1. Manuals
  2. Brands
  3. Stonesoft Manuals
  4. Firewall
  5. StoneGate FW-5000 Series
  6. Appliance installation manual

Stonesoft StoneGate FW-5000 Series Appliance Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

FW-5000 Series
Appliance Installation Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the StoneGate FW-5000 Series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Stonesoft StoneGate FW-5000 Series

Summary of Contents for Stonesoft StoneGate FW-5000 Series

  • Page 1 FW-5000 Series Appliance Installation Guide...
  • Page 2 European Council Regulation (EC) N:o 1334/2000 of 22 June 2000 setting up a Community regime for the control of exports of dual-use items and technology (as amended). Thus, the export of this Stonesoft software in any manner is restricted and requires a license by the relevant authorities.

  • Page 3: Table Of Contents

    Documentation (page 4) for information on other available documentation. The use of the appliance is subject to the acceptance of the End User License Agreement, which can be found at the Stonesoft website. C on t ent s Installation Procedure ....4 Product Documentation ....

  • Page 4: Installation Procedure

    Press F1 in any Management Client window to view the Online Help. All PDF guides are available: • On the Management Center CD-ROM (in the Documentation folder) • At the Stonesoft website at http://www.stonesoft.com/en/support/ technical_support_and_documents/manuals/ Install the free Adobe Reader program to view the PDF documents (available at www.adobe.com/reader/).

  • Page 5: Safety Precautions

    S a f e t y P r e c a u t i o n s The following safety information and procedures should be followed whenever working with electronic equipment. Electrical Safety Precautions Basic electrical safety precautions should be followed to protect yourself from harm and the appliance from damage: •...
  • Page 6 General Safety Precautions Follow these rules to ensure general safety: • Keep the area around the appliance clean and free of clutter. • The appliance weighs approximately 27 kg (60 lbs.) when fully loaded. When lifting the appliance, two people at either end should lift slowly with their feet spread out to distribute the weight.

  • Page 7: Unpacking The Appliance

    Operating and Storage Temperatures The allowed operating temperature of the appliance is +10...+35ºC. The allowed storage temperature is -40...+70ºC. Do not operate or store the appliance in temperatures outside these limits. Lithium Battery Precautions Caution – The battery must be replaced by authorized service personnel only.

  • Page 8: Front Panel

    F r o n t P a n e l Front Panel With Cover Power Indicator Front Panel Under the Cover LED Indicators Buttons CD-ROM Drive USB Ports SCA Hard Drives The front panel has SCA hard drives, a CD-ROM drive, and two USB ports.
  • Page 9 Front Panel Indicators The front panel has six LED indicators in the upper right corner. The LEDs provide you with critical information related to different parts of the system. Table 1 Front Panel LEDs Indicates that there is no power being supplied to a redundant power supply or that a power supply is not operating correctly.
  • Page 10 Front Panel Buttons There are three push-buttons in the upper right corner of the front panel. Do not press them if the appliance is online (processing traffic) and operating normally. Table 2 Front panel buttons This button is not currently used. This is the reset button, which reboots the system.

  • Page 11: Rack-Mounting

    R a c k - M o u n t i n g There are a variety of rack units on the market, so the assembly procedure may differ slightly from what is instructed in this guide. Refer to the instructions that came with the rack unit you are using. The rail assemblies supplied with the appliance are designed for rack depths from 28 to 33 inches.
  • Page 12 Device precautions • Review the electrical and general safety precautions in Safety Precautions (page 5). • Determine the placement of each component in the rack before you install the rails. • Install the heaviest device components on the bottom of the rack first, and then work up.
  • Page 13 Installing the Appliance into a Rack Follow the instructions in this section and the precautions laid out in the previous sections above to install the StoneGate appliance into a rack. Also, refer to the documentation that came with the rack. The appliance package includes one pair of rack rail assemblies.
  • Page 14 To attach the inner rails to the appliance Locate the five rail buttons on each side of the appliance and the five corresponding holes on the inner rails. Align the larger end of each hole against its corresponding button. Once all are aligned, push the holes toward their corresponding buttons.
  • Page 15 Repeat steps 1-4 to attach the other inner rail. After you have installed the inner rails on the appliance, you are ready to install the outer rails of rail assemblies to the rack. To attach the outer rails to the rack Find the front and rear rack brackets in the package.
  • Page 16 To install the appliance into the rack Line up the rear of the inner rails with the front of the outer rails. Slide the inner rails into the outer rails, keeping the pressure even on both sides (you may have to depress the locking tabs when inserting).

  • Page 17: Connecting The Cables

    C o n n e c t i n g t h e C a b l e s Connect the cables after installing the appliance into the rack. AC Power Two USB Ports Connectors Serial Port PS/2 Mouse VGA Port Ethernet Ports and Keyboard Connecting Management Cables...

  • Page 18: Connecting Network Cables

    Connecting Network Cables To connect the network cables Connect the network cables to the ethernet ports. • The ethernet ports are mapped to Interface IDs during the initial configuration. • The number of ports and their numbering varies between different models within this model range. Check the numbering of the ports on the back panel and in Ethernet Port Numbering (page 36).

  • Page 19: Initial Configuration

    I n i t i a l C o n f i g u r a t i o n Your StoneGate appliance comes pre-loaded with StoneGate engine software. However, before a policy can be loaded on the appliance, you must configure some permanent and some temporary network settings.
  • Page 20 A boot menu is shown. Select the Switch to serial console option. The firewall boots up with the serial console activated. • The keyboard and display console is now inactive and must be activated in a similar way before you can use it. •...
  • Page 21 If the Automatic Configuration Fails • If the automatic configuration fails, and you do not have a display connected, you can check for the reason in the log (sg_autoconfig.log) written on the USB stick. • If you see a “connection refused” error message, ensure that the Management Server IP address is reachable from the engine and check the IP addresses you have defined in the Management Client.
  • Page 22 Highlight the correct layout and press E NTER Tip: Type in the first letter to move forward more quickly in the list of keyboard layouts. Note – If the desired keyboard layout is not available, use the best- matching available layout, or select US_English. To set the engine’s timezone Highlight the entry field for Local Timezone using the arrow keys and press E...
  • Page 23 To set the rest of the OS settings Type in the name of the firewall. Type in the password for the user root. This is the only account for engine command line access. (Optional) Highlight Enable SSH Daemon and press the spacebar on your keyboard to select the option and allow remote access to engine command line using SSH.
  • Page 24 Configuring the Network Interfaces The configuration utility can automatically detect which network cards are in use. You can also add interfaces manually, if necessary. To add the network interfaces Highlight Autodetect and press E NTER Check that the automatically detected drivers are correct and that all interfaces have been detected.
  • Page 25 Contacting the Management Server The Prepare for Management Contact window opens. If the initial configuration was imported in the configuration wizard, most of this information is filled in. This task has two parts. First, you activate an initial configuration on the firewall.
  • Page 26 To fill in the Management Server information Highlight Contact Management Server and press spacebar to activate. Fill in the Management Server IP address and the one-time password that was created for this engine when you saved the initial configuration. • If you do not have a one-time password for this firewall, see the Firewall/VPN Installation Guide for instructions on how to save an initial configuration.

  • Page 27: Command-Line Management

    After Successful Management Server Contact After you see a notification that Management Server contact has succeeded or the appliance has rebooted itself after configuration with a USB stick, the firewall engine installation is complete and the firewall is ready to receive a policy. In a while, the firewall’s status changes in the Management Client from Unknown to No Policy Installed, and the connection state is Connected indicating that the Management Server can connect to the node.

  • Page 28: Maintenance Operations

    M a i n t e n a n c e O p e r a t i o n s Common maintenance operations for this StoneGate appliance are described below. Note – The only user-serviceable units are the hard drives, fans, and power supply units.
  • Page 29 Installing SCA Hard Drives You can install an SCA (Single Connector Attachment) hard drive into the StoneGate appliance. An SCA hard drive includes a power connection and has long and short pins. To install the SCA hard drive, you need to first remove the drive tray from the appliance.
  • Page 30 Configuring the Hard Drive with RAID If you have changed one of the appliance’s hard drives, you can use the RAID (Redundant Array of Independent Disks) tool to configure the new hard drive. To configure the hard drive with RAID Connect the serial cable supplied with the appliance to the serial port on the appliance and to a computer.
  • Page 31 Replacing Hot Swap Power Supply Modules Caution – Unplug the power cord from the power supply module before removing the power supply module from the appliance. To replace power supply modules Locate the release tab on the left side of the power supply. Push the release tab to the right to release the power supply from its locking position.
  • Page 32 Replacing Appliance Fans Before replacing appliance fans, you must first open the appliance’s top cover. To replace appliance fans Press the release tabs to release the cover from its locking position. Push the cover toward the rear of the appliance and slide it out from the appliance.
  • Page 33 Press the release tab located on the left side of the appliance fan to release the fan from its locking position. Fan 6 Fan 5 Fan 4 Fan 3 Fan 2 Fan 1 Remove the fan from the appliance and replace with a new one. Note –...
  • Page 34 Reverting to Previously Installed Software Version This procedure allows you to undo a software upgrade. The appliance has two working partitions. One is designated as active and the other as inactive. The inactive partition is used for upgrades and the status is switched between the partitions when the upgrade is ready to be activated.
  • Page 35 Switch Firewall Node to Initial Configuration option. Note – Perform a factory reset only if you have a specific need to do so. Consult Stonesoft Support before performing this operation if you are unsure of whether this operation is necessary or not.

  • Page 36: Ethernet Port Numbering

    E t h e r n e t P o r t N u m b e r i n g The number of Ethernet ports and their numbering varies between different models within this model range. The tables below show the port numbering for each model.
  • Page 37 Table 5 Ports on FW-5000F2 Mother- Slot Slot Slot Slot Slot Slot board Table 6 Ports on FW-5000F3 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 38 Table 7 Ports on FW-5000F4 Mother- Slot Slot Slot Slot Slot Slot board Table 8 Ports on FW-5000L Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 39 Table 9 Ports on FW-5000LF1 Mother- Slot Slot Slot Slot Slot Slot board Table 10 Ports on FW-5000LF2 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 40 Table 11 Ports on FW-5100 Mother- Slot Slot Slot Slot Slot Slot board Table 12 Ports on FW-5100G1 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 41 Table 13 Ports on FW-5100G2 Mother- Slot Slot Slot Slot Slot Slot board Table 14 Ports on FW-5100F1 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 42 Table 15 Ports on FW-5100F2 Mother- Slot Slot Slot Slot Slot Slot board Table 16 Ports on FW-5100F3 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...
  • Page 43 Table 17 Ports on FW-5100F4 Mother- Slot Slot Slot Slot Slot Slot board Ethernet Port Numbering...

  • Page 44: Port Indicators

    P o r t I n d i c a t o r s The port LED indicators provide information on the activity and link status of the ports. The LED indicators, their labels, and status colors vary between appliance models and NIC types. The port LED Indicators for different ports and NICs are presented below.
  • Page 45 Gigabit Copper NIC LINK/ACT, 100, and 1000 LEDS Table 19 LEDs in Gigabit Copper NIC Indicator Status Explanation LINK/ACT Green Link ok. Blinks on activity. Green Speed is 100 Mbps. 1000 Green Speed is 1 Gbps. Port Indicators...
  • Page 46 Gigabit Copper NIC ACT/LINK 10/100/1000 Table 20 LEDs in Gigabit Copper NIC Indicator Status Explanation ACT/LINK Green Link ok. Blinks on activity. 10/100/1000 Unlit Speed is 10 Mbps. 10/100/1000 Green Speed is 100 Mbps. 10/100/1000 Orange Speed is 1 Gbps. Port Indicators...
  • Page 47 Gigabit Copper NIC ACT/LINK 10/100/1000 Table 21 LEDs in Gigabit Copper NIC Indicator Status Explanation ACT/LINK Green Link ok. Blinks on activity. 10/100/1000 Unlit Speed is 10 Mbps. 10/100/1000 Green Speed is 100 Mbps. 10/100/1000 Yellow Speed is 1 Gbps. Port Indicators...
  • Page 48 Gigabit Fiber NIC ACT/LNK Table 22 LEDs in Gigabit Fiber NIC Indicator Status Explanation ACT/LNK Link ok. Blinks on activity. Port Indicators...
  • Page 49 Gigabit Fiber NIC Table 23 Gigabit Fiber NIC Indicator Status Explanation Green Blinks on activity. Green Link ok. Port Indicators...

  • Page 50: Disposal Instructions

    10 Gigabit Fiber NIC ACT/LINK Table 24 LEDs in 10 Gigabit Fiber NIC Indicator Status Explanation ACT/LINK Link ok. Blinks on activity. D i s p o s a l I n s t r u c t i o n s Dispose of the appliance separately from household waste at an appropriate waste disposal facility at the end of its useful service life.
  • Page 51 Itälahdenkatu 22 A 1050 Crown Pointe Parkway Fl-0021O Helsinki, Finland Suite 900 tel. +358 9 4767 11 Atlanta, GA 30338, USA fax. +358 9 4767 1349 tel. +1 866 869 4075 www.stonesoft.com fax. +1 770 668 1131 Copyright 2010 Stonesoft Corporation.

Table of Contents