Netgate SG-1000 Product Manual
  1. Manuals
  2. Brands
  3. Netgate Manuals
  4. Firewall
  5. SG-1000
  6. Product manual

Netgate SG-1000 Product Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Product Manual
SG-1000
Netgate
Dec 07, 2017

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SG-1000 and is the answer not in the manual?

Questions and answers

Related Manuals for Netgate SG-1000

Summary of Contents for Netgate SG-1000

  • Page 1 Product Manual SG-1000 Netgate Dec 07, 2017...

  • Page 2: Table Of Contents

    CONTENTS 1 SG-1000 Quick Start Guide I/O Ports ..........
  • Page 3 Product Manual, SG-1000 Thank you for your purchase of the pfSense® SG-1000 System This hardware platform provides a powerful, reliable, cost-effective solution. Quick Start Guide SG-1000 Quick Start Guide covers the first time connection procedures and will provide you with the information you need to get your appliance up and running.

  • Page 4: Sg-1000 Quick Start Guide

    CHAPTER SG-1000 QUICK START GUIDE This Quick Start Guide covers first time connection procedures for a new appliance.

  • Page 5: I/O Ports

    Product Manual, SG-1000 Table of Contents 1.1 I/O Ports Ports are assigned as pictured. Front • LAN (cpsw1) • WAN (cpsw0) Note: Both the WAN and LAN ports of the pfSense appliance support auto-MDIX and are capable of utilizing either straight-through or crossover ethernet cables.
  • Page 6 Product Manual, SG-1000 Fig. 1.1: Installing a Micro-SD card in the SG-1000 1.1. I/O Ports...

  • Page 7: Getting Started

    Product Manual, SG-1000 1.2 Getting Started Tip: Before configuring the pfSense appliance it is best to activate the bundled Gold by following the instructions at https://www.netgate.com/register/. The basic firewall configuration begins with connecting the pfSense appliance to the Internet. Neither the modem nor the pfSense appliance should be powered up at this time.
  • Page 8 Product Manual, SG-1000 At the login page enter the default pfSense password and username: Username admin Password pfsense Click Login to continue 1.2.3 Wizard Upon successful login, the following is displayed. 1.2. Getting Started...
  • Page 9 Product Manual, SG-1000 1.2.4 Configuring Hostname, Domain Name and DNS Servers 1.2.5 Hostname For Hostname, any desired name can be entered as it does not affect functionality of the firewall. Assigning a hostname to the firewall will allow the GUI to be accessed by hostname as well as IP address.

  • Page 10: Time Server Synchronization

    Product Manual, SG-1000 DNS servers can be specified here even if they differ from the servers assigned by the ISP. Either enter the IP addresses provided by the ISP, or consider using Google public DNS servers (8.8.8.8, 8.8.4.4). Google DNS servers are used for the purpose of this tutorial.
  • Page 11 Product Manual, SG-1000 DHCP is the most common type of interface for home cable modems. One dynamic IP address is issued from the ISP DHCP server and will become the public IP address of the network behind this firewall. This address will change periodically at the discretion of the ISP.
  • Page 12 Product Manual, SG-1000 1.2.15 Configuring PPPoE and PPTP Interfaces Information added in these sections is assigned by the ISP. Configure these settings as directed by the ISP 1.2.16 Block Private Networks and Bogons When enabled, all private network traffic originating on the internet is blocked.
  • Page 13 Product Manual, SG-1000 The following inbound address Ranges are blocked by this firewall rule: • 10.0.0.1 to 10.255.255.255 • 172.16.0.1 to 172.31.255.254 • 192.168.0.1 to 192.168.255.254 • 127.0.0.0/8 • 100.64.0.0/10 • fc00::/7 Bogons are public IP addresses that have not yet been allocated, so they may typically also be safely blocked as they should not be in active use.
  • Page 14 Product Manual, SG-1000 1.2.18 Change Administrator Password Select a new Administrator Password and enter it twice, then click Next to continue. 1.2.19 Save Changes Click Reload to save configuration. 1.2.20 Basic Firewall Configured To proceed to the webConfigurator, make the selection as highlighted. The Dashboard display will follow.
  • Page 15 Product Manual, SG-1000 1.2.21 Backing Up and Restoring At this point, basic LAN and WAN interface configuration is complete. Before proceeding, backup the firewall con- figuration. From the menu at the top of the page, browse to Diagnostics > Backup/Restore.
  • Page 16 Product Manual, SG-1000 Click Download Configuration and save a copy of the firewall configuration. This configuration can be restored from the same screen by choosing the backup file under Restore configuration. 1.2. Getting Started...

  • Page 17: Connecting To Console Port

    Product Manual, SG-1000 1.2.22 Connecting to the Console There are times when accessing the console is required. Perhaps GUI console access has been locked out, or the password has been lost or forgotten. See also: Connecting to Console Port Connect to the console. Cable is required.
  • Page 18 Product Manual, SG-1000 Open PuTTY and locate the Session display as shown. Set the COM Port to that which is displayed in Windows Device Manager and the Speed to 115200. 1.3. Connecting to Console Port...
  • Page 19 Product Manual, SG-1000 Match the COM Port with what was reported in Windows Device Manager. We will use COM3 for this example. The pfSense appliance serial port speed is 115200 bits per second. The speed of the BIOS and the speed of the console must match so change the speed in PuTTy to 115200bps.
  • Page 20 Product Manual, SG-1000 Install the Driver Install an appropriate CP210x USB to UART Bridge VCP (virtual COM port) driver on the workstation used to connect with the system if needed. There are drivers available for Windows, Mac OS X, and Linux available in the...
  • Page 21 Product Manual, SG-1000 Mac OS X The device associated with the system console is likely to show up as /dev/cu.SLAB_USBtoUART. Linux The device associated with the system console is likely to show up as /dev/ttyUSB0. Look for messages about the device attaching in the system log files or by running dmesg.
  • Page 22 Product Manual, SG-1000 • Linux Example: PuTTY generally handles most cases OK but can have issues with line drawing characters on certain platforms. These settings seem to work best (tested on Windows): Window Columns x Rows = 80x24 Window > Appearance Font = Courier New 10pt or Consolas 10pt Window >...

  • Page 23: Additional Resources

    1.4.2 Netgate Training Netgate training offers training courses for increasing your knowledge of pfSense products and services. Whether you need to maintain or improve the security skills of your staff or offer highly specialized support and improve your customer satisfaction;...

  • Page 24: Warranty And Support Information

    There is much more that can be accomplished with pfSense software. The best source of information is The pfSense Book, included with the purchace of a Netgate pfSense security gateway appliance. Monthly hangouts and more are available to those with an active Gold subscription: https://www.netgate.com/...
  • Page 25 Product Manual, SG-1000 1.6.1 Safety Notices 1. Read, follow, and keep these instructions. 2. Heed all warnings. 3. Only use attachments/accessories specified by the manufacturer Warning: Do not use this product in location that can be submerged by water. Warning: Do not use this product during an electrical storm to avoid electrical shock.
  • Page 26 Product Manual, SG-1000 1.6.4 Industry Canada This Class A digital apparatus complies with Canadian ICES-3(B). Cet appareil numérique de la classe A est conforme à la norme NMB-(3)B Canada. 1.6.5 Australia and New Zealand Warning: This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.
  • Page 27 1.6.8 Declaration of Conformity ˇ Cesky[Czech] NETGATE tímto prohla uje, e tento NETGATE device, je ve shod se základními po adavky a dal ími p íslu n mi ustanoveními sm rnice 1999/5/ES. Dansk [Danish] Undertegnede NETGATE erklærer herved, at følgende udstyr NETGATE device, overholder de væsentlige krav og...
  • Page 28 Alulírott, NETGATE nyilatkozom, hogy a NETGATE device, megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak. Íslenska [Icelandic] Hér me l sir NETGATE yfir ví a NETGATE device, er í samræmi vi grunnkröfur og a rar kröfur, sem ger ar eru í tilskipun 1999/5/EC. Italiano [Italian] Con la presente NETGATE dichiara che questo NETGATE device, è...
  • Page 29 NETGATE erklærer herved at utstyret NETGATE device, er i samsvar med de grunnleggende krav og øvrige relevante krav i direktiv 1999/5/EF. Slovensky [Slovak] NETGATE t mto vyhlasuje, e NETGATE device, sp a základné po iadavky a v etky príslu né ustanovenia Smernice 1999/5/ES. Svenska [Swedish] Härmed intygar NETGATE att denna NETGATE device, står I överensstämmelse med de väsentliga egenskapskrav...

  • Page 30: Limited Warranty

    Product Manual, SG-1000 Rubicon Communications LLC Attn.: Legal Dept. 7212 McNeil Drive, Suite 204 Austin, Texas 78729 gal@netgate.com The arbitration will be conducted by the American Arbitration Association (AAA) under its rules. The AAA’s rules are available at www.adr.org. Payment of all filing, administration and arbitrator fees will be governed by the AAA’s rules.
  • Page 31 Product Manual, SG-1000 INCLUDED ON OR OTHERWISE MADE AVAILABLE TO YOU THROUGH THE PRODUCTS/SERVICES, UN- LESS OTHERWISE SPECIFIED IN WRITING. YOU EXPRESSLY AGREE THAT YOUR USE OF THE PROD- UCTS/SERVICES IS AT YOUR SOLE RISK. TO THE FULL EXTENT PERMISSIBLE BY APPLICABLE LAW, RUBICON COMMUNICATIONS, LLC (RCL)

  • Page 32: Sg-1000 Faq

    • Connect the memory stick to the USB OTG port using a USB OTG adapter cable 2. If the SG-1000 eMMC was running an older version of pfSense 2.4 or the USB OTG port does not allow the firewall to boot, use the SD card recovery method:...

  • Page 33: How Do I Reset To Factory Defaults

    • Plug the power cable back into the SG-1000 At this point the SG-1000 is ready for use. Connect to it and configure the firewall or restore a configuration as needed. 2.2 How do I reset to factory defaults? There are several methods that can be utilized to reset the configuration back to factory defaults:...

  • Page 34: Is The Cpu Temperature Too High

    The SG-1000 is passively cooled (no fans) and it will be warm to the touch. The firewall must be placed so it has adequate room for air to flow around the case.
  • Page 35 Product Manual, SG-1000 • iftop • iperf • ipsec-profile-wizard • LADVD • Lightsquid • mailreport • mtr-nox11 • nmap • Notes • nrpe • nut • OpenBGPD • openvpn-client-export • pfBlockerNG • Quagga_OSPF • routed • RRD_Summary • Service_Watchdog • Shellcmd •...

  • Page 36: Why Isn't "My Favorite Package" Available

    2.8 Why do I see failure messages in the BIOS output while booting? The U-Boot environment used by the SG-1000 prints error messages that can look concerning but are quite normal, depending on the components installed in or connected to the SG-1000.

  • Page 37: The Boot Environment On Emmc Is Corrupted And It Will Not Boot From Micro-Sd

    Micro-SD If the boot environment is present on the eMMC but it is broken in some way, the SG-1000 may not be able to boot from a Micro-SD card. In this case, with a bootable Micro-SD card installed, short the “SD BOOT” header using a jumper (not provided).

  • Page 38: Reinstalling Pfsense

    Note: The pfSense factory version is the version that is preinstalled on units purchased from Netgate. The factory image is optimally tuned for our hardware and contains some features that cannot be found elsewhere, such as the AWS VPN Wizard.

  • Page 39: Product Manual, Sg

    Product Manual, SG-1000...

This manual is also suitable for:

Pfsense xg-1540Sg-3100

Table of Contents