1. Locate and select the Firewalls folder. Now activate the New Firewall wizard by clicking the New icon in the toolbar.
This section describes the initial configuration of the firewall.
This section contains the following topics:
Clavister Firewall is configured and monitored from a management software called Clavister Firewall Manager, designed to run on a server or workstation running Microsoft Windows with TCP/IP network access to the firewall. This server or workstation will be referred to as management station throughout this guide.
The initial configuration process assumes that all steps in the previous chapters have been performed.
The Clavister Firewall Manager software can be found on the CD-ROM included in the firewall package and should be installed on the management station.
Insert the Clavister Security Software CD-ROM into the CD-ROM drive of the management station. If the installation software does not start automatically, select Run from the Start menu and enter
D:\setup.exe (where D: is the letter of your CD-ROM drive).
Follow the on-screen instructions to install the software.
Start the Clavister Firewall Manager software from the Start menu.
Click the Security Editor icon in the left toolbar or select it from the Tools menu.
|
1. Locate and select the Firewalls folder. Now activate the New Firewall wizard by clicking the New icon in the toolbar. |
|
|
|
2. Select Appliance or Software in the wizard depending on your product type. Click the Next button to continue. |
|
3. Enter a descriptive name and the IP address of the firewall. The IP address is used to communicate with the firewall from Clavister Firewall Manager. Note: Remember this IP address, as you will need to enter it again in the firewall console. Click the Next button to continue. |
|
|
|
4. Now choose a password for the local console access. Leave the password blank if there is no demand for local console protection. Note: This password is used for local console access only, and is in no way related to the way Clavister Firewall Manager authenticates with the firewall. Click the Next button to continue. |
|
5. (Software only) Select the device to use for creation of the firewall boot media. Make sure you have a media of the preferred type available. Click the Next button to continue. |
|
|
|
6. (Software only) Select a firewall core to be installed on the firewall. Click the Next button to start the boot media creation. |
|
7. (Software only) The wizard will now write all necessary files to the boot media. You can study the process in detail by clicking the Properties... button. When the boot media creation is finished, click the Next button to continue. |
|
|
|
8. (Software only) Remove the boot media and insert it into to the firewall hardware. |
|
9. The wizard will now try to connect to the firewall. It will remain in this state until a successful connection is made or Cancel is selected. |
|
Make sure that a terminal (or a computer running terminal emulation software) is connected to the console port on the firewall hardware as described in the section Connecting the Console Port. If you are installing a Clavister Firewall Software product, you can use a monitor and keyboard for this task. If this is your preferred method, please substitute the term terminal window in this section with monitor.
Power up the firewall.
Note: Please be aware that the firewall hardware will need some
time to power up depending on the choice of boot media in the firewall,
and during this period, there will be no output to the terminal window.
When the firewall is starting, a text similar to the following will
appear in the terminal window:
Select the interface that you have chosen for communication with the management station. Press Enter to confirm your choice.
Enter the same IP address as you previously entered
in the New Firewall wizard. Enter
the appropriate netmask and press Ctrl-S to save the settings and continue.
The following will appear in the terminal window:
Press Y to start the firewall
core.
A text similar to the following will appear in the terminal window if everything is in order:
Configuration done
NetCon initialization complete
The rack-mountable models in the Clavister Firewall Appliances series are all equipped with a graphical LCD display to indicate status information. The display is divided into two sections; the left shows important firewall statistics, such as Load and Drops, and the right shows per-interface status.
Each interface is displayed with its interface number (at the bottom of the display) and two vertical bars representing, respectively, received and sent bits per second. The top of the display indicates the link status of each interface, using these symbols:
10 The interface links in 10 Mbps.
100 The interface links in 100 Mbps.
G The interface links in 1 Gbps.
- The interface has no link partner.
If everything is working correctly, the management station should now begin to communicate with the firewall hardware.
During this process the management station will download the running configuration, exchange new encryption keys for remote management and set the local console password if enabled.
If an error occurs or the manager fails to connect to the firewall, please read the section Troubleshooting.
Congratulations, your firewall is now up and running and configured with a small base configuration!
The next steps include registering the firewall license, attaching the remaining network interfaces to their corresponding networks and applying a proper security policy using the firewall manager software.
These tasks are covered by the Clavister Firewall User's Guide.
