...
The VPN configuration is not distributed by CAS.
This scenario is considered more secure than Scenario A.
...
Notes
Gate service
Listens for terminal’s The Gate service listens for your terminals' pairing requests. In the event of After a successful pairing, the gate service sends the terminal the VPN configuration, including information on how to connect to the master service.
Prior to pairing, the terminal's VPN configuration must already
...
have been generated.
The Gate service uses the batmgate unix user, which is a member of the batm group.
The Gate service is listening listens on port 7741. Please note that The master service uses the same port uses master service - but on a different interface.
| Info |
|---|
Gate service’s TCP port 7741 should be temporarily accessible from the Internet only temporarily when performing the a pairing. Don’t For security reasons - don’t leave it open. Leaving it open will encourage attackers to try playing with focus on your server. |
| Note |
|---|
The Gate service is only compatible with terminals running on version 20230801 and newer!
|
...
Gate service configuration
/batm/config/network
See the The example below to see demonstrates that every individual service has its own bind IP address used to run application enabling expected behavior, basic setup . During installation, a default configuration will be created during upon the first initial execution of batm-manage start
| Code Block |
|---|
public_ip=1.2.3.4 master_bind_ip=10.3.2.1 gate_bind_ip=10.3.1.1 admin_bind_ip=10.3.2.2 |
/batm/config/gate.properties
Basic properties fully functional will be generated by the first batm-manage start gate (or all when it comes to gate service)
...