Command Line Deployments of DxOdyssey
Summary
DxOdyssey may be deployed on any server from the command line by using DxCLI without the need to use the DxOdyssey UI.
Information
This KB covers how to setup a gateway group and configure tunnels, clients and groups from the command line.
Setup the First Gateway
-
Execute
dxcli gateway-group-set-secretto set the gateway group passkey. This is required for other gateways to join the gateway group without using DH2i's NAT match agent. -
Activate the server with a license key by executing
dxcli activate-server <license_key>. -
Execute
dxcli set-otpkto generate a One-Time Pass Key (OTPK) so other gateways may join using DH2i's NAT match agent. -
Copy the key.
-
If the gateway is a Docker container, execute the
runfirst.shscript in the container's root directory.
Setup Additional Gateways.
-
On another gateway, execute
dxcli join-gateway-group. -
Follow the prompts to use DH2i's NAT match agent and the previously generated OTPK to join the gateway to the gateway group.
noteIf an alternative matchmaking service is being used, enter that web address instead. Pressing enter with no input will use the default matchmaking service.
-
Activate the server with a license key by executing
dxcli activate-server <license_key>. -
If the gateway is a Docker container, execute the
runfirst.shscript in the container's root directory.infoAll proceeding steps in this KB are executable on any gateway in the gateway group, and all steps besides tunnel creation are optional. These commands have specific syntax requirements, so it is important to follow the supplied command usage and examples.
-
Add clients to the gateway group by executing
dxcli update-client.Syntax:
dxcli update-client <client_name> <client_password>Example:
dxcli update-client client1 Passw0rd -
Create client groups by executing
dxcli update-client-group.Syntax:
dxcli update-client-goup <group_name>:<client_name>,<client_name>Example:
dxcli update-client-group group1:client1,client2,client3 -
Create tunnel groups by executing
dxcli gateway-group-add-tunnel-group.Syntax:
dxcli gateway-group-add-tunnel-group <virtual_ip> <gateway_node>,<gateway_node>infoIf you supply the loopback address for the virtual IP, then add an asterisk (*) at the beginning. This tells DxOdyssey not to bind that IP address.
Example:
dxcli gateway-group-add-tunnel-group *127.0.0.1 Server1,Server2 -
Create source filters by executing
dxcli update-addressfilter.Syntax:
dxcli update-addressfilter <filter_name> <filter_address>:<filter_action> <default_action>Example:
dxcli update-addressfilter filter1 10.10.1.0:allow deny
dxcli update-addressfilter filter2 10.10.2.0:deny allow -
Create tunnels by executing
dxcli add-tunnel. It is optional to add a source filter and/or gateway group, so those options may be omitted.infoDocker containers require that exposed ports are mapped before the container is started. For further details on port mapping, please see the Additional Information section at the end of this article.
Syntax:
dxcli add-tunnel <tunnel_name> <enabled_status> <destination_gateway> <destination_address>:<port> <origin_gateway>/<origin_address>:<port>[/<source_filter_name>] [<tunnel_group_name>]Example:
dxcli add-tunnel Tunnel1 TRUE Server1 10.1.201.190:3389 Server2/0.0.0.0:25001 TUNNELGROUP1 -
Add clients and client groups to tunnels by executing
dxcli update-tunnel-clients.Syntax:
dxcli update-tunnel-clients <tunnel_name> <client_name:listener_ip:port> <group_name:listener_ip:port>infoClients need to be defined first and groups second. If no clients are being added, then replace the client section with empty double quotes ("").
Example:
dxcli update-tunnel-clients Tunnel1 client1:127.0.0.1:50001 group1:127.0.0.1:50001
dxcli update-tunnel-clients Tunnel1 "" group1:127.0.0.1:50001