4.1. General settings

The General settings section contains basic parameters of UserGate, such as:

Name

Description

Timezone

Specify the timezone according to your actual location. The timezone is used for scheduling in rules as well as for displaying correct date and time in statistical reports, logs and other elements.

Default interface language

Default language that will be used in the console

Web console authentication mode

An authentication method for users (administrators) who need access to the management web console. The following options are supported:

  • By user name and password. To access the web console, enter your user name and password.

  • By X.509 certificate. For a certificate-based authentication, you will need to have a user certificate signed by a certification authority and installed in your browser. Note that enabling this authentication method will disable authentication by user name and password. To enable authentication by user name and password again, use the CLI commands.

Modules

Configures the following UserGate modules:

  • HTTP(S) proxy port - allows to set custom HTTP(S) proxy port number. Default is TCP 8090. ** **Important! The following ports are reserved for UserGate internal use and cannot be used here: 2200, 8001, 4369, 9000-9100.

  • Captive portal auth domain - special domain name which is used by UserGate to authorize users by Captive portal. This domain name should be resolved to the IP address of UserGate interface connected to users. If users use UserGate as DNS server then everything should work right away. Default is auth.captive, which can be changed to another name used in corporate network

  • Captive portal logout domain - special domain name which is used by UserGate users to logout. This domain name should be resolved to the IP address of UserGate interface connected to users. If users use UserGate as DNS server then everything should work right away. Default is logout.captive, which can be changed to another name used in corporate network

  • Block page domain - a service domain that displays the block page to users. Make sure that users can resolve the specified domain into the IP address of the UserGate interface to which they are connected. If the IP address of your UserGate server is specified as the DNS server, then resolving will be performed automatically. By default, 'block.captive' is used as the name, but you can change it to any other domain name according to your corporate policies.

  • FTP over HTTP --- enables or disables a module which provides access to the content stored on FTP servers from user browsers.
    Note that users must explicitly set the proxy server for FTP in their browsers.
    Administrators may control access to the FTP servers via content filtering rules (only Users and URL conditions).

  • FTP over HTTP domain - a service domain that is used to provide FTP over HTTP service to users. Make sure that users can resolve the specified domain into the IP address of the UserGate interface to which they are connected. If the IP address of your UserGate server is specified as the DNS server, then resolving will be performed automatically. By default, 'ftpclient.captive' is used as the name, but you can change it to any other domain name according to your corporate policies.

Cache settings

Parameters of the proxy server's cache:

  • Caching mode - enables or disables caching

  • Cache exclusions - list of URLs which should not be cached

  • Max cacheable object size (MB) - objects of a larger size will not be cached. The recommended value is 1 MB (set by default)

  • RAM size (MB) - amount of RAM available for caching It is not recommended that you allocate more than 20% of RAM for caching.

Log Analyzer

Settings of the Log Analyzer module:

  • Status - displays the current status of the statistics service

  • Log analyzer server. Select External server with Log Analyzer (if you have any); otherwise, select Local server.

  • Port - a TCP port on which Log Analyzer is listening

  • Password - authentication string for connecting to Log Analyzer

  • Logs-->Event logs - send the contents of event logs to the Log Analyzer server

  • Logs-->IPS log - send the contents of the IPS log to the Log Analyzer server

  • Logs-->Traffic logs - send the contents of the traffic log to the Log Analyzer server

  • Logs-->Web access log - send the contents of the web access log to the Log Analyzer server

WCCP support

Setup for receiving traffic via WCCP. You can find a detailed description of these settings in chapter WCCP support.