manualshive.com logo in svg

Nokia IPSO IP350, Инструкция по установке, Страница: 12 / 20

Поделиться
Скачать
Nokia IPSO IP350 Скачать руководство пользователя страница 12

The 2 applications (packages) turned on by default are the only ones that need to be turned on.  Nothing 
needs to be done, you’re just checking to make sure they’re turned on. If you click on 

UP

 it will take you 

back to the Configuration screen.  

NOTE: If you are going to be using VPNs you will also need to click on the first radio button underneath Applications.  

 

 

         

 

 

 

 

Click on 

SNMP

 and make sure that it is turned off.  If you click on 

UP

 it will take you back to the 

Configuration screen. 

NOTE: Your configuration may be different from the guide if you need SNMP enabled.  This is up to you if you want to use it. 

 

 

 

Under Security and Access Configuration click on 

Network Access and Services

, make sure that 

Telnet

 

and 

FTP

 are turned off.  If you click on 

UP

 it will take you back to the Configuration screen.  

 

  

NOTE: Your configuration may be different from the guide if you need FTP & Telnet enabled.  This is up to you if you want to use it.

        

 

 

 

Содержание IPSO IP350

Страница 1: ...firewall and ends with applying the default filter and running CPCONFIG Good luck with your install and thanks for using this guide as a reference on how to configure a Check Point firewall After the start up script runs you will be prompt to enter a hostname if you hit enter it will get rid of the text so that you can type the hostname that you choose Listed below is an actual screen shot taken f...

Страница 2: ...ling 10baseT UTP port in half duplex mode netlog eth1 enabling 100baseTX UTP port in full duplex mode done Apr 28 16 08 20 fw test LOG_INFO kernel netlog eth4 enabling 10baseT UTP port in half duplex mode Apr 28 16 08 20 fw test LOG_INFO kernel netlog eth2 enabling 10baseT UTP port in half duplex mode Apr 28 16 08 20 fw test LOG_INFO kernel netlog eth3 enabling 10baseT UTP port in half duplex mode...

Страница 3: ... are going to change it to the correct version by installing a new IPSO image from an FTP server using Voyager Voyager is web based you are able to configure almost everything via Voyager To access the Voyager web page type in http 10 0 0 1 and then enter the user name and password Any interface that is configured on this NOKIA can be used to get access to Voyager NOTE Leave the SSH connection run...

Страница 4: ...that you have an FTP Server loaded on your PC EXAMPLE 3COM Server Make sure that your FTP Server is configured for Anonymous that way you don t have to type in a user name and password Type ftp 10 0 0 2 ipso_3_7_1_Build007 tgz I am using IPSO 3 7 1 build 007 for an example you use whatever IPSO version that is current or that you want to use Now click on Apply Click on the Apply button one more ti...

Страница 5: ... install When the install is finished the screen will look like the one shown below The install is now complete and you need to reboot your NOKIA device Before you reboot click on Manage IPSO images including REBOOT and Next Boot Image Selection located at the bottom of the page ...

Страница 6: ...ge click on Test Boot NOTE Test boot is used incase something happens when you re rebooting this way you can revert back to the old version and no harm was done This is a precautionary measure After selecting Test Boot you will see the page shown above Wait about 5 minutes and then hit the Refresh button at the top of the page ...

Страница 7: ...he steps to install Check Point NG FP3 on this NOKIA device Follow the steps by typing in the commands shown in red listed below During this process you will be asked if you want to download certain images hot fixes or packages Only choose the one that says Do you want to download CP_FP3_IPSO tgz For all of the other prompts type n and wait until they have all been addressed NOTE If you are using ...

Страница 8: ...hname to the packages or exit to exit Loading Package List Do you want to download cpinfo_ipso_550000007 tgz yes default or no or exit n Skipping package cpinfo_ipso_550000007 tgz Do you want to download cpshared_NG_FP3_53267_2_Nokia tgz yes default or no or exit n Skipping package cpshared_NG_FP3_53267_2_Nokia tgz Do you want to download CP_FP3_IPSO tgz yes default or no or exit y Processing pack...

Страница 9: ...IT PKG_INSTALL etc newpkg S m LOCAL i n CPfwbc 41 fw 1_ipso tgz May 6 21 32 43 fw test LOG_CRIT PKG_INSTALL May 6 21 32 43 fw test LOG_CRIT PKG_INSTALL May 6 21 32 56 fw test LOG_CRIT PKG_INSTALL May 6 21 32 56 fw test LOG_CRIT PKG_INSTALL etc newpkg S m LOCAL i n CPdtps 50 polsrv_ipso tgz May 6 21 32 56 fw test LOG_CRIT PKG_INSTALL May 6 21 32 56 fw test LOG_CRIT PKG_INSTALL etc newpkg S m LOCAL ...

Страница 10: ...ll May 6 21 33 21 fw test LOG_CRIT PKG_INSTALL 2 Run cpconfig and configure the firewall May 6 21 33 21 fw test LOG_CRIT PKG_INSTALL 3 Install the new License if required May 6 21 33 21 fw test LOG_CRIT PKG_INSTALL 3 Install the new License if required May 6 21 33 21 fw test LOG_CRIT PKG_INSTALL 4 Reboot the box May 6 21 33 21 fw test LOG_CRIT PKG_INSTALL 4 Reboot the box May 6 21 33 21 fw test LO...

Страница 11: ...gz Do you want to download RSNS_NokiaRelease_7_0_2003_62 tgz yes default or no or exit n Skipping package RSNS_NokiaRelease_7_0_2003_62 tgz End of new package installation cleaning up done Use Voyager to activate packages fw test admin You can now log back into Voyager by typing http 10 0 0 1 if you click on Config then click on Manage Installed Packages under System Configuration your screen shou...

Страница 12: ...Click on SNMP and make sure that it is turned off If you click on UP it will take you back to the Configuration screen NOTE Your configuration may be different from the guide if you need SNMP enabled This is up to you if you want to use it Under Security and Access Configuration click on Network Access and Services make sure that Telnet and FTP are turned off If you click on UP it will take you ba...

Страница 13: ...s is turned on so that you can manage your NOKIA box via SSH Under Security and Access Configuration click on SSL Certificate Tool here is where you configure your SSL certificate After clicking on SSL Certificate Tool you should see the screen shown below Enter the same data shown below into the configuration for your certificate you are creating The pass phrase can be whatever you choose When ...

Страница 14: ...s a certificate and a private key in it you need to copy the entire text that is listed After highlighting the entire certificate right click and select copy After you have copied the certificate scroll to the bottom of the screen and click on the Voyager SSL certificate page that is shown below ...

Страница 15: ...u are doing Now you should be back to the page where you can copy the Private Key this is the one below the Server Certificate After you copy the key click on the green arrow that allows you to advance to the previous page in IE Netscape or whatever you are using Now that you are back to the area shown below paste the Private Key in the area that reads Associated Private Key You will then need to ...

Страница 16: ...ger After selecting the radio button click on Apply and Save You should still see that same screen shown above if you click on UP you will get the error message The page cannot be displayed You are getting this error message because you need to change the URL to use HTTPS rather then HTTP As soon as you put an S behind HTTP and hit enter you will be back to the Voyager configuration page ...

Страница 17: ...d you can move on to the second to last step of the configuration All of the appropriate patches and hot fixes should be applied at this time I will demonstrate one for you it is best to use the directory var tmp NOTE Make sure that your FTP server is running for this portion You can get all of the current patches and hot fixes on Check Point s website fw test admin cd var tmp fw test admin ls ls ...

Страница 18: ...25 installation completed successfully fw test admin fw1_HOTFIX_HFA_325_332553950_1 Do you want to proceed with installation of Check Point VPN 1 FireWall 1 NG FP3 Support HFA 325 for Check Point VPN 1 FireWall 1 NG FP3 on this computer If you choose to proceed installation will perform CPSTOP y yes else no y SVN Foundation cpd is not running SVN Foundation cpWatchDog is not running SVN Foundation...

Страница 19: ...of license agreement Do you accept all the terms of this license agreement y n y Select installation type 1 Enforcement Module 2 Enterprise Management 3 Enterprise Management and Enforcement Module 4 Enterprise Log Server 5 Enforcement Module and Enterprise Log Server Enter your selection 1 5 a abort 1 1 Would you like to install a Check Point clustering product CPHA CPLS or State Synchronization ...

Страница 20: ...is will shut the device down properly and you can then hit the power button in the past If you don t shut it down like this you run the risk of putting the device into Single User Mode You are all set to connect this device to your network and get the management server configured in order to apply a license and push a policy to this device About the Author Brandon E Robrahn CCSA is a Firewall Admi...

Отзывы:

Нет отзывов