1. Manuals
  2. Brands
  3. Stonesoft Manuals
  4. Firewall
  5. StoneGate FW-1020
  6. Appliance installation manual

Stonesoft StoneGate FW-1020 Appliance Installation Manual

Firewall/vpn
Hide thumbs

Advertisement

Table of Contents

SMC
FW
IPS
SSL VPN
VPN
StoneGate FW-1020/1050/1200
Appliance Installation Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the StoneGate FW-1020 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Stonesoft StoneGate FW-1020

Summary of Contents for Stonesoft StoneGate FW-1020

  • Page 1 SSL VPN StoneGate FW-1020/1050/1200 Appliance Installation Guide...

  • Page 2: Legal Information

    6,912,200; 6,996,573; 7,099,284; 7,127,739; 7,130,266; 7,130,305; 7,146,421; 7,162,737, 7,234,166, 7,260,843, 7,280,540; 7,302,480, 7,386,525 and 7,406,534; and may be protected by other EU, US, or other patents, or pending applications. Stonesoft, the Stonesoft logo and StoneGate, are all trademarks or registered trademarks of Stonesoft Corporation.

  • Page 3: Table Of Contents

    The use of the appliance is subject to the acceptance of the End User License Agreement, which can be found at the Stonesoft website. You must have a working Management Center on a separate server to bring the appliance(s) operational. The system architecture is explained on the next page.

  • Page 4: Getting Started

    FW-1020, FW-1050, or FW-1200 appliance). 5. Licenses for each component except the Management Client(s). Generate appliance licenses at the Stonesoft website with the POS (proof-of-serial-number) code attached to the appliance. The Monitoring Server and the Monitoring Client are optional components that are available on separate order.

  • Page 5: Installation Procedure

    Press F1 while in any Management Client window to view the online help. All PDF guides are available: • On the Management Center CD-ROM (in the Documentation folder) • At the Stonesoft Website at http://www.stonesoft.com/en/support/ technical_support_and_documents/manuals/. Install the free Adobe Reader program to view the PDF documents (available at www.adobe.com/reader/).

  • Page 6: Safety Precautions

    S a f e t y P r e c a u t i o n s The following safety information and procedures must be followed whenever working with electronic equipment. However, please be advised that StoneGate Appliances are not end-user serviceable, and you must never open the appliance covers for any reason.

  • Page 7: Esd Precautions

    ESD Precautions Electrostatic discharge (ESD) is generated by two objects with different electrical charges coming into contact with each other. An electrical discharge is created to neutralize this difference, which can damage electronic components and printed circuit boards. Use a grounded wrist strap designed to prevent static discharge.

  • Page 8: Front Panel

    Fr o n t P a n e l Illustration 2 Front Panel Power Indicator button Lights Reset Connectors for Six or eight ethernet ports button system administration Note – Standby power is supplied to the system even when the appliance is turned off.
  • Page 9 Table 1 Front Panel Indicators (Continued) Indicator Explanation Indicates traffic on eth 0 (identically to the corresponding LED in the port). Indicates traffic on eth 1 (identically to the corresponding LED in the port). Indicates an overheat condition in the appliance. This may be caused by cables obstructing the airflow in the system or the ambient room temperature being too warm.

  • Page 10: Unpacking The Appliance

    Inspect the box the appliance was shipped in and note if it was damaged in any way. If the appliance itself shows damage, file a damage claim with the carrier who delivered it. Confirm that the Stonesoft anti- tamper tape on the appliance is intact.
  • Page 11 • Always make sure the rack is stable before extending a component from the rack. • Extend only one component at a time—extending two or more simultaneously may cause the rack to become unstable. Device Precautions Caution – Never open the appliance covers! There are no user serviceable parts inside.
  • Page 12 Installing the Appliance into a Rack This section provides information on installing the StoneGate appliance into a rack unit. There are a variety of rack units on the market, so the assembly procedure may differ slightly from what is instructed. Refer to the instructions that came with the rack unit you are using.
  • Page 13 Locking Tabs: As you have seen, both rails have a locking tab, which serves two functions. • To lock the appliance into place when installed and pushed fully into the rack, which is its normal position. • To lock the appliance in place when fully extended from the rack to prevent the appliance from coming completely out of the rack when you pull it out for servicing.
  • Page 14 4. Attach the other assembly to the other side of the rack, making sure both are at the exact same height and with the rail guides facing inward. You should now have rails attached to both the appliance and the rack unit.
  • Page 15 3. Attach the front (short) bracket to the front end of the rack and secure it to the rack with two screws and two washers. See Illustration Illustration 6 Attaching Front Bracket to Two-Post Telco Rack 4. Attach the rear (long) bracket to the rear end of the rack, and secure it to the rack with two screws and two washers.
  • Page 16 5. Repeat steps 2-4 to install the other outer rail to the other side of the rack. To install the appliance into the two-post Telco rack 1. Measure the depth of your rack and adjust the length of the rails accordingly.
  • Page 17 Illustration 9 Installing the Appliance into the Two-Post Telco Rack 5. Finish by inserting and tightening the thumbscrews that hold the front of the appliance to the rack. Proceed to Connecting the Cables, on page 18. Rack-Mounting...

  • Page 18: Connecting The Cables

    C o n n e c t i n g t h e C a ble s Illustration 10 Front Panel Serial port VGA monitor PS/2 keyboard Two USB ports Six or eight ethernet ports To connect the cables 1. Choose one of the following: •...

  • Page 19: Initial Configuration

    I n i t i a l C o n fi g u r a t i o n To start using the appliance, you must activate the network interfaces and establish a secure connection to the Management Server as outlined in the sections below.
  • Page 20 4. Press a key on your keyboard when you see “Press any key”. The message is shown four times. If you do not press a key within this time, the serial console remains inactive and you must reboot the appliance to try again. 5.
  • Page 21 If you configure the engine with a USB stick, you must set a password for the root account in the Management Client to enable command line access to the engine. If you want to allow remote access to the engine using SSH, enable the SSH daemon for the engine in the Management Client.
  • Page 22 To select the configuration method To import a saved configuration, highlight Import using the arrow keys and press E NTER To skip the import, highlight Next and press E NTER To set the keyboard layout 1. Highlight the entry field for Keyboard Layout using the arrow keys and press .
  • Page 23 To set the engine’s timezone 1. Highlight the entry field for Local Timezone using the arrow keys and press E NTER 2. Select the correct timezone in the dialog that opens. Note – The timezone setting affects only the way the time is displayed on the engine command line.
  • Page 24 Configuring the Network Interfaces The configuration utility can automatically detect which network cards are in use. You can also add interfaces manually, if necessary. To add the network interfaces Highlight Autodetect and press E NTER Check that the automatically detected drivers are correct and that all interfaces have been detected.
  • Page 25 Contacting the Management Server The Prepare for Management Contact window opens. If the initial configuration was imported, most of this information is filled in. This task has two parts. First, you activate an initial configuration on the firewall. • The initial configuration contains the information that the engine needs to connect to the Management Server for the first time.
  • Page 26 To fill in the Management Server information 1. Highlight Contact Management Server and press spacebar to activate. 2. Fill in the Management Server IP address and the one-time password that was created for this engine when you saved the initial configuration.
  • Page 27 After Successful Management Server Contact After you see a notification that Management Server contact has succeeded or the appliance has rebooted itself after automatic configuration with a USB stick, the firewall engine installation is complete and the firewall is ready to receive a policy. In a while, the firewall’s status changes in the Management Client from Unknown to No Policy Installed, and the connection state is Connected indicating that the Management Server can connect to the node.

  • Page 28: Command-Line Management

    C o m m a n d - L i n e M a n a g e m e n t To permanently activate the serial console 1. Login to the command line (using SSH, keyboard and display, or a serial connection) as user Root with the password you have set for the appliance.
  • Page 29 Switch Firewall Node to Initial Configuration option. Note – Perform a factory reset only if you have a specific need to do so. Consult Stonesoft Support before performing this operation if you are unsure of whether this operation is necessary or not.
  • Page 30 6. Type 1 and press Enter to clear the settings. A confirmation prompt is shown. 7. Type YES and press Enter to perform the reset. If you decide to cancel the operation, type NO and press Enter. Caution – Do not unplug the power from the appliance or interrupt the reset in any way.

  • Page 31: Appendix: Port Indicators

    A p p e n d i x : Po r t I n d i c a t o r s The port indicators provide information on activity and link status. The indicators, their labels, and colors vary between different appliance models and port types.
  • Page 32 Table 4 Three Indicators per Copper Port in FW-1050 or FW-1200 Indicator Status Explanation Link Activity Blinking green Link ok, activity. 100 Mbits/s Green Speed is 100 Mbps. 1000 Mbits/s Green Speed is 1000 Mbps. Table 5 Two Indicators per Copper Port in FW-1050 or FW-1200 Indicator Status Explanation...
  • Page 33 Table 7 One Indicator per Fiber Port in FW-1200 Indicator Status Explanation ACT/LNK Link ok. ACT/LNK Unlit No link. Appendix: Port Indicators...
  • Page 34 Suite 900 Finland Atlanta, GA 30338 USA tel. +358 9 4767 11 tel. +1 770 6681 125 fax. +358 9 4767 1234 fax. +1 770 6681 131 Copyright 2008 Stonesoft Corporation. All rights Reserved. All specifications are subject to change.

This manual is also suitable for:

Stonegate fw-1050Stonegate fw-1200

Table of Contents