Versions Compared

Old Version 1

changes.mady.by.user Pietro Pires Santos

Saved on

compared with

New Version Current

changes.mady.by.user Pietro Pires Santos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
borderColor#d04437
bgColor#fffbf6

Image RemovedImage AddedAs the GSM policies that are in the header have priority over those of the UTM, It is recommended that when creating a policy package to be used in provisioning, that they are created in the footer for security so that they do not overwrite important permissions of the UTM policies.

...

Panel
borderColor#d04437
bgColor#fffbf6

Image RemovedImage AddedWhen deploying using a policy that uses QoS, it will be necessary to activate the WAN interface in Network - Traffic Shaping, otherwise the policy will not work.

...

1. Click on the “Create Device” option;


Image RemovedImage Added

Provisioning – Create Device

...

2. The "Device" window is made up of the "General", "Network" and "Certificate" tab. When adding a device for provisioning fill the fields with the device settings, basically as if you were going to install a UTM normally. Complete the fields as shown below:


Image RemovedImage Added

Create DeviceDevice - General

...

3. After filling in the fields on the "General" tab, fill in the fields on the "Network" tab, as shown below:


Image RemovedImage AddedCreate DeviceDevice - Network

...

  • Hostname: Defines the Hostname. It can be anyone as long as it complies with the FQDN - Fully Qualified Domain Name. Ex.: GSM;
  • Language: Select the default languageEx.: English;
  • Timezone: Select the time zone. Ex.: America/Sao_Paulo;
  • Gateway: Sets the default route for the network. Ex.: 176.16.102.1;
  • Suffix DNS: Determines the domain of the network. Ex.: blockbit.com;
  • DNS Server: Defines the network or internet DNS server. Ex.: 176.16.102.161;
  • NTP Server 1: Sets the clock synchronization server. Ex.: a.ntp.br;
  • ETH[Image RemovedImage Added]: Activate the desired network interfaces by checking the checkbox;
    • IP Address: Inform which network address the settings will be applied to;
    • Net Mask: Inform which will be the netmask;
    • Network zone: Determine the Network Zone. By default, the default options are: LAN, WAN and DMZ;
    • DHCP Server[Image RemovedImage Added]: Enable this checkbox to distribute IP addresses as network devices request connection.

...

Panel
borderColor#ffeaae
bgColor#fffbf6

Image RemovedImage AddedIf an IP is defined on the eth0 port, when performing the UTM provisioning, the IP change will be applied replacing DHCP, thus requiring the user to access the IP defined on port 98.

...

4. After completing the fields on the "Network" tab, complete the fields on the "Certificate" tab, as shown below:


Image RemovedImage Added

Create DeviceDevice - Certificate

...

5. To save changes, click [Image RemovedImage Added], otherwise click [Image RemovedImage Added] to close the window.


Image RemovedImage AddedSaved successfully

...

When saving the settings, a confirmation email will be sent to the address that is registered on the Blockbit License Portal. You will need to click on the link that will appear in the body of the email to actually start provisioning itself.


Image RemovedImage AddedProvisioning - Confirmation email

...

A confirmation email will be sent when authorizing provisioning, as shown below:


Image RemovedImage AddedProvisioning - Provisioning confirmation

...

It is possible to track the progress of provisioning through the Status and Progress column in the Provisioning tab of the GSM, as shown below:


Image RemovedImage Added

Provisioning - Provisioning progress

...

It is also possible to see the provisioning progress through the UTM interface that will be provisioned. As shown in the following image:


Image RemovedImage AddedProvisioning - Provisioning in progress

...

Panel
borderColor#aab8c6
bgColor#fefefe

Image RemovedImage AddedThis screen will be displayed in Portuguese or English according to the user's browser settings.

...

If provisioning is completed successfully, an automatic redirection to the login screen will occur, as shown below:


Image RemovedImage AddedProvisioning - Redirect

...

Panel
borderColor#d04437
bgColor#fffbf6

Image RemovedImage AddedATTENTION: When performing Zero Touch provisioning, DO NOT turn off the device before you are actually able to log into UTM. Check the Status and Progress column on the GSM Provisioning tab to get a more accurate view of the progress of the procedure. If there is a power outage at any time during provisioning, it is recommended to remove the provisioning that was made in GSM, access the CLI and use the rewizard command on the appliance, so that provisioning is restarted from the initial step and also to restart all installation settings that will be made in the UTM.

...

If provisioning is successful, the device will be displayed in the Inventory tab, in the same way as a manually linked device.


Image RemovedImage AddedProvisioning - Device moved to Inventory tab

...

Panel
borderColor#ffeaae
bgColor#fffbf6

Image RemovedImage AddedAfter finishing configuring Zero Touch Provisioning, if you need to send logs to GSM, access the Settings menu, Administration option, Central Management tab in UTM, check the Enable Manager [Image RemovedImage Added] checkbox and configure the Manager Address field with the IP of the GSM logger.

...

If provisioning is not completed successfully, a panel with two buttons will appear:


Image RemovedImage Added

Provisioning - Configure Provisioning

...

If provisioning does not occur because the DNS is unable to provide a valid path to the Blockbit License Portal, click on the button [Image RemovedImage Added] so that the panel illustrated below is displayed, it is possible to configure a valid IP so that the UTM can properly license.


Image RemovedImage AddedProvisioningAdd a valid IP


Through the option [Image RemovedImage Added] it is possible to make the configuration manually, when selecting this option you will be directed to the standard Wizard. This will also happen if the license has expired or expired, the user will be notified and directed to the normal Wizard. For more information on how to configure it, see the UTM Wizard configuration page.

...