Connecting to UserGate

Name

Description

Step 1. Connect to the management interface

If DHCP server is available
Connect the eth0 interface to your corporate network with active DHCP server. Launch UserGate. After rebooting, UserGate will display the IP address to which you need to connect for product activation.

Static IP address
Launch UserGate. Assign an unallocated IP address to the eth0 using CLI (Command-Line Interface). For more details on CLI, please refer to the Command-line interface (CLI) section.

Connect to the web console of UserGate using the specified address which should look like this: httpS://UserGate_IP_address:8001

Step 2. Select a language

Select a language which you want to use during the initial configuration process.

Step 3. Enter a password

Specify the username and password for the web administration interface.

Step 4. Register the system

Enter PIN to activate the product and fill in the registration form. UserGate will require the Internet access for proper activation. If you cannot activate the system on this step, you can perform it later on step 10 after setting up the network interfaces.

Step 5. Set up the zones and IP addresses of interfaces and then connect UserGate to your corporate network

In the Interfaces section, enable the interfaces you need, allocate valid IP address from your local networks and then group these interfaces by zone. For details on how to manage interfaces, please refer to Configuring interfaces. By default, the system provides several predefined zones:

* Management (administration network), eth0 interface

* Trusted (LAN);

* Untrusted (Internet);

* DMZ (DMZ);

* Cluster

* VPN for remote access

* VPN for Site-to-Site

Step 6. Set up the Internet gateway

In the Gateways section, specify the IP address of your Internet gateway (for the Internet access interface) in the Untrusted zone.
For details on how to manage interfaces, please refer to VPN device is a virtual network interface for connecting VPN clients. This type of interface is clustered interface, which means it virtually exists on all cluster's nodes, and if high availability cluster is configured, VPN clients will be automatically switched to a backup node without VPN connection interruption. To create a new VPN interface, click on Add in Network-->Interfaces and select Add VPN. Set the following fields:

UTM is preconfigured with 3 VPN interfaces:

* tunnel1 is preconfigured for use for Remote access VPN.

* tunnel2 is preconfigured for use for server side of Site-to-Site VPN.

* tunnel3 is preconfigured for use for client side of Site-to-Site VPN.

Configuring gateways.

Step 7. Specify DNS servers of the system

In the DNS section, specify the IP addresses of DNS used in your corporate network.
For details on how to manage DNS, please refer to Configuring DNS.

Step 8. Create the NAT rules

In the NAT & routing section, create the necessary NAT rules. The system is predefined with the NAT rule required for Internet access from the Trusted network ("Trusted-->Untrusted").
For details on how to create NAT rules, please refer to

NAT and routing.

Step 9. Create the firewall rules

In the Firewall section, create the necessary firewall rules. The system is predefined with the firewall rule required for unlimited Internet access from the Trusted network ("Internet for Trusted"), so you can simply enable it.
For details on how to create firewall rules, please refer to Firewall.

Step 10. Register the product (if haven't registered it on step 4)

In the General settings section, enter your PIN to register the product. For successful registration, make sure that the Internet connection is active and all the above steps are completed.
For more details on product licensing, please refer to UserGate licensing.

Step 11. Create additional administrators (optional)

In the Device management section, create additional system administrators and grant them necessary rights (via roles).

Step 12. Set up user authentication (optional)

In the Users and devices section, define the necessary methods of user authentication. The simplest way to do this is to create local UserGate users with fixed IP addresses or disable user identification completely (i.e. apply the "Any" user to all rules).
For details on other authentication options, please refer to Users and devices.

Step 13. Create the content filtering rules (optional)

In the Content filtering section, create the HTTP(S) filtering rules.
For more details on content filtering, please refer to the Content filtering section.

Step 14. Create the safe browsing rules (optional)

In the Safe browsing section, create the additional safe browsing rules.
For more details on safe browsing, please refer to the Safe browsing section of this Guide.

Step 15. Create the HTTPS inspection rules (optional)

In the SSL inspection section, create the capturing and decryption rules for HTTPS traffic. For more details on HTTPS decryption, please refer to SSL inspection.