Firewall/SIParator® Installation
Ingate’s firewalls and SIParators come preinstalled and
thoroughly tested on secure Ingate hardware. These factors combine to provide
a higher level of security, as they eliminate the user errors that often occur at setup.
For step-by-step instructions on installing your Ingate Firewall, see
the User Manual.
Installation of Ingate Firewall/SIParator®
This is how to install an Ingate Firewall/SIParator®:
Installation with magic ping
You can use the magic ping to set an IP address for the unit
instead of running the installation program. This is how to perform a
magic ping:
- Plug in the power cord and switch the unit on.
- Wait while the unit boots up.
- Connect the network cables to the network interfaces.
- Find out the MAC address of the unit (printed on
the back of the unit). This is the MAC address of eth0.
- Add a static entry in your local ARP table consisting
of the unit's MAC address and the IP address it should have on
eth0.
This is how to add a static ARP entry if you use a Windows
computer:
Run the command command (or cmd).
In the Command window, enter the command
arp -s ipaddress macaddress
where ipaddress is the new IP address for the
eth0 interface, and macaddress is the MAC address
printed on the unit, but with all colons (:) replaced with dashes
(-).
- Ping this IP address to give the unit its new IP
address. You should receive a ping reply if the address distribution
was successful.
- Configure the rest through a web
browser.
This will also set the password to gazonk. Change it immediately
via the web user interface. Before any configuration has been made,
only the computer which performed the magic ping will be able to
configure the Ingate Firewall/SIParator®.
If you run Windows, you can also run our Startup Tool, which you get here: Startup Tool.
Installation with a serial cable
These steps are performed when installing with a serial
cable:
- Connect the unit to your workstation with the
enclosed serial cable.
- For an Ingate Firewall® 1400 or SIParator 40™: check the voltage setting of
the unit. This is the little red switch below the power
socket. Other Ingate Firewalls and SIParators detect the correct voltage setting
automatically.
- Plug in the power cord and turn the unit
on.
- Wait while the unit boots up.
- Log on from your workstation.
- Run the installation program (see following
instructions).
- Connect the network cables to the network
interfaces.
- Configure the rest through a web
browser.
Connect the unit to your workstation with the enclosed
serial cable, plug in the power cord and turn the unit on. You
will have to wait a few minutes while it boots up.
- If you use a Windows workstation, the next step will
be this: Start Hyperterm. A Location dialogue
will show, asking for your telephone number and area. Click Cancel
followed by Yes. Then you will be asked to make a new connection. Type
a name for this connection, select an icon and click OK. The Location
dialogue will show again, so click Cancel followed by
Yes.
Now you can select Connect using COM1 and click OK. A Port
settings dialogue will show, where you select 19200 as Bits per
second. Use the default configuration for all other settings. Click OK
and wait for a login prompt. (In some cases you have to press Return
to get the login prompt.)
- If you use a Linux workstation, the next step will be
this: Make sure that there is a symbolic link named /dev/modem which
points to the serial port you connected the unit to. Connect using
minicom with the bit rate 19200 bits/s, and wait
for a login prompt.
Log on as the user admin. The first time you log on, the
password will not be set, but you set it when you run the
installation script, which starts automatically when you have logged
on.
Each network interface is marked with a name (eth0, eth1, etc),
which corresponds to a tab under Basic Configuration. All eth
interfaces belong to ethernet cards and should only be connected using
ethernet cables.
Decide which computer(s) are allowed to configure the unit
and enter the name of the network interface to which they are
connected, for example, eth0. You must use the physical device name
(eth0, eth1 etc).
Enter the IP address of the unit on this interface and the
network mask for the network.
A network mask can be written in two ways in Ingate Firewall/SIParator®:
- The first looks just like an IP address, for example
255.255.192.0 or 255.255.254.0.
- The other way is as a number between 0 and 32. An IP
address has 32 bits, where the number of the network mask indicates
how many bits are used in the network's addresses. The rest of the
bits identifies the computer on the network.
Now, you can choose to deactivate any network interfaces. Select
y to deactivate all interfaces but the one you just configured. The
remaining network interfaces can be activated later when you complete
the configuration via the web interface from your work station.
Now enter the computer or computers from which the unit may
be configured (the configuration computers).
Then enter a password for the unit. This is the password you
use in your web browser to access and change the unit's
configuration.
Finally, you can reset all other configuration if you want to.
Installation Floppy Disk
If you have an Ingate Firewall® model 400 or previous (Fuego Firewall) and need a replacement to the installation floppy disk that came included in the
hardware package, you can download one here by following these instructions.
- Download one of the following archives.
- Unzip the appropriate file and save to an MS-DOS formatted disk. Insert the disk into your workstation.
- For computers running MS-DOS or Windows, follow these steps (in a DOS window):
C:\> a:
A:\> finst-en.exe
On a computer running Linux:
mount /dev/fd0 /mnt
cd /mnt
./finst-en
cd /
umount /dev/fd0
- Reboot the Ingate Firewall® with the floppy in the diskdrive.
For further information concerning the use of the installation program, see chapter 3 in the User Manual.
|