Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Deploy Secure App Connector V2 on VMWare VSphere Hypervisor (ESXi) using OVA for UDP Applications

NOTE: Make sure to allow the following domains and HTTP(S) ports when you are using a firewall, For more details, see Secure App Connector V2 Prerequisites and Firewall settings For Private Applications


  • Skyhigh Security recommends Secure App Connector have at least 8CPU12GB RAM, and 70GB HDD.  

Steps to Deploy 

  1. Download the latest OVF package.
  1. In the Select creation type window, select Deploy a virtual machine from an OVF or OVA file.


  1. Name a virtual machine and upload the OVA file.

MicrosoftTeams-image (120).png

  1. Select the storage type and data store.


  1. Read and accept the terms of the license agreement, then click Next.


  1. Select Thin as the Disk provisioning in the Deployment options.  


  1. Review all the details and Click Finish.

MicrosoftTeams-image (121).png

  1. The OVA file will be deployed in ~5-10 minutes (depending on the network speed). Deployment progress can be monitored in the Recent tasks panel.

Screenshot (351).png

  1. Power ON the VM once the OVA deployment is completed. You can access the VM via Remote Console. 

Change the Password after the OVA Deployment

To change the default user name and the password (Login: admin / Password: Welcome@123) OVA deployment is completed. 

To change the root user password:
  1. Login to the host VM.
  2. Type sudo passwd command.
  3. Enter a new password in the New password field.
  4. Re-enter the new password in the Retype new password field. 
  5. When the new password is set, the passwd: all authentication tokens updated successfully message appears.
To change the user admin password: 
  1. Login to the host VM.
  2. Type passwd command.
  3. Enter the existing user password In the current user admin field.
  4. Enter a new password in the New password field.
  5. Re-enter the new password in the Retype new password field. 
  6. When the new password is set, the passwd: all authentication tokens updated successfully message appears.

OVA Deployment Validation 

  1. If DHCP service is available in our environment, then IPV4 address allocation will be done automatically. In case IPV4 address is not assigned then just execute => sudo systemctl restart network. Find out the IPV4 address and login to VM.
  2. If you are manually allocated with an IP address, login to VM via Remote Console. (Login: admin / Password: Welcome@123).

MicrosoftTeams-image (122)-1.png

  1. Run the sudo /home/admin/ to configure static IP on VM 

MicrosoftTeams-image (85).png

  1. Verify if public sites are reachable.
  • Use curl -v -k -L --connect-timeout 5 2>&1 | grep "Connected to" the command when not using the proxy. 
  • Use curl -v -k --connect-timeout 5 [--proxy <PROXY>] 2>&1 | grep "200 Connection established" the command when using the proxy.
Deploy the connector using the script

NOTE: The script is already present in the OVA in the home directory.

  1. Download connector configuration content from SSE and copy it to the VM. Copy the config file to /home/admin.
  2. Execute the installer => sudo bash deploy_connector --init_file <CONFIG_FILE> [--proxy=<PROXY> ] [--udp_socks_proxy= <UDP_SOCKS_PROXY>] [--no_proxy= <NO_PROXY>].
    • <PROXY>: Address of the proxy server (optional)
    • <NO_PROXY> :  List of domains that can be added to bypass the proxy (optional). This parameter can be ignored if you don't have any domains that need to bypass the proxy, even when a proxy is used.
    • <UDP_SOCKS_PROXY>  is used to access the internet via SOCKS proxy for UDP traffic.

Note: Make sure you have the UDP Socks Proxy in this format i.e. <ip>:<port> or <hostname>:<port>. For example:

NOTE: Set the <PROXY>, <NO_PROXY> and < UDP_SOCKS_PROXY> parameters only when your connector uses a proxy server to reach the Internet.

  1. Confirm if connector deployment is successful. 

You can validate your connector deployment, see Secure App Connector V2 CLI for UDP Applications