WAPT server accessible from the outside

Questions about WAPT Server / Requests and help related to the WAPT server
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Locked
MathieuNG
Messages: 3
Registration: May 22, 2023 - 3:32 p.m.

May 23, 2023 - 2:15 PM

Good morning,

To begin, here is my setup:
  • WAPT version installed: 2.4
  • Server OS: Debian GNU/Linux 11 (bullseye)
  • Operating system of the administration/package creation machine: Windows 11
  • An Nginx PM acting as a reverse proxy

I have two questions, one of which is very simple, but I can't find an answer despite my research.

Question 1:
Is it possible to enable and use Kerberos authentication without Active Directory?

Question 2:
Context :
We currently have several sites without MPLS, so I would like to make the WAPT server accessible from the internet.
To do this, I'm using Nginx PM and my router routes all traffic to this Nginx PM. Furthermore, I'd prefer not to create a DMZ.
Everything works, it's perfect, but everyone can access the WAPT web page via browser.

I would like to block access to the web page but still allow agents to communicate with the WAPT server

How can I do it?
(I've already seen this topic, it's not exactly the same context:) viewtopic.php?t=3430 )

Thanks in advance
High
MathieuNG
Messages: 3
Registration: May 22, 2023 - 3:32 p.m.

May 30, 2023 - 4:23 PM

Hello,

after reading many forum topics and documentation, I've decided to implement certificates.
To access the WAPT console, I'm using the domain contoso.mydomain.fr, which is associated with a Let's Encrypt certificate.

However, I'm having trouble understanding how to implement a client certificate.
Where should I configure them: "Tools - Preferences - Check HTTPS Server Certificate," during WAPT agent creation, or during the initial configuration?
How do I generate them: from a client using commands like "wapt-get enable-check-certificate" and "wapt-get restart-waptservice," or on the server?

I'm completely lost.

Thank you for your help.
High
Locked

Return to "WAPT Server"


  • To go further with WAPT