WSG appliance
From Wiki of WFilter NG Firewall
				
								
				(Difference between revisions)
				
																
				
				
								
				|  (→Configuration Wizard) | |||
| (5 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
| {{DISPLAYTITLE:WSG Appliance Installation Guide}} | {{DISPLAYTITLE:WSG Appliance Installation Guide}} | ||
| + | |||
| + | = Overview = | ||
| + | |||
| + | [[File:WSG_overview.png|600px]] | ||
| = Front Panel Description = | = Front Panel Description = | ||
| − | == 6 Ports Model == | + | == 6/8 Ports Model == | 
| [[File:WSG_foreground.png|600px]] | [[File:WSG_foreground.png|600px]] | ||
| Line 53: | Line 57: | ||
| [[File:WSG_bridge_topology.png|750px]] | [[File:WSG_bridge_topology.png|750px]] | ||
| − | *  | + | * Each bridge have two ports. For example, you can bridge "LAN" and "WAN1" ports together: | 
| * The WSG device shall sit between router/firewall and core switch. | * The WSG device shall sit between router/firewall and core switch. | ||
| * The core switch shall be connected to the LAN port. | * The core switch shall be connected to the LAN port. | ||
| Line 75: | Line 79: | ||
| * Subnet: lan subnets to be managed, for example: 192.168.1.0/24(can be different subnet to the management IP). | * Subnet: lan subnets to be managed, for example: 192.168.1.0/24(can be different subnet to the management IP). | ||
| * Please note: when bridge management IP is applied, you need to modify laptop IP and re-access web UI via the new IP address. | * Please note: when bridge management IP is applied, you need to modify laptop IP and re-access web UI via the new IP address. | ||
| + | * Please note: if bridge is in a different subnet, you need to add "static routing" in "Config"->"Routing". | ||
| + | * Please note: if bridge ip is unreachable, you can set a separate management interface. | ||
| + | |||
| + | = Passby Deployment = | ||
| + | == Topology == | ||
| + | [[File:WSG_passby_topology.png|750px]] | ||
| + | |||
| + | * You need to setup a mirroring port in your switch first. | ||
| + | * The observ port shall be connected to the mirroring port. | ||
| + | * The management port is for NGF system to access network. Management port VLAN shall be able to reach the client VLANs. | ||
| = Failure Recovery = | = Failure Recovery = | ||
Latest revision as of 18:46, 6 July 2020
| Contents | 
[edit] 1 Overview
[edit] 2 Front Panel Description
[edit] 2.1 6/8 Ports Model
[edit] 2.2 4 Ports Model
Front Panel:
- LAN ports: 100/1000 ports, shall be connected to lan switch.
- WAN1 - WAN5 ports: 100/1000 ports, can be configured as WAN or LAN.
- USB: for USB keyboard and other USB devices.
- Power LED.
- HDD LED.
- Power switch.
Rear Panel:
- Power connector.
- VGA connector, can be connected to a VGA monitor.
[edit] 3 Gateway Deployment
[edit] 3.1 Topology
- WSG appliance can act as a firewall/gateway.
- If there is an existing firewall, WSG shall be connected after the firewall.
[edit] 3.2 Setup Steps
- Internet cable connected to WAN1.
- Laptop connect to LAN.
- Power on.
- Set laptop adapter to "obtain an IP address automatically" or assign a static IP "192.168.10.x".
[edit] 3.3 Configuration Wizard
- Navigate to: http://192.168.10.1
- Username: admin, password: 123456
-  Choose "Gateway" as the "deployment type" and setup the WAN interface(s), interface map:
- eth0 -> LAN
- eth1 -> WAN1
- eth2 -> WAN2
- eth3 -> WAN3
- eth4 -> WAN4
- eth5 -> WAN5
 
- For PPPoE, you need to input correct username/password from your ISP.
[edit] 4 Bridge Deployment
[edit] 4.1 Topology
- Each bridge have two ports. For example, you can bridge "LAN" and "WAN1" ports together:
- The WSG device shall sit between router/firewall and core switch.
- The core switch shall be connected to the LAN port.
- Router/firewall shall be connected to the WAN1 port.
[edit] 4.2 Setup Steps
- Laptop connect to LAN.
- Power on.
- Set laptop adapter to "obtain an IP address automatically" or assign a static IP "192.168.10.x".
[edit] 4.3 Configuration Wizard
- Navigate to: http://192.168.10.1
- Username: admin, password: 123456
- Choose "Bridge" as the "deployment type" and setup:
- Management IP address: a valid local subnet IP address for web UI management.
- Gateway: for WSG appliance to access internet for upgrade.
- Subnet: lan subnets to be managed, for example: 192.168.1.0/24(can be different subnet to the management IP).
- Please note: when bridge management IP is applied, you need to modify laptop IP and re-access web UI via the new IP address.
- Please note: if bridge is in a different subnet, you need to add "static routing" in "Config"->"Routing".
- Please note: if bridge ip is unreachable, you can set a separate management interface.
[edit] 5 Passby Deployment
[edit] 5.1 Topology
- You need to setup a mirroring port in your switch first.
- The observ port shall be connected to the mirroring port.
- The management port is for NGF system to access network. Management port VLAN shall be able to reach the client VLANs.
[edit] 6 Failure Recovery
In case the web UI is unavailable, you need to connect a monitor to the VGA connector and access console for failure recovery.
[edit] 7 Warranty Expiration Date
To query WSG appliance warranty expiration date, please check the serial no in bottom of your device. You can query warranty date online at WSG Appliances










