Domain Controller documentation to add a domain controller.