manualshive.com logo in svg

Stonesoft SSL-1030, Appliance Installation Manual

The Stonesoft SSL-1030 appliance installation manual is available for download absolutely free from our website. This comprehensive manual provides the necessary guidance for hassle-free installation, ensuring seamless integration of this powerful SSL solution into your network.

Share
Download
background image

Configuring the Appliance 

23

Configuring Routing

To configure routing

1.

In the SSL VPN Web Console, under the 

Networking

 category in 

the menu on the left, select 

Network Configuration

.

2.

On the right, click 

Routing and Gateways

. The Routing page 

opens.

3.

Define the 

Default Router

 in one of the following ways:

Select 

None (or from DHCP)

 if the IP address of the default 

gateway is dynamically assigned.

Select 

Gateway

 and enter the IP address of your gateway.

4.

Select the interface through which the gateway 

Device

 is reached.

5.

(

Optional

) Configure the following settings to define 

Static Routes

 

through a next-hop gateway (such as a router), and/or 

Local Routes

 

to devices that are connected directly (such as through a hub or 

directly through a crossover cable):

Interface

: Enter the name of the interface used by the route.

Network

: Enter the IP address of the network to which the route 

belongs.

Netmask

: Enter the Netmask.

Gateway

: (

Static Routes only

) Enter the IP address of the next-

hop gateway through which outgoing traffic is routed.

6.

Click 

Save

.

7.

Click 

Return to Network Configuration

. You are returned to the 

Network Configuration page.

8.

Click 

Apply Configuration

. The routes added in the 

Routing 

configuration activated at boot time

 section are activated.

Summary of Contents for SSL-1030

Page 1: ...Appliance Installation Guide SSL 1030 and SSL 1060 ...

Page 2: ...tenance services for the products described in these materials are provided pursuant to the general terms for support and maintenance services and the related service description which can be found at the Stonesoft website www stonesoft com en customer_care support Replacement Service The instructions for replacement service can be found at the Stonesoft website www stonesoft com en customer_care ...

Page 3: ...can be found at the Stonesoft web site Contents Installation Procedure 4 Product Documentation 4 Safety Precautions 4 Unpacking the Appliance 6 Front Panel 7 Rack Mounting 9 Connecting the Cables 13 Configuring the Appliance 15 Managing the Appliance 33 Maintenance Operations 35 Disposal Instructions 37 Caution Never open the covers of the appliance There are no user serviceable parts inside Openi...

Page 4: ...ollowed whenever working with the Stonesoft appliance However be advised that Stonesoft appliances are not end user serviceable and you must never open the appliance covers for any reason Doing so may lead to serious injury and will void any hardware warranty that may be associated with your appliance Electrical Safety Precautions Basic electrical safety precautions should be followed to protect y...

Page 5: ... can damage electronic components and printed circuit boards Use a grounded wrist strap designed to prevent static discharge Operating Precautions Care must be taken to assure that the appliance s cover is in place when the appliance is operating to ensure proper cooling If this rule is not strictly followed the warranty may become void Operating and Storage Temperatures The allowed operating temp...

Page 6: ...liance Inspect the box that the appliance was shipped in and note if the box is damaged in any way If the appliance itself shows any damage file a damage claim with the carrier who delivered the appliance Caution Do not change the battery the battery must be replaced by authorized service personnel only Danger of explosion if battery is incorrectly replaced Replacement battery must be same or equi...

Page 7: ...system even when the appliance is turned off Table 1 Power and Disk Activity Indicators Indicator Status Explanation Power Blue Indicates power is being supplied to the system s power supply unit This LED is illuminated when the system is operating normally Disk Activity Red Indicates hard drive activity when flashing Power and disk activity indicators Port indicators Rack mounting brackets Power ...

Page 8: ...anel Table 2 Indicators for Fixed Ports Indicator Status Explanation Activity Unlit No link Amber Link ok Link Unlit Speed is 10 Mbps Green Speed is 100 Mbps Orange Speed is 1 Gbps Activity Link AC power connector Power on off switch ...

Page 9: ...enable you to open the front door completely 63 cm 25 inches Leave enough clearance in the back of the rack to allow for sufficient airflow and ease in servicing 76 cm 30 inches Rack Precautions Ensure that the leveling jacks on the bottom of the rack are fully extended to the floor with the full weight of the rack resting on them In single rack installation attach stabilizers to the rack In multi...

Page 10: ...st provide sufficient airflow to the appliance for proper cooling Installing the Appliance Into a Rack This section provides information on installing the appliance into a rack unit There are a variety of rack units on the market so the assembly procedure may differ slightly from what is instructed If necessary refer to the instructions that came with the rack unit you are using If you are install...

Page 11: ...must move the rack mounting brackets into the correct position on the side of the appliance before attaching the rack mounting brackets to the rack To install the appliance into a two post Telco rack 1 Remove the six 6 screws on the side of the appliance to detach the rack mounting bracket from the appliance You can optionally also remove the lifting handle from the bracket by removing the screws ...

Page 12: ... through the holes in the front of the bracket one screw through the top hole and another through the bottom hole in the bracket see the front panel illustration for the location of the holes Proceed to Connecting the Cables page 13 Caution You must use two screws to attach each rack mounting bracket to the rack Using only a single screw for each bracket does not provide sufficient support and may...

Page 13: ...etwork 192 168 100 0 24 See Configuring the Appliance page 15 for information on how to connect to and configure the appliance The administration port s IP address is active only when a network cable is plugged into the port If you want to manage the appliance remotely we recommend that you set up access through the Application Portal in the same way as other services that the appliance offers to ...

Page 14: ...d at gigabit speeds Connecting the Appliance to the Power Supply To connect the appliance to the power supply 1 Connect the power cable to the AC power connector on the back of the appliance 2 Plug the power cord into a grounded high quality power strip that offers protection from electrical noise and power surges We highly recommend using an uninterruptible power supply UPS to ensure continuous o...

Page 15: ...efault settings for the appliance in the Engine Configuration Wizard To start the Engine Configuration Wizard 1 Connect the appliance to a computer using the serial cable supplied with the appliance 2 On the computer open a terminal with the following settings 9600 bps 8 databits 1 stopbit no parity 3 Turn on the appliance using the power on off switch The engine bootup process is shown in the con...

Page 16: ...field for Local Timezone using the arrow keys and press Enter 2 Select the correct timezone in the dialog that opens Note If the desired keyboard layout is not available use the best matching available layout or select US_English Note The timezone setting affects only the way the time is displayed on the engine command line The actual operation always uses UTC time 2 1 ...

Page 17: ...e IP Netmask The default IP address of the SSL VPN Web Console is 192 168 100 1 4 Optional Enter the Web Console IP Default Gateway IP address through which outgoing traffic is routed 5 Optional Highlight Enable SSH Daemon and press the spacebar to allow remote access to engine command line using SSH Note Changing the password for the admin user in the Engine Configuration Wizard sets the same pas...

Page 18: ...ttps Web Console IP Address 10000 The SSL VPN Web Console login page opens If you did not change the SSL VPN Web Console IP address in the Engine Configuration Wizard the address is the default SSL VPN Web Console address https 192 168 100 1 10000 2 Log in By default the username is admin and the password is Pass1234 If you changed the SSL VPN Web Console and SSL VPN Administrator admin password i...

Page 19: ...Web Console and the SSL VPN Administrator 1 In the SSL VPN Web Console expand System in the menu on the left and select Admin Password 2 Enter a new password in both fields on the right and click Change Note If you have previously set a different password for the admin user in the SSL VPN Administrator you must set the SSL VPN Administrator admin password again after changing the admin password in...

Page 20: ...stem Time section and click Apply 4 Synchronize the times by clicking Copy from system time Configuring Interfaces You must add at least one interface in addition to the management port to offer services to your users a typical configuration requires two or more additional interfaces If you plan to create a pair of mirrored appliances we recommend using port eth1 on the appliances back panel for c...

Page 21: ...ick Network Interfaces 3 Under Interfaces Activated at Boot Time click Add a new interface above or below the interface table 4 Enter the Name for the interface 5 Select how the IP address is assigned for the interface From DHCP From BOOTP Static enter the fixed IP Address 6 Static IP address only Enter the Netmask and Broadcast addresses 7 Select whether to Activate at Boot 2 1 3 7 ...

Page 22: ...tional IP addresses to the interface To add additional IP addresses to an interface 1 Click the interface name in the Interfaces Activated at Boot Time table The interface opens for editing 2 Click Add Virtual Interface 3 Enter the Name for the interface 4 Enter the IP Address for the interface 5 Enter the Netmask and Broadcast addresses 6 Select whether to Activate at Boot The typical setting for...

Page 23: ...Optional Configure the following settings to define Static Routes through a next hop gateway such as a router and or Local Routes to devices that are connected directly such as through a hub or directly through a crossover cable Interface Enter the name of the interface used by the route Network Enter the IP address of the network to which the route belongs Netmask Enter the Netmask Gateway Static...

Page 24: ...s 1 Click Routing and Gateways The Routing page opens 2 Configure the following settings in the Create Active Route section Route Destination Select whether the route uses the Default Route for the selected interface or enter the IP address of the network to which the route belongs Netmask for Destination Select whether the route uses the Default Netmask for the selected interface or enter the net...

Page 25: ...g a Certificate Request Authentication in SSL is based on certificates as the proof of identity The appliance contains a factory installed certificate that allows testing in a closed network without the need to install an actual working certificate on the appliance When installing the appliance for other use you must always generate a working certificate The following procedure explains how to gen...

Page 26: ...and line and run the makecsr script that was extracted from the archive 5 Fill in the required details Information on creating a certificate signing request can be found in the SSL VPN Administrator s Guide The following files are generated server csr the certificate request file that is used to generate the actual certificate private pk8 the private certificate key that you must import to the SSL...

Page 27: ...it to the SSL VPN Administrator and activate it for the Administration Service and Access Point See Logging in to the SSL VPN Administrator and Importing Certificate Keys and Certificates page 30 Logging in to the SSL VPN Administrator The SSL VPN Administrator is used to set up and manage the SSL VPN features To log in to the SSL VPN Administrator 1 Click Log on on the left under the title Stones...

Page 28: ... Administrator Password section 4 Optional Deselect Enable Password Policy if you do not want to require the password to meet specific security requirements 5 Enter the Current Password 6 Enter and confirm a secure New Password 7 Click Save After changing the admin password import your license and the working certificate Note If you change the password for the admin user in the SSL VPN Web Console...

Page 29: ...t as well See the Stonesoft Administrator s Guide or the Online Help of the Management Client for more information To import a license 1 After you log in and change your password select License in the menu on the left 2 On the right scroll down to the end of the license information page displaying details of the temporary factory installed license 3 Click the Browse button next to the License File...

Page 30: ...r To import a certificate key and certificate 1 In the SSL VPN Administrator switch to the Manage System section at the top menu 2 Select Certificates in the menu on the left The Manage Certificates page opens 3 Click Add Server Certificate Note If your certificate is a bundled certificate which may contain intermediate certificates you must split the certificate before adding it to the SSL VPN Ad...

Page 31: ...liance 31 4 Select Access Points in the menu on the left 5 Click Access Point under the title Registered Access Points 6 Select the Server Certificate from the list 7 Scroll to the bottom of the page and click Save 4 5 6 ...

Page 32: ...ntrolled with access rules based on user groups 3 Defining access rules for allowing access to the services on the appliance 4 Defining the services you want to offer In addition to other services you can also configure the SSL VPN Web Console and the SSL VPN Administrator to be accessible remotely through the Application Portal After configuring the administrator accounts user accounts and servic...

Page 33: ...eft and select Root Password 3 On the right type in and confirm the command line password for the account root The root account is always the only account for command line access 4 Optional To enable SSH on the appliance first select Services in the menu on the left and then select the Enable SSH daemon option under Access Control on the right Connecting to Engine Command Line Once you have enable...

Page 34: ...ss Point or locally through the management port eth0 at the address https Web Console IP Address 10000 For detailed instructions for establishing the local connection see Logging in to the SSL VPN Web Console page 18 2 Information on the software version and system status is displayed on the right If you navigate away from this view you can return by selecting System Information in the menu on the...

Page 35: ...ow or through the SSL VPN Web Console as described in Enabling Command Line Access page 33 To change the root password in the Engine Configuration Wizard 1 Connect to the engine command line as described in Connecting to Engine Command Line page 33 2 Issue the command sg reconfigure The Engine Configuration Wizard starts 3 Highlight the entry field for Root Password Has Been Set and press Enter 4 ...

Page 36: ...he appliance s front panel and to a computer 2 On the computer open a terminal with the following settings 9600 bps 8 databits 1 stopbit no parity 3 Re start the appliance If the appliance is powered on press Enter log in with username root and the password you set through the SSL VPN Web Console see Enabling Command Line Access page 33 and issue command reboot 4 Wait until a list of the appliance...

Page 37: ...ngs A confirmation prompt is shown 8 Type YES and press Enter to perform the reset If you decide to cancel the operation type NO and press Enter To use the appliance after a factory reset you must configure it as explained in Configuring the Appliance page 15 Disposal Instructions Dispose of the appliance separately from household waste at an appropriate waste disposal facility at the end of its u...

Page 38: ... documentation See inside for further details All documentation and our technical knowledge base is available at www stonesoft com support Copyright 2013 Stonesoft Corporation Stonesoft Inc Americas Headquarters 1050 Crown Pointe Parkway Suite 900 Atlanta GA 30338 USA tel 1 866 869 4075 fax 1 770 668 1131 Stonesoft Corporation International Headquarters Itälahdenkatu 22 A Fl 0021O Helsinki Finland...

Reviews:

No comments

Related manuals for SSL-1030

Beijer Electronics Korenix JetWave 2310 Series Quick Installation Manual preview
Korenix JetWave 2310 Series
Brand: Beijer Electronics Pages: 2
RTA 460ECTCP-NNA4 Product User Manual preview
460ECTCP-NNA4
Brand: RTA Pages: 81
Kenwood NEXEDGE NX-700 series Specifications preview
NEXEDGE NX-700 series
Brand: Kenwood Pages: 3
Ursalink UR75 Edge User Manual preview
UR75 Edge
Brand: Ursalink Pages: 169
IOGear GWA501 Manual preview
GWA501
Brand: IOGear Pages: 2
Planet WPG-210N User Manual preview
WPG-210N
Brand: Planet Pages: 62
KMC Controls Conquest HPO-9007 Series Installation Manual preview
Conquest HPO-9007 Series
Brand: KMC Controls Pages: 6
HMM hLine User Manual preview
hLine
Brand: HMM Pages: 41
Endress+Hauser FieldGate SWG50 Operating Instructions Manual preview
FieldGate SWG50
Brand: Endress+Hauser Pages: 48
Current Cost NetSmart Wireless Gateway User Manual preview
NetSmart Wireless Gateway
Brand: Current Cost Pages: 7
SmartRG SR516ac User Manual preview
SR516ac
Brand: SmartRG Pages: 158
Arris SURFboard SBG6950 User Manual preview
SURFboard SBG6950
Brand: Arris Pages: 22
ZyXEL Communications AMG1202-T10B Specifications preview
AMG1202-T10B
Brand: ZyXEL Communications Pages: 2
RTA 460BS-NNA1 Product User Manual preview
460BS-NNA1
Brand: RTA Pages: 64
RTA 460BCSC-NNA1 Product User Manual preview
460BCSC-NNA1
Brand: RTA Pages: 66
RTA 460BCA-NNA4 Product User Manual preview
460BCA-NNA4
Brand: RTA Pages: 81
TransLite TL-9508B Manual preview
TL-9508B
Brand: TransLite Pages: 26
CalAmp LMU-3640 Hardware Installation Manual preview
LMU-3640
Brand: CalAmp Pages: 11

Brands by name

Popular brands

Load more brands