Clavister Wolf W30 Скачать руководство пользователя | Manualshive

Страница: 31 / 94

background image

the Clavister Security Gateway is being used in

Transparent Mode

between two internal networks,

then the configuration setup is best done with manual Web Interface steps or through the CLI
instead of through the wizard and these are explained in the two sections that follow.

Advantages of the Wizard

The wizard makes setup easier because it automates what would otherwise be a more complex
set of individual setup steps. It also reminds you to perform important tasks such as setting the
date and time and configuring a log server.

The steps that the wizard goes through after the welcome screen are listed next.

Wizard step 1: Enter a new username and password

You will be prompted to enter a new administration username and password as shown below. It
is recommended that this is always done and the new username/password is remembered (if
these are forgotten, restoring to factory defaults will restore the original

admin

/

admin

combination). The password should be composed in a way which makes it difficult to guess.

Wizard step 2: Set the date and time

Many cOS Core functions rely on an accurate date and time, so it is important that this is set
correctly in the fields shown below.

Chapter 4: cOS Core Configuration

31

«
...
29
30
31
32
33
...
»

Содержание Wolf W30

Страница 1: ...Clavister Wolf W30 Getting Started Guide Clavister AB Sj gatan 6J SE 89160 rnsk ldsvik SWEDEN Phone 46 660 299200 www clavister com Published 2015 06 26 Copyright 2015 Clavister AB...

Страница 2: ...avister reserves the right to revise this publication and to make changes from time to time in the content hereof without any obligation to notify any person or parties of such revision or changes Lim...

Страница 3: ...ation 26 4 1 Management Workstation Connection 26 4 2 Web Interface and Wizard Setup 29 4 3 Manual Web Interface Setup 37 4 4 CLI Setup 53 4 5 License Installation Methods 61 4 6 Setup Troubleshooting...

Страница 4: ...Rear view of the Clavister W30 23 3 3 W30 Power Switch and Power Inlet Socket 23 5 1 An 8 x RJ45 Gigabit Interface Expansion Module for the W30 68 5 2 An 8 x SFP Gigabit Interface Expansion Module fo...

Страница 5: ...side of the page followed by a short paragraph in italicized text There are the following types of such sections Note This indicates some piece of information that is an addition to the preceding text...

Страница 6: ...or example http www clavister com Trademarks Certain names in this publication are the trademarks of their respective owners cOS Core is the trademark of Clavister AB Windows Windows XP Windows Vista...

Страница 7: ...2 01 onwards Earlier versions are not supported and a downgrade should not be attempted 1 1 Unpacking the W30 Figure 1 1 An Unpacked Clavister W30 Appliance This section details the unpacking of the W...

Страница 8: ...on All documentation and other resources for the W30 including this guide can be downloaded from the W30 product page which can be found at http www clavister com start End of Life Treatment The W30 a...

Страница 9: ...dered separately for this slot and the following module options are available i 8 x RJ45 Gigabit Ethernet interfaces ii 8 x SFP Gigabit interfaces iii 2 x SFP 10 Gigabit interfaces Module installation...

Страница 10: ...Specifications Chapter 1 W30 Product Overview 10...

Страница 11: ...Chapter 1 W30 Product Overview 11...

Страница 12: ...OS Core wizard the wizard will provide a link to the registration page so it can be done while the wizard is running Registration of the W30 Hardware Unit This is mandatory for every hardware unit bef...

Страница 13: ...n webpage is now presented The required information should be filled in In the example below a user called John Smith registers It is important to enter the administrator s company details as well Wit...

Страница 14: ...customer is taken to a webpage to indicate that confirmation has been successful They should now log in to the Clavister website with the credentials they have submitted during registration 7 After l...

Страница 15: ...Web Interface when cOS Core starts for the first time 1 Log in to the Clavister website and select the Register License option 2 The registration page is displayed Under the tab Hardware Serial Number...

Страница 16: ...download and installation from Clavister servers This installation can be done automatically through the cOS Core Setup Wizard which is described in Section 4 2 Web Interface and Wizard Setup If the...

Страница 17: ...e to connect it to the power source Using Other Power Cords If your installation requires a different power cord than the one supplied with the appliance be sure to use a cord displaying the mark of t...

Страница 18: ...say the temperature most commonly found in a modern office and in which humans feel comfortable This is usually considered to be between 20 and 25 degrees Celsius 68 to 77 degrees Fahrenheit Special r...

Страница 19: ...d cables However the W30 is designed to be rack mounted and installation on a flat surface is not recommended Caution Always leave space around the appliance Always ensure there is adequate space arou...

Страница 20: ...must be used for attaching the brackets After attaching a bracket to either side of the unit it is ready for rack mounting using a suitable fastener Rear support is not necessary Rack Mounting Guidel...

Страница 21: ...port for both initial cOS Core setup as well as for ongoing system administration The local console port need not be used if setup is done through a web browser as described in Section 4 2 Web Interf...

Страница 22: ...console connection settings are configured as described above 2 Connect one of the connectors on the cable directly to the local console port on the W30 3 Connect the other end of the cable to a cons...

Страница 23: ...cured by screws Figure 3 2 Rear view of the Clavister W30 Connecting AC Power To connect power follow these steps 1 Plug the end of the power cord into the power inlet socket on the W30 Figure 3 3 W30...

Страница 24: ...mmended that the purchase and use of a separate surge protection unit from a third party is considered for the power connection to the W30 hardware This is to ensure that the W30 is protected from dam...

Страница 25: ...Chapter 3 W30 Installation 25...

Страница 26: ...ld be referred to before continuing Clavister s cOS Core network security operating system is preloaded on the W30 and will automatically boot up after power is applied After boot up is complete an ex...

Страница 27: ...a similar to the connection used with the Web Interface and is also done using the default management interface after powering up for the first time ii Alternatively CLI access can be through console...

Страница 28: ...e IP network This means the workstation interface should be first assigned the following static IPv4 addresses IP address 192 168 1 30 Subnet mask 255 255 255 0 Default gateway 192 168 1 1 Tip Using a...

Страница 29: ...nd turn off popup blocking Make sure the web browser doesn t have a proxy server configured The wizard runs in a browser popup window The popup must be allowed for the setup wizard to run If there is...

Страница 30: ...After login the Web Interface will appear and the cOS Core setup wizard should begin automatically The first wizard dialog is the wizard welcome screen which should appear as shown below Cancelling t...

Страница 31: ...nfiguring a log server The steps that the wizard goes through after the welcome screen are listed next Wizard step 1 Enter a new username and password You will be prompted to enter a new administratio...

Страница 32: ...hat will be used to connect to an ISP for Internet access Wizard step 4 Select the WAN interface settings This step selects how the WAN connection to the Internet will function It can be one of Manual...

Страница 33: ...ry DNS server field 4B DHCP automatic configuration All required IP addresses will automatically be retrieved from the ISP s DHCP server with this option No further configuration is required for this...

Страница 34: ...on with PPTP Wizard step 5 DHCP server settings If the Clavister Security Gateway is to function as a DHCP server it can be enabled here in the wizard on a particular interface or configured later The...

Страница 35: ...Core For the default gateway it is recommended to specify the IPv4 address assigned to the internal network interface In this setup this corresponds to 192 168 1 1 The DNS server specified should be...

Страница 36: ...lete registration After registration come back to this step Alternatively this step can be skipped and license installation can be done later in which case cOS Core will run in demo mode with a 2 hour...

Страница 37: ...and All cOS Core interfaces are logically equal for cOS Core and although their physical capabilities may be different any interface can perform any logical function With the W30 the G1 interface is t...

Страница 38: ...ctivate option from the Configuration menu this procedure is also referred to as deploying a configuration A dialog is then presented to confirm that the new configuration is to become the running con...

Страница 39: ...log the user out If they log back in through the same web browser session then they will return to the point they were at before the logout occurred and no saved but not yet activated changes are los...

Страница 40: ...e listed and will contain a number of predefined objects automatically created by cOS Core after it scans the interfaces for the first time The screenshot below shows the initial address book for the...

Страница 41: ...the ISP s router which acts as the gateway to the public Internet Click the OK button to save the values entered Then set up G2_ip to be 10 5 4 35 This is the IPv4 address of the G2 interface which w...

Страница 42: ...ffic to flow from a given source network and source interface to a given destination network and destination interface A route defined in a cOS Core routing table which specifies on which interface cO...

Страница 43: ...cts can be created for specific protocols and existing service objects can also be combined into a new single service object The IP rule Action could have been specified as Allow but only if all the h...

Страница 44: ...er when setting up the required IP4 Address objects Note Disabling automatic route generation Automatic route generation is enabled and disabled with the setting Automatically add a default route for...

Страница 45: ...evant address objects in the address book with this information For cOS Core to know on which interface to find the public Internet a route has to be added to the main cOS Core routing table which spe...

Страница 46: ...g Tables main we can see this route If the PPPoE tunnel object is deleted this route is also automatically deleted At this point no traffic can flow through the tunnel since there is no IP rule define...

Страница 47: ...eted At this point no traffic can flow through the tunnel since there is no IP rule defined that allows it As was done in option A above we must define an IP rule that will allow traffic from a design...

Страница 48: ...et for example to be the IPv4 address object dns1_address Syslog Server Setup Although logging may be enabled no log messages are captured unless at least one log server is set up to receive them and...

Страница 49: ...the cOS Core will drop any traffic unless an IP rule explicitly allows it Let us suppose that we wish to allow the pinging of external hosts with the ICMP protocol by computers on the internal G3_net...

Страница 50: ...is found for a new connection then the default rule is triggered This rule is hidden and cannot be changed and its action is to drop all such traffic as well as generate a log message for the drop In...

Страница 51: ...figuration during editing then these deletes are indicated by a line scored through the list entry while the configuration is still not yet activated The deleted entry only disappears completely when...

Страница 52: ...Doing this is described in Section 4 5 License Installation Methods Chapter 4 cOS Core Configuration 52...

Страница 53: ...normal CLI prompt if connecting directly through the local console port and a username password combination will not be required a password for this console can be set later Device If connecting remo...

Страница 54: ...ce and this can only be changed after initial startup All cOS Core interfaces are logically equal for cOS Core and although their physical capabilities may be different any interface can perform any l...

Страница 55: ...mes of IP objects in folders On initial startup of the W30 cOS Core automatically creates and fills the InterfaceAddresses folder in the cOS Core address book with Ethernet interface related IPv4 addr...

Страница 56: ...ill have private IPv4 addresses In that case we must use NAT to send out traffic so that the apparent source IP address is the IP of the interface connected to the ISP To do this we simply change the...

Страница 57: ...c can flow to or from the Internet since there is no IP rule defined that allows it As was done in the previous option A above we must therefore manually define an IP rule that will allow traffic from...

Страница 58: ...ote Network specified for the tunnel and for the public Internet this should be all nets As with all automatically added routes if the PPTP tunnel object is deleted then this route is also automatical...

Страница 59: ...NTP Server Setup Network Time Protocol NTP servers can optionally be configured to maintain the accuracy of the system date and time The command below sets up synchronization with the two NTP servers...

Страница 60: ...ew connection then the default rule is triggered This rule is hidden and cannot be changed and its action is to drop all such traffic as well as generate a log message for the drop In order to gain co...

Страница 61: ...ster website then press Activate The license is fetched automatically across the public Internet and installed This method is also only available when installing a license for the first time Automatic...

Страница 62: ...nse through the Web Interface or the startup wizard the option to restart will be presented When using the CLI or SCP for installation restarting is done in the Web Interface by going to Status Mainte...

Страница 63: ...obvious problem is if the IP address of the workstation running the web browser is not configured correctly 4 Is the management interface properly connected Check the link indicator lights on the mana...

Страница 64: ...faces and confirm that the correct cables are connected to the correct interfaces To look at the ARP activity only a particular interface follow the command with the interface name Device arpsnoop int...

Страница 65: ...ons of the source destination interface network combined with protocol type By default no IP rules are defined so all traffic is dropped At least one IP rule needs to be defined before traffic can tra...

Страница 66: ...erence Guide provides a complete listing of the available CLI commands with their options A CLI overview is also provided as part of the cOS Core Administrators Guide cOS Core Education Courses For de...

Страница 67: ...Chapter 4 cOS Core Configuration 67...

Страница 68: ...pes available and these are purchased separately to the W30 unit Each of the three module types has different capabilities and can be one of the following 8 x RJ45 Gigabit Ethernet interfaces shown be...

Страница 69: ...first undoing the two retaining screws on either side of the plate These screws may need loosening with a suitable screwdriver before undoing completely by hand The screws are on springs and will spri...

Страница 70: ...thread in the chassis After hand tightening finish by applying minimal extra tightening with a suitable screwdriver to ensure the screws are secure as shown below 7 Now power up the hardware to resta...

Страница 71: ...he W30 When cOS Core is started again the configuration will be unchanged However no data will be received or sent on an interface that does not physically exist If another expansion module is then fi...

Страница 72: ...Figure 5 5 Insertion of a Gigabit SFP Module Chapter 5 Interface Expansion Modules 72...

Страница 73: ...by choosing the boot menu option Enable Console Password Performing a Boot Menu Reset The W30 does not provide a hardware reset button on the hardware unit itself Instead the reset is done by entering...

Страница 74: ...f cOS Core that the product left the factory with This means The current cOS Core configuration will be lost but can be restored if a backup is available Any cOS Core upgrades that have been performed...

Страница 75: ...ted for the remainder of the original warranty period or thirty days whichever is longer Note that the term Start Date means the earlier of the product registration date OR ninety 90 days following th...

Страница 76: ...Clavister is not responsible for any of the purchaser s software firmware information or memory data contained in stored on or integrated with any product returned to Clavister pursuant to this warra...

Страница 77: ...rviceable parts inside these products Only service trained personnel can perform any adjustment maintenance or repair S kerhetsf reskrifter Dessa produkter r s kerhetsklassade enligt klass I och har a...

Страница 78: ...elle zu den Ger teingabeterminals den Netzkabeln oder dem mit Strom belieferten Netzkabelsatz voraus Sobald Grund zur Annahme besteht dass der Schutz beeintr chtigt worden ist das Netzkabel aus der Wa...

Страница 79: ...rna de puesta a tierra Es preciso que exista una puesta a tierra continua desde la toma de alimentac on el ctrica hasta las bornas de los cables de entrada del aparato el cable de alimentaci n hasta h...

Страница 80: ...G2 Hz 5 100 Hz 6 dB Oct 100 500 Hz Random vibration IEC 60068 2 64 non operating 0 02 G2 Hz 5 100 Hz 6 dB Oct 100 500 Hz Mechanical Shock Operating 0 5 Grms Non operating 1 91 Grms Power Specificatio...

Страница 81: ...For more information about Clavister products go to http www clavister com Appendix A W30 Specifications 81...

Страница 82: ...Appendix B Declarations of Conformity 82...

Страница 83: ...Appendix B Declarations of Conformity 83...

Страница 84: ...192 168 1 0 24 and is different from the security gateway s address of 192 168 1 1 The IPv4 address 192 168 1 30 will be used for this purpose and the steps to set this up with Windows XP are as follo...

Страница 85: ...browse the Internet from the management workstation via the security gateway it is possible to go back to the last step s properties dialog later and enter DNS server IP addresses For now they are not...

Страница 86: ...ty gateway s address of 192 168 1 1 The IPv4 address 192 168 1 30 will be used for this purpose and the steps to set this up with Vista are as follows 1 Press the Windows Start button 2 Select the Con...

Страница 87: ...he following IP address and enter the following values IP Address 192 168 1 30 Subnet mask 255 255 255 0 Default gateway 192 168 1 1 DNS addresses can be entered later once Internet access is establis...

Страница 88: ...ay s address of 192 168 1 1 The IPv4 address 192 168 1 30 will be used for this purpose and the steps to set this up with Windows 7 are as follows 1 Press the Windows Start button 2 Select the Control...

Страница 89: ...the following IP address and enter the following values IP Address 192 168 1 30 Subnet mask 255 255 255 0 Default gateway 192 168 1 1 DNS addresses can be entered later once Internet access is establ...

Страница 90: ...ent from the security gateway s address of 192 168 1 1 The IPv4 address 192 168 1 30 will be used for this purpose and the steps to set this up with Windows 7 are as follows 1 Open the Windows 8 Contr...

Страница 91: ...dialog select the option Use the following IP address and enter the following values IP Address 192 168 1 30 Subnet mask 255 255 255 0 Default gateway 192 168 1 1 DNS addresses can be entered later on...

Страница 92: ...ity Gateway To do this a selected Ethernet interface on the Mac must be configured correctly with a static IP The setup steps for this with Mac OS X are 1 Go to the Apple Menu and select System Prefer...

Страница 93: ...5 Now set the following values IP Address 192 168 1 30 Subnet Mask 255 255 255 0 Router 192 168 1 1 6 Click Apply to complete the static IP setup Appendix G Apple Mac IP Setup 93...

Страница 94: ...Clavister AB Sj gatan 6J SE 89160 rnsk ldsvik SWEDEN Phone 46 660 299200 www clavister com...

Отзывы:

Нет отзывов

Похожие инструкции для Wolf W30

Бренд: IBM Страницы: 2

Бренд: PaloAlto Networks Страницы: 2

Бренд: HotBrick Страницы: 89

Бренд: EBLOCKER Страницы: 81

Бренд: ZyXEL Communications Страницы: 1090

Бренд: Nexcom Страницы: 61

NSA 3111 Series

Бренд: Nexcom Страницы: 80

Бренд: PaloAlto Networks Страницы: 34

PA-5200 Seriesp

Бренд: PaloAlto Networks Страницы: 60

3C16792 - OfficeConnect Dual Speed Switch 16

Бренд: 3Com Страницы: 40

Бренд: Sophos Страницы: 14

freeGuard Blaze 2100

Бренд: Freedom9 Страницы: 224

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды