PingOne Privilege

Configuring a private gateway

This guide explains how to add a private gateway to an on-premises or non-AWS cloud network. Private gateways act as a secure entry point, allowing PingOne Privilege to manage and audit access to your internal resources.

Prerequisites

Before you begin, ensure the following inbound ports are open on the host where you will install the gateway: 22, 443, 3389, 8640, and 8690.

Procedure

To add a private gateway:

  1. In the PingOne Privilege admin console, go to Cloud > Gateways.

  2. Click Add New, and then click Add via Docker.

  3. Select Private Proxy.

  4. Enter a unique Cluster ID to identify this gateway group, and provide the Host IP of the server where the gateway will be installed.

  5. Click Get Docker Command and copy the generated command.

  6. On your designated host within your on-premises network, run the Docker command you just copied.

The gateway will start and automatically register with the PingOne Privilege controller.

The PingOne Privilege controller does not have automatic visibility into on-premises network topology. After deploying the gateway, you must manually configure which resources are accessible through it.

Validation

After adding the gateway, go to the Cloud > Gateways page in the admin console. Your new private gateway should be listed with a "Verified" status.