2.3. Connecting to UserGate

The port0 interface is configured to receive an IP address automatically from a DHCP server and assigned to the Management zone. The initial configuration is done via the administrator's web console connection via the port0 interface.

If it is not possible to assign an IP address to the Management interface automatically using DHCP, it can be set explicitly from the CLI (Command Line Interface). For more details on using the CLI, see the chapter Command Line Interface (CLI).

Other network interfaces are disabled and require further configuration.

To perform the initial configuration, follow these steps:



Step 1. Connect to the management interface.

When a DHCP Server Is Used

Connect the port0 interface to the corporate network with a working DHCP server. Start UserGate. After booting, UserGate will display the IP address to connect to for subsequent product activation.

Static IP address

Start UserGate. Use the CLI to assign the desired IP address to the port0 interface.

Proceed initial configuration in the Command Line Interface or connect to the UserGate web console at that IP address. The address string should look similar to this: https://UserGate_IP_address:8001.

For more details on using the CLI, see the chapter Command Line Interface (CLI).

Step 2. Select a language.

Select the language that will be used for the rest of the initial configuration.

Step 3. Set a password.

Set a login name and a password to log in to the web management interface.

Step 4. Configure zones, set IP addresses of the network interfaces, and connect UserGate to the corporate network.

In the Interfaces section, enable the desired network interfaces, assign valid IP addresses that correspond to your networks, and bind the interfaces to the respective zones. For more details on network interface management, see the chapter Network Interface Configuration. The system is supplied with a number of predefined zones:

  • Management zone (management network), port0 interface.

  • Trusted zone (LAN).

  • Untrusted zone (Internet).

  • DMZ zone.

  • Cluster zone.

  • VPN zone for remote access.

  • VPN zone for Site-to-Site.

  • Tunnel inspection zone.

Step 5. Configure the Internet gateway.

In the Gateways section, specify the IP address for the Internet gateway on an Internet-connected network interface in the Untrusted zone. For more details on configuring Internet gateways, see the chapter Gateway Configuration.

Step 6. Specify the system DNS servers.

In the DNS section, specify the IP addresses of your provider's or corporate DNS servers.

For more details on DNS management, see the chapter DNS Configuration.

Step 7. Set the server time.

In the UserGate --> General settings --> Server time settings section, configure time synchronization with NTP servers.

Step 8. Register the UserGate product.

Enter the PIN code and complete the form to register the product. To activate the system, UserGate must have Internet access.

For more details on product licensing, see the chapter UserGate Licensing.

Step 9. Create NAT rules.

In the NAT and Routing section, create the desired NAT rules. There is a predefined NAT rule "NAT from Trusted to Untrusted" that allows Internet access for the users in the Trusted network.

For more details on NAT rules, see the chapter NAT and Routing.

Step 10. Create firewall rules.

In the Firewall section, create the desired firewall rules. There is a predefined firewall rule "Allow trusted to untrusted" that allows unrestricted Internet access for the users in the Trusted network --- it only needs to be enabled.

For more details on firewall rules, see the chapter Firewall.

Step 11. (Optional) Create additional administrators.

In the UserGate --> Administrators section create additional system administrators and grant them the required privileges (roles).

Step 12. (Optional) Configure user authentication.

In the Users and devices section, create the required user authentication methods. The simplest option is to create local UserGate users with explicitly set IP addresses or use the system without user authentication (specify the user Any in all rules).

For other user authentication options, see the chapter Users and Devices.

Step 13. (Optional) Create content filtering rules.

In the Content filtering section, create HTTP(S) filtering rules.

For more details on filtering content, see the chapter Content Filtering.

Step 14. (Optional) Create safe browsing rules.

In the Safe browsing section, create additional safe browsing rules.

For more details on safe browsing, see the chapter Safe Browsing.

Step 15. (Optional) Create SSL inspection rules.

In the SSL inspection section, create rules for intercepting and decrypting HTTPS traffic.

For more details on HTTPS decryption, see the chapter SSL Inspection.

When the above steps are completed, UserGate is ready for use. For more detailed configuration, see the relevant chapters of this Guide.