Rubicon netgate XG-7100 Manual

Security gateway

Hide thumbs

page of 57

/ 57
Bookmarks

Quick Links

Download this manual

Security Gateway Manual

XG-7100

Apr 16, 2020

Need help?

Do you have a question about the netgate XG-7100 and is the answer not in the manual?

Questions and answers

Summary of Contents for Rubicon netgate XG-7100

Page 2 CONTENTS 1 Out of the Box 2 How-To Guides 3 References...
Page 3 Security Gateway Manual XG-7100 This Quick Start Guide covers the ﬁrst time connection procedures for the Netgate® XG-7100 Desktop Firewall Appliance and will provide the information needed to keep the appliance up and running. © Copyright 2020 Rubicon Communications LLC...
Page 4 CHAPTER OUT OF THE BOX 1.1 Getting Started The basic ﬁrewall conﬁguration begins with connecting the pfSense® appliance to the Internet. The pfSense appliance should be unplugged at this time. Connect one end of an Ethernet cable to the WAN port (shown in the Input and Output Ports section) of the pfSense appliance.
Page 5 Advanced Button and the click Proceed to 192.168.1.1 (unsafe) to continue. Fig. 2: Click Advanced and then Proceed to 192.168.1.1 (unsafe) 3. At the Sign In page, enter the default pfSense username and password and click Next. © Copyright 2020 Rubicon Communications LLC...
Page 6 WAN conﬁguration page. DHCP is the default and is the most common type of interface for home cable modems. Default settings for the other items on this page should be acceptable for normal home users. © Copyright 2020 Rubicon Communications LLC...
Page 8 Section 1 shows important system information such as the model, Serial Number, and Netgate Device ID for this pfsense ﬁrewall. Section 2 identiﬁes what version of pfSense software is installed, and if an update is available. © Copyright 2020 Rubicon Communications LLC...
Page 10 Connecting to the Console There are times when accessing the console is required. Perhaps GUI console access has been locked out, or the password has been lost or forgotten. See also: © Copyright 2020 Rubicon Communications LLC...
Page 12 Limited to 10G link speed (no 1G support). • SFP+ AoCs (Active optical Cables). Note: Limited to 10G link speed (no 1G support). • Third party SFP+ SR/LR dual speed 1G/10G) optical modules • SFP+ active copper cables © Copyright 2020 Rubicon Communications LLC...
Page 13 • Recessed Reset Button (performs a hard reset, immediately turning the system off) • 1x USB 3.0 • Status LED • Power (PWR) LED (green when powered on, red after a graceful shutdown) • Console (Mini-USB) • 2x USB 2.0 © Copyright 2020 Rubicon Communications LLC...
Page 14 Contact a qualiﬁed electrician or the manufacturer if there are questions about the installation prior to connecting the equipment. d) Protective grounding/earthing is provided by Listed AC adapter. Building installation shall provide appro- priate short-circuit backup protection. © Copyright 2020 Rubicon Communications LLC...
Page 15 Das Symbol weist darauf hin, dass das Produkt von regulärem Haushaltmüll getrennt entsorgt werden sollte. Es liegt in Ihrer Verantwortung, dieses Gerät und andere elektrische und elektronische Geräte über die dafür zuständigen und von der Regierung oder örtlichen Behörden dazu bestimmten Sammelstellen zu entsorgen. Ordnungsgemäßes Entsorgen © Copyright 2020 Rubicon Communications LLC...
Page 16 NETGATE tímto prohla uje, e tento NETGATE device, je ve shod se základními po adavky a dal ími p íslu n mi ustanoveními sm rnice 1999/5/ES. Dansk [Danish] Undertegnede NETGATE erklærer herved, at følgende udstyr NETGATE device, overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF. © Copyright 2020 Rubicon Communications LLC...
Page 17 Hér me l sir NETGATE yﬁr ví a NETGATE device, er í samræmi vi grunnkröfur og a rar kröfur, sem ger ar eru í tilskipun 1999/5/EC. Italiano [Italian] Con la presente NETGATE dichiara che questo NETGATE device, è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999/5/CE. © Copyright 2020 Rubicon Communications LLC...
Page 18 Niniejszym, ﬁrma NETGATE o wiadcza, e produkt serii NETGATE device, spełnia zasadnicze wymagania i inne istotne postanowienia Dyrektywy 1999/5/EC. Português [Portuguese] NETGATE declara que este NETGATE device, está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. © Copyright 2020 Rubicon Communications LLC...
Page 19 Please review our other policies, such as our pricing policy, posted on our websites. These policies also govern your use of Products/Services. We reserve the right to make changes to our site, policies, service terms, and these terms © Copyright 2020 Rubicon Communications LLC...
Page 20 LESS OTHERWISE SPECIFIED IN WRITING. YOU EXPRESSLY AGREE THAT YOUR USE OF THE PROD- UCTS/SERVICES IS AT YOUR SOLE RISK. TO THE FULL EXTENT PERMISSIBLE BY APPLICABLE LAW, RUBICON COMMUNICATIONS, LLC (RCL) AND ELECTRIC SHEEP FENCING (ESF) DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUD- ING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PAR- TICULAR PURPOSE.
Page 21 CHAPTER HOW-TO GUIDES 2.1 Conﬁguring the Switch Ports See also: For an overview of how the switch ports are set up, see Switch Ports Overview. 2.1.1 Switch Section From the pfSense webGUI, there is a menu option called Switches under the Interfaces drop-down. This section contains switch speciﬁc conﬁguration options.
Page 22 Under Interface Assignments, notice LAGG0 (UPLINK) is displayed as an available port but is not enabled in the list of interfaces. This is because the default conﬁguration is only expecting VLAN tagged trafﬁc so the VLAN child interface 4090 and 4091 are enabled instead. © Copyright 2020 Rubicon Communications LLC...
Page 25 Under LAGGs, the default lagg0 containing ix2 and ix3 can be seen. The lagg0 interface should not be modiﬁed. 2.1.3 Switch Conﬁguration Examples Dedicated LAN switch In this scenario, SFP+ port ix0 will be conﬁgured as the WAN interface. ETH1-8 will be conﬁgured as a LAN switch. © Copyright 2020 Rubicon Communications LLC...
Page 26 In this example, ix0 will be WAN, so select option 1 to re-assign WAN from lagg0.4090 to ix0: No additional VLANs are needed for this, so enter n to continue. Input ix0 as the new WAN interface name: © Copyright 2020 Rubicon Communications LLC...
Page 27 Security Gateway Manual XG-7100 Input the same default LAN interface of lagg0.4091 for the LAN interface name and press Enter to complete the interface reassignment: The interface assignments should show like this now: © Copyright 2020 Rubicon Communications LLC...
Page 28 VLAN 4090 is no longer needed since WAN is dedicated to ix0 now. You can either select on the row containing 4090 to delete this entry, or click to remove port 1 as a member: © Copyright 2020 Rubicon Communications LLC...
Page 29 Next, update the PVID for ETH1 so that it uses VLAN 4091 rather than the old VLAN 4090. To do this, click on the Ports tab and click on the 4090 Port VID to modify it: © Copyright 2020 Rubicon Communications LLC...
Page 30 A new LAN network should be created in pfSense ﬁrst. Similar to the existing LAN interface, another VLAN interface should be used so the switch can segment trafﬁc appropriately. Create a new VLAN with lagg0 as the parent under Interfaces -> Assignments -> VLANs: © Copyright 2020 Rubicon Communications LLC...
Page 31 Security Gateway Manual XG-7100 Once the VLAN has been created, it should look something like this: Add, enable, and conﬁgure the VLAN interface under Interfaces Assignments: © Copyright 2020 Rubicon Communications LLC...
Page 32 Interfaces -> Switches -> VLANs and click the Add Tag button. Input the VLAN tag for the new network (same as the VLAN ID conﬁgured in the previous steps) and add ETH1-4 and PORT9-10 (uplinks) as members. Be sure 9 and 10 are marked as tagged: © Copyright 2020 Rubicon Communications LLC...
Page 33 Once this is done, delete the untagged members 1,2,3,4 from VLAN group 2 and click the Save button. The ﬁnal result should look like this: Lastly, update the Port VIDs to use the new 4081 VLAN rather than 4091 on ETH1-4 and click Save: © Copyright 2020 Rubicon Communications LLC...
Page 34 Next, add the VLAN to the switch under Interfaces -> Switches -> VLANs. ETH8 and PORT9-10 should be added as members and all three will be marked as tagged: Once it’s added, the ﬁnal result should look like this: © Copyright 2020 Rubicon Communications LLC...
Page 35 Next, locate an appropriate USB cable that has a USB Mini-b (5-pin) connector on one end and a regular USB Type A plug on the other end. These cables are commonly used with smaller USB peripherals such as GPS units, cameras, and so on. © Copyright 2020 Rubicon Communications LLC...
Page 36 Look for an entry with a title such as Silicon Labs CP210x USB to UART Bridge. If there is a label in the name that contains “COMX” where X is a decimal digit (e.g. COM3), that value is what would be used as the port in the terminal program. Mac OSX © Copyright 2020 Rubicon Communications LLC...
Page 37 Click the Open button and the console screen will be displayed. GNU screen In many cases screen may be invoked simply by using the proper command line, where <console-port> is the console port that was located above. © Copyright 2020 Rubicon Communications LLC...
Page 39 Window > Translation Handling of line drawing characters = Use font in both ANSI and OEM modes or Use Unicode line drawing code points Window > Colours Indicate bolded text by changing = The colour © Copyright 2020 Rubicon Communications LLC...
Page 40 ﬁrmware by selecting Firmware Access as the General Problem and then select Netgate XG-7100 Desktop for the platform. Make sure to include the serial number in the ticket to expedite access.
Page 41 ﬁrmware is conﬁgured so that a device plugged into the USB port will be booted with a higher priority. Note: For information on restoring from a previously saved conﬁguration, go to Backup and Restore. © Copyright 2020 Rubicon Communications LLC...
Page 42 10. Slide the base back into the lid of the cace, and replace the case screws. Use a hand screwdriver and be careful not to crossthread the screws. 11. Reinstall the pfSense software on the new M.2 SATA drive. © Copyright 2020 Rubicon Communications LLC...
Page 51 If you happen to be on an older version of Coreboot then an Update button will be available to click. Important: Pay close attention to any disclaimers presented. Some devices require a physical reboot or some step unique to that device. © Copyright 2020 Rubicon Communications LLC...
Page 52 CHAPTER THREE REFERENCES 3.1 Switch Ports Overview 3.1.1 Interface Links In addition to two SFP+ interfaces, there is also an ethernet switch on the XG-7100. There are eight ethernet ports on this switch that are physically accessible - these interfaces are referred to as ETH1-ETH8. In addition to those 8 ports, there are also three additional ports that operate behind the scenes - PORT 0, PORT 9 (ix2), and PORT 10 (ix3).
Page 53 (switch uplink ports 9 and 10), are conﬁgured as a load-balanced LAGG. This provides an aggregate uplink capable of 5Gbps for ethernet switchports ETH1-8. This is further demonstrated in the diagram below: © Copyright 2020 Rubicon Communications LLC...
Page 54 Trunk Port: Allows tagged trafﬁc containing speciﬁed VLAN IDs In the default conﬁguration, two VLANs are used to create the ETH1 WAN interface and ETH2-8 LAN interface: VLAN 4090 VLAN 4091 ETH1-8 are conﬁgured to act as Access ports. © Copyright 2020 Rubicon Communications LLC...
Page 55 VLAN group 5, Port 5, Members 6,7,8 VLAN group 6, Port 6, Members 5,7,8 VLAN group 7, Port 7, Members 5,6,8 VLAN group 8, Port 8, Members 5,6,7 With this conﬁguration in place, ETH1-8 now function like so: © Copyright 2020 Rubicon Communications LLC...
Page 56 Netgate training has got you covered. https://www.netgate.com/training 3.2.2 Resource Library To learn more about how to use your pfSense appliance and for other helpful resources, make sure to browse our Resource Library. https://www.netgate.com/resources © Copyright 2020 Rubicon Communications LLC...
Page 57 Product Lifecycle page. • All Speciﬁcations subject to change without notice For support information, view our support plans. See also: For more information on how to use pfSense® software, see the pfSense Documentation Resource Library. © Copyright 2020 Rubicon Communications LLC...

Rubicon netgate XG-7100 Manual

Quick Links

Need help?

Questions and answers

Related Manuals for Rubicon netgate XG-7100

Summary of Contents for Rubicon netgate XG-7100