Quickstart Guide
Prerequisites:
- a schematic of your network containing: IP addresses for Syneto UTM interfaces (external – eth0 and internal – eth2), IP address for default gateway and name server; optionally, the IP address for the DMZ interface (eth1)
- a computer which has a modern browser like Internet Explorer, Mozilla Firefox or Safari, supporting Java, Java Script and Macromedia Flash
1. Connecting to Syneto UTM
Syneto UTM comes already installed and all you have to do to have it running is to connect it to a power source with the included power cable and to a networking switch using a UTP cable. It is recommended you connect the eth2 port to the switch.
Following, change the Configuration Station IP address to match the default IP address of the Syneto UTM port you are connecting to:
- port 1(eth0): 10.100.100.100/16
- port 2(eth1): 10.0.10.10/16
- port 3(eth2): 10.200.200.200/16
2. Accessing the Web Management Interface
3. Log Into the Web Management Interface
In the Login Screen insert the default username and password as instructed in the image.
4. Quick Intro to the Web Management Interface
Syneto UTM’s Management Interface is designed to minimize the hassle of interacting with the system, offering a dynamic and trouble free experience for both the novice or experienced administrator.
- On the left side, you can find the Management Interface menu
- The dashboard
- Save Configuration button; press this button to save the current configuration for the next reboot once it meets you needs
- Reboot, Power and Logout buttons
5. Configure the Internal and External Interfaces
6. Configuring a Name Server
7. Configuring a Default Gateway
8. Defining a Firewall Policy
9. Configuring a SNAT Rule
10. Put It in Production Environment
Once the Syneto UTM has been configured with IP addresses for the necessary interfaces, default gateway, name server, filtering rules and Source NAT rule, it is time to put it in a production environment, connecting eth2 to the internal switch, eth0 to the router/ISP and, optionally, adding a DMZ network on eth1.
11. Connecting to Serial Console
To access Syneto UTM’s serial console please use a null-modem cable connecting it from your serial (or USB, if you have a USB-to-serial converter) port to the appliance’s port.
Serial communication parameters are:
- 57600 bps
- 8N1
- terminal type: VT102
12. Configure the Interfaces and Gateway
Once connected to the serial console we can start configure the IP address and the gateway of the appliance. We will use the same IP addresses (and the corresponding netmasks, when they are needed) as when we configured the interfaces and default gateway in steps 5 and 7:
$ config addr edit eth0 1.2.3.4/16
$ config addr edit eth2 192.168.1.1
$ config gateway edit 1.2.3.1 eth0
$ config gateway enable
13.Configure Multi-path Gateways and Failover
Configuring multiple gateways is as simple as adding them once you have a single gateway defined. Considering that you hae already defined and enabled a single gateway, adding a second (or a third, fourth, etc. up to 10) gateway can be accomplished with:
$ config gateway add 10.0.0.1
By default, the failover protection will run at 60 seconds interval, checking at layer 2 against link interruptions. Configure it to check a known host from the internet on port 53, every 2 minutes:
$ config gateway failover 120 195.137.139.236 53
14. Entering Licensing Information
15. Updating the System
16. Configure Web Proxy with Site Categorizing Engine
17. Configure Mail Proxy
18. Configure a Roadwarrior VPN
19. Configure High Availability
Once you have the two appliances physically connected with a crossover cable on port eth3, using the console please set the role of each one of them.
On the slave machine execute:
$ config ha role backup
while on the master execute:
$ config ha role primary(on the master)
Start HA system on both machines by running on each of them:
$ config ha start