The box layer of the Control Center uses the same "Getting Started" steps as the CloudGen Firewall. Once the licenses and other basic settings are complete, you must configure the Control Center management layer.
Before You Begin
Configure the box layer of your Control Center. For more information, see Get Started.
Step 1. Configure the Time Settings
Enable the NTP daemon and configure the time servers.
- Log into the box layer of the Control Center.
- Go to CONFIGURATION > Configuration Tree > Box > Administrative Settings.
- In the left menu, select Time Settings/NTP.
- Click Lock.
- Set Enable sync on Startup to yes.
- Click + to add time servers to the Time Server IP list.
- Set Start NTPd to yes.
- (optional) configure NTP peers. For more information, see How to Configure Time Server (NTP) Settings.
- Click Send Changes and Activate.
Step 2. Set the Control Center IP
Configure the Control Center IP address in the virtual server S1 on the box layer of the Control Center. This is the IP address you use when connecting to the Control Center.
- Log into the box layer of the Control Center.
- Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > S1 > Server Properties .
- Click Lock.
- Enter the Control Center IP as the First-IP.
- Set Reply to Ping to yes.
- Click Send Changes and Activate.
Step 3. Export the Base License on Box Layer
- Log into the box layer of the Control Center. If the Control Center is running on a HA cluster, log into the primary unit.
- Open the CONFIGURATION > Full Config > Box > Box Licenses page.
- In the Licenses table, select the Base License and click Im/ Export and select Export to clipboard.
Step 4. Import the Base License
- Log into the Control Center.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > CC Identity.
- Click Lock.
- In the CC Identification section, click Import and select Import from Clipboard.
- In the Organization field, enter your organization name.
Step 5. Configure CC Identification Settings
The CC Identification settings are required to secure communication between the Control Center and the CloudGen Firewalls it manages.
- Log into the Control Center.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > CC Identity.
- Click Lock.
- In the Additional CC IP Addresses table, add an entry for the management IP address. Usually, the Control Center has one server IP address and one management IP address. In this case, enter the management IP address.
- In the left menu, click Trust Chain.
- Define the keys and certificates required for secure communication between the Control Center and the CloudGen Firewalls that it will manage:
- CC Certificate – Click Edit and specify the certificate settings.
- CC Private Key – Click New Key and specify the key length.
- CC SSH Key – Click New Key and specify the key length.
- Click Send Changes and Activate.
Step 6. (optional) Complete the Auto Activation Form
To automatically activate managed CloudGen Firewall licenses, you must enter the data for the auto-activation form once.
- Log into the Control Center.
- Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > CC Parameters.
- In the left menu, select Activation Template.
- Click Lock.
- Enter the Owner and Purchase Information.
- Click Send Changes and Activate.
Next Steps
Continue with the steps below to set up the Control Center according to your needs.
Link | |
---|---|
Create Admins | Control Center Admins |
Configure Central Management | |
Add a CloudGen Firewall to the Control Center | |
Licensing for managed CloudGen Firewalls | |
Revision Control System (RCS) | Revision Control System (RCS) |