Freedom9 freeGuard 100 Install Manual
Utm firewall
Hide thumbs
Also See for freeGuard 100:
- Command line interface manual (310 pages) ,
- Administration manual (292 pages) ,
- Reference manual (57 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Freedom9 freeGuard 100
Summary of Contents for Freedom9 freeGuard 100
- Page 1 100 UTM Firewall INSTALL GUIDE P/N: F0025000 Rev. 1.2...
- Page 2 No part of this document may be photocopied, reproduced, or translated into another language without express prior to written consent of freedom9 Inc. © Copyright 2006, freeGuard and the freedom9 company logo are trademarks or registered trademarks of Freedom9 Inc. All rights reserved. Windows is a trademark or registered trademark of Microsoft Corporation.
-
Page 3: Table Of Contents
INTRODUCTION ... 1 ECURE INSTALLATION 1.1.1 BASED MANAGER 1.1.2 OMMAND LINE INTERFACE 1.1.3 ... 2 ETUP WIZARD OCUMENT CONVENTIONS 100 D FREE UARD OCUMENTATION GETTING STARTED... 5 ... 5 ACKAGE CONTENTS ... 6 OUNTING URNING THE FREE UARD ONNECTING TO THE WEB... - Page 4 RIORITIES OF HEARTBEAT DEVICE AND MONITOR PRIORITIES ONFIGURING FREE UARD 5.2.1 IGH AVAILABILITY CONFIGURATION SETTINGS 5.2.2 ONFIGURING FREE 5.2.3 ONFIGURING FREE ONNECTING THE CLUSTER TO YOUR NETWORKS NSTALLING AND CONFIGURING THE CLUSTER ... 33 S FOR OPERATION ... 33 UARD S FOR USING THE WEB UARD...
-
Page 5: Introduction
100 Unified Threat Management (UTM) Firewalls improve network security, reduce network misuse and abuse, and help you use communication resources more efficiently without compromising the performance of your network. The freeGuard 100 is a dedicated, easily managed security device that delivers a full suite of capabilities that include: •... -
Page 6: Command Line Interface
1.1.3 Setup wizard The freeGuard 100 setup wizard provides an easy way to configure the basic initial settings for the freeGuard 100. The wizard walks through the configuration of a new administrator password, freeGuard 100 interfaces, DHCP server settings, internal servers (web, FTP, etc.), and basic antivirus settings. - Page 7 execute restore config myfile.bak <xxx_str> indicates an ASCII string that does not contain new-lines or carriage returns. <xxx_integer> indicates an integer string that is a decimal (base 10) number. <xxx_octet> indicates a hexadecimal string that uses the digits 0-9 and letters A-F. <xxx_ipv4>...
-
Page 8: Freeguard 100 Documentation
100. freeGuard 100 CLI Reference Guide Describes how to use the freeGuard 100 CLI and contains a reference to all freeGuard 100 CLI commands. freeGuard 100 Log Message Reference Guide Describes the structure of freeGuard 100 log messages and provides information on all log messages generated by the freeGuard 100. -
Page 9: Getting Started
2 Getting started This section describes unpacking, setting up, and powering on a freeGuard 100. This section includes: • Package contents • Mounting • Turning the freeGuard 100 power on and off • Connecting to the web-based manager • Connecting to the command line interface (CLI) •... -
Page 10: Mounting
2.2 Mounting The freeGuard 100 can be installed on any stable surface. Make sure that the unit has at least 1.5 in. (3.75 cm) of clearance on each side to allow for adequate airflow and cooling. Dimensions: • 8.63 x 6.13 x 1.38 in. (21.9 x 15.6 x 3.5 cm) Weight: •... -
Page 11: Connecting To The Web-Based Manager
DHCP. The freeGuard 100 DHCP server assigns the management computer an IP address in the range “192.168.1.110” to “192.168.1.210”. • Using the Ethernet cable, connect the internal interface of the freeGuard 100 to the computer Ethernet connection. • Start Internet Explorer and browse to the address https://192.168.1.1. (remember to include... -
Page 12: Connecting To The Command Line Interface (Cli)
Type “admin” in the Name and Password fields and click “Login”. The Register Now window will be displayed. It is important to register the freeGuard 100 so that freedom9 can contact the unit for firmware updates. You must register to receive updates to the freeGuard 100 antivirus and attack definitions. -
Page 13: Quick Installation Using Factory Defaults
100 CLI Reference Guide. 2.6 Quick installation using factory defaults You can quickly set up your freeGuard 100 for a home or small office using the web-based manager and the factory default freeGuard 100 configuration. All you need to do is set your... -
Page 14: Factory Default Freeguard 100 Configuration Settings
100 web-based manager to configure the freeGuard 100 onto the network. To configure the freeGuard 100 onto the network you add an administrator password, change network interface IP addresses, add DNS server IP addresses, and configure basic routing, if required. -
Page 15: Factory Default Dhcp Server Configuration
2.7.2 Factory default NAT/Route mode network configuration When the freeGuard 100 is first powered on, it is running in NAT/Route mode and has the basic network configuration listed in Table 3. This configuration allows you to connect to the freeGuard 100 web-based manager and establish the configuration required to connect the freeGuard 100 to the network. -
Page 16: Factory Default Transparent Mode Network Configuration
100 firewall policies control how all traffic is processed by the freeGuard 100. Until firewall policies are added, no traffic can be accepted by or pass through the freeGuard 100. The factory default configuration contains one firewall policy that allows all traffic originating on the internal network to access the Internet. -
Page 17: Planning The Freeguard 100 Configuration
2.8 Planning the freeGuard 100 configuration Before you configure the freeGuard 100, you need to plan how to integrate the unit into the network. Among other things, you must decide whether you want the unit to be visible to the... -
Page 18: Nat/Route Mode
You can also configure the freeGuard 100 and the network it protects using the default settings. 2.8.1 NAT/Route mode In NAT/Route mode, the freeGuard 100 is visible to the network. Like a router, all its interfaces are on different subnets. The following interfaces are available in NAT/Route mode: •... -
Page 19: Configuration Options
DHCP server to supply IP addresses for the computers on your internal network. If you are configuring the freeGuard 100 to operate in Transparent mode, you can use the CLI to switch to Transparent mode. Then you can add the administration password, the management IP address and gateway, and the DNS server addresses. - Page 20 If you are configuring the freeGuard 100 to operate in Transparent mode, you can switch to Transparent mode from the web-based manager and then use the setup wizard to add the administration password, the management IP address and gateway, and the DNS server addresses.
-
Page 21: Nat/Route Mode Installation
3 NAT/Route mode installation This chapter describes how to install the freeGuard 100 in NAT/Route mode. This chapter describes: • Preparing to configure the freeGuard 100 in NAT/Route mode • Using the web-based manager • Using the command line interface •... -
Page 22: Dhcp Or Pppoe Configuration
PPPoE server. Your ISP may provide IP addresses using one of these protocols. To use the freeGuard 100 DHCP server, you need to configure an IP address range and default route for the server. No configuration information is required for interfaces that are configured to use DHCP. -
Page 23: Using The Command Line Interface
4. Click “OK”. To add a default route Add a default route to configure where the freeGuard 100 sends traffic destined for an external network (usually the Internet). Adding the default route also defines which interface is connected to an external network. The default route is not required if the interface connected to the external network is configured using DHCP or PPPoE. - Page 24 To set the WAN1 interface to use PPPoE, enter: config system interface edit wan1 set mode PPPoE set connection enable set username <name_str> set password <passwrd> 4. Use the same syntax to set the IP address of each freeGuard 100 interface as required.
-
Page 25: Using The Setup Wizard
<address_ip> To add a default route: Add a default route to configure where the freeGuard 100 sends traffic that should be sent to an external network (usually the Internet). Adding the default route also defines which interface is connected to an external network. -
Page 26: Starting The Setup Wizard
100. DHCP server Starting IP: Ending IP: Netmask: Default Gateway: DNS IP: Your freeGuard 100 firewall contains a DHCP server to automatically set up the addresses of computers on your internal network. Internal servers Web Server: SMTP Server: POP3 Server:... -
Page 27: Reconnecting To The Web-Based Manager
3.5 Connecting the freeGuard 100 to the network(s) When you have completed the initial configuration, you can connect the freeGuard 100 between your internal network and the Internet. There are seven 10/100 BaseTX connectors on the back of the freeGuard 100: •... -
Page 28: Configuring The Networks
Figure 9: freeGuard 100 NAT/Route mode connections 3.6 Configuring the networks If you are running the freeGuard 100 in NAT/Route mode, your networks must be configured to route all Internet traffic to the IP address of the freeGuard 100 interface to which they are connected. •... - Page 29 2. Click “Synchronize with NTP Server” to configure the freeGuard 100 to use NTP to automatically set the system time and date. 3. Enter the IP address or domain name of the NTP server that the freeGuard 100 can use to set its time and date.
-
Page 30: Transparent Mode Installation
You can use the web-based manager to complete the initial configuration of the freeGuard 100. You can continue to use the web-based manager for all freeGuard 100 settings. The first time you connect to the freeGuard 100, it is configured to run in NAT/Route mode. To switch to Transparent mode using the web-based manager: 1. -
Page 31: Reconnecting To The Web-Based Manager
As an alternative to the web-based manager or setup wizard you can begin the initial configuration of the freeGuard 100 using the command line interface (CLI). To connect to the CLI, see “Connecting to the command line interface (CLI)”. Use the information that you gathered in Table 9 to complete the following procedures. - Page 32 Welcome ! 4. Confirm that the freeGuard 100 has switched to Transparent mode. Enter: get system status The CLI displays the status of the freeGuard 100 including the following line of text: Operation mode: Transparent To configure the management IP address: Make sure that you are logged into the CLI.
-
Page 33: Using The Setup Wizard
From the web-based manager, you can use the setup wizard to begin the initial configuration of the freeGuard 100. The first time you connect to the freeGuard 100, it is configured to run in NAT/Route mode. To switch to Transparent mode using the web-based manager: 1. -
Page 34: Next Steps
For effective scheduling and logging, the freeGuard 100 system date and time must be accurate. You can either manually set the system date and time or configure the freeGuard 100 to automatically keep its time correct by synchronizing with a Network Time Protocol (NTP) - Page 35 2. Select Synchronize with NTP Server to configure the freeGuard 100 to use NTP to automatically set the system time and date. 3. Enter the IP address or domain name of the NTP server that the freeGuard 100 can use to set its time and date.
-
Page 37: High Availability Installation
5.2 Configuring freeGuard 100s for HA operation A freeGuard 100 HA cluster consists of two or more freeGuard 100s with the same HA configuration. This section describes how to configure each of the freeGuard 100s to be added to a cluster for HA operation. - Page 38 128. Set the unit priority to a higher value if you want the freeGuard 100 to be the primary cluster unit. Set the unit priority to a lower value if you want the freeGuard 100 to be a subordinate unit in the cluster. If all units have the same priority, the freeGuard 100 with the highest serial number becomes the primary cluster unit.
- Page 39 5.2.2 Configuring freeGuard 100s for HA using the web-based manager Use the following procedure to configure each freeGuard 100 for HA operation. To change the freeGuard 100 host name: Changing the host name is optional, but you can use host names to identify individual cluster units.
- Page 40 The freeGuard 100 negotiates to establish an HA cluster. When you select apply you may temporarily lose connectivity with the freeGuard 100 as the negotiation takes place. 10. If you are configuring a NAT/Route mode cluster, power off the freeGuard 100 and then repeat this procedure for all the freeGuard 100s in the cluster.
- Page 41 | weight-round-robin} The freeGuard 100 negotiates to establish an HA cluster. 2. If you are configuring a NAT/Route mode cluster, power off the freeGuard 100 and then repeat this procedure for all the freeGuard 100s in the cluster. 3. If you are configuring a Transparent mode cluster, switch the freeGuard 100 to Transparent mode.
- Page 42 5.4 Installing and configuring the cluster When negotiation is complete you can configure the cluster as if it was a single freeGuard 100. • If you are installing a NAT/Route mode cluster, use the information in “NAT/Route mode installation”...
- Page 43 The only configuration settings that are not synchronized are the HA configuration (except for the interface heartbeat device and monitoring configuration) and the freeGuard 100 host name. For more information about configuring a cluster, see the freeGuard 100 Administration Guide.
Need help?
Do you have a question about the freeGuard 100 and is the answer not in the manual?
Questions and answers