Getting Started is Easy

We'll walk you through the simple steps below to spin up your first network.

1. PREREQUISITES

First, sign up for a Free AWS Account, then subscribe to the NetFoundry Platform in the AWS Marketplace. Lastly, if you don't already have a NetFoundry Account, sign up for one. It's free as well.

1. Sign up for a AWS Account

Click Here

2. Subscribe in AWS

Click Here

3. Sign up for NetFoundry

Click Here

2. CREATE YOUR NETWORK

a. Log into your NetFoundry console

b. If you have not created a network yet, “Create A New Network” and give it a name (ex: NFdemo). NOTE: Keep the default Network Type "Version 7" selected from the dropdown menu.

c. It will take approximately 3-5 minutes for you network to be created. While the network is being created, the icon to the left of the network name will spin. Once your network is ready, the icon turns green.

3. ADDING EDGE ROUTERS

Create a Netfoundry Hosted(public) Edge Router in the Console to establish a "Fabric"

a. From the NetFoundry Console left-hand navigation, select Manage Edge Routers.

b. In the upper right, click the + sign to add an Edge-Router.

c. Give your edge router a name (ex: NetFoundryPublic).

d. In the "Select or Create Router Attributes" field, type in "public"

e. For "Select a Hosting Type", toggle the "NetFoundry Hosted" option and select a data center region. The regions you select should be somewhere in close to the endpoint location you are planning to use.

f. Hit the “Create” button.

g. Hit Esc icon in upper right to close the window

h. Once this router is registered it will accept an outbound fabric connection from the private launched Edge-Router as well as accept connections from clients to access the "Fabric".

THEN Create a Customer-Hosted(private) Edge Router in the Console

a. From the NetFoundry Console left-hand navigation, select Manage Edge Routers.

b. In the upper right, click the + sign to add an edge-router.

c. Give your edge router a name (ex: CustomerPrivate)

d. In the "Select or Create Router Attributes" field, type in "private"

e. Hit the “Create” button.

f. Click on "Registration Key" (this will copy it to your clipboard).

g.Hit Esc icon in upper right to close the window.

LAUNCH THIS EDGEROUTER IN AWS VIA CLOUDFORMATION:

a. Click here to launch the AWS Cloud formation stack. This will automatically launch AWS CloudFormation Console (it will prompt if you're not already logged in). Verify in the upper left corner of the AWS console that you are in the same region as you used when creating the Edge Router in NetFoundry console.

b. Once in the CloudFormation Console, the template should already be filled in. Click Next to continue.

c. Paste your Router Registration key in the appropriate field. Click Next to continue.

d. On the next page (“Configure Stack Options”) – leave all defaults. Click Next to continue.

e. From the Review page… Click Create to launch the stack=

f. This CloudFormation script will create a simple VPC, subnet, routing table,internet gateway & two (2) EC2 instances along with a security group to allow port 80(http) from anywhere to the Demo App.
• One t2.micro for the Hello World web page
One t2.micro for the "NetFoundry Zero Trust Networking Platform" VM

g. Once the stack is launched, go to the CloudFormation “Output” section of the stack just created. You will find the internal IP address of the Demo App you will use for the next section. You can also test the external URL of the Demo App to make sure it’s accessible. The internal URL will only work once the NFN network is complete. (This could take 2-3 minutes)

The CloudFormation script will launch in the last region your account was signed in. If you would like to launch in a different region, simply switch regions from the drop down. Please be sure you are launching in the same region you selected your NetFoundry gateway to be in.

4. CREATE A NETFOUNDRY ENDPOINT (CLIENT)

a. From the NetFoundry Console left-hand navigation select Manage Endpoints.

b. In the upper right, click the + sign to add an Endpoint.

c. Give your Endpoint a name (ex: CustomerEndpoint).

d. In the "Select or Create Endpoint Attributes" field, type in "DemoEndpoints"

e. Hit the “Create” button.

f. Click on "Download Key" or use the QR Code.

g. Click on the "Select an Installer" to choose the appropriate platform. If you're using a mobile phone, you can find the app in the corresponding app st

h. Hit Esc icon in the upper right to close the window.

5. EDGE ROUTER POLICY

a. From the NetFoundry Console left-hand navigation, select Manage EdgeRouters, then select "Manage Edge Router Policies" from the sub menu. This policy will allow a specific endpoint or group of endpoints access to a specific router or group of routers.

b. In the upper right, click the + sign to add an Edge-Router Policy.

c. Give the Edge Router Policy a name (ex: RouterPolicy1)

d. In the "Edge Router Attributes" section, we will select #public(this will select all routers with that attribute)

e. In the "Endpoint Attributes" section, we will select #all (this will select all routers with that attribute)

f. Hit the “Create” button

6. MANAGE SERVICES

a. From the NetFoundry Console left-hand navigation, select Manage Services and AppWans, then select "Manage Services" from the sub menu.

b. In the upper right, click the + sign to add a new Service.

c. Give the Service a name (ex: DemoApplication)

d. In the "Service Attributes" section, type in "demoapp"

e. In the "Hosting Strategy" section, we will define how the client is going to "intercept the traffic" first

f. In the "Intercept Host Name / IP" field, type in "mydemoapp.ziti"

g. In the "Port/Range" field, type in "80"

h. Toggle the "Native Application SDK Based" toggle to the no position

i. Toggle the radio button to "Router Hosted"

j.From the "Select a router to host this service" drop-down, select "CustomerPrivate"

k. From the "Protocol" drop-down, select "TCP"

i. In the "Host Name / IP" field, enter the internal IP address for the demo server. (From the "LAUNCH THIS EDGEROUTER IN AWS VIA CLOUDFORMATION" step above)

m. In the "Port" field, type in "80"

n. Click on the "Create"

7. CREATE APPWAN

a. From the NetFoundry Console left-hand navigation, select Manage Services and AppWans, then select "Manage AppWans" from the sub menu.

b. In the upper right, click the + sign to add an AppWan.

c. Give the AppWan the name 'DemoAppwan'

d. In the "Service Attributes" section, we will select #demoapp (this will select all services with that attribute)

e. In the "Endpoint Attributes" section, we will select #DemoEndpoints(this will select all routers with that attribute)

f. Click "CREATE" button to create the AppWAN

8. INSTALL NETFOUNDRY CLIENT

a. if you haven't created an endpoint, follow the relevant instructions from "CREATE A NETFOUNDRY ENDPOINT" before proceeding

b. Install the downloaded software, by double-clicking on the installer.

c. Once installed, open the software by clicking on the tray/status icon.

d. Click on the "Add Identity" & browse to the file downloaded in Step(4g). If you didn't download the file, you can navigate back to the console "Manage Endpoints" and click on the name of the Endpoint you created (ex: CustomerEndpoint). You can download the key again from this location.

e. Your Endpoint software should now show an "Enabled" identity.

9. TEST CONNECTION WITH THE HELLO WORLD WEBPAGE

a. Open a web browser and go to the site "http://mydemoapp.ziti"

b. The Hello World webpage should come up for the webserver.

c. This concludes the demo, you successfully accessed a private service using the NetFoundry network.

10. REMOVAL of AWS RESOURCE, ONCE DEMO IS COMPLETE.

a. From the AWS Console, Select the service “CloudFormation

b. Select the stack “NFNDemo” from the list

c. Click DELETE.

Let’s talk about what appwans can do for you.

CONTACT US