Global Technology Associates GBWA200501-01 User Manual

GB-WareSOFTWAREFirewallProduct GuideGBWA200501-01powered byGNAT BoxSystem Software

GB-Ware Firewall Product Guide6Modem/ISDN TA HardwareGTA recommends configuring the modem or ISDN TA on another system before installing it on GB-Ware.

1 - Introduction 7Other avenues for assistance are available through authorized GTA Channel Partners, the GNAT Box Mailing List, or the GTA web site

GB-Ware Firewall Product Guide8Additional DocumentationFor additional instructions on installation, registration and setup of a GTA product, see appli

2 – Installation 92 InstallationRegistrationTo get technical support and software updates, you must register your GTA firewall. 1) To register, go

GB-Ware Firewall Product Guide10Installing GB-Ware on PC HardwareGB-Ware software must be installed on x86 (Intel-compatible) computer hardware before

2 – Installation 11Setup for GB-Ware InstallationThe computer (either the intended firewall or an installation proxy computer) must be modified to boo

GB-Ware Firewall Product Guide12CautionInstalling GB-Ware on a hard drive will erase its contents and replace them with GB-Ware. If you wish to keep t

2 – Installation 13GNAT Box System Software Licensing AgreementSelecting a GB-Ware RuntimeThe GNAT Box System Software Runtime Installer screen will

GB-Ware Firewall Product Guide14The serial version of the GB-Ware runtime installs factory default settings; a serial or temporary peer Ethernet conne

2 – Installation 15NoteUSB pen drives may appear, but should not be selected for installation as they are not IDE-bootable devices. CD-ROM

Copyright© 1996-2004, Global Technology Associates, Incorporated (GTA). All rights reserved. Except as permitted under copyright law, no part of this

GB-Ware Firewall Product Guide16Disk Re-formatting WarningIt may take several minutes for the runtime to install. A pipe indicator (|) will be animate

2 – Installation 17attach the hardware key block to a prospective GB-Ware firewall and boot the GB-Ware disk.

GB-Ware Firewall Product Guide18

3 – Configuration 193 ConfigurationThe following sections describe how to change GB-Ware from the default configuration, in which all internal users

GB-Ware Firewall Product Guide20During installation, you chose the video or the serial console version of the GNAT Box runtime. These methods can be u

3 – Configuration 21RequirementsIf using the web user interface, you will need:• 1 crossover Ethernet cable to connect with the computer directly,

GB-Ware Firewall Product Guide22match the network address scheme. Then you may add the firewall to your network and connect remotely (by web or GBAdmin

3 – Configuration 23Temporary Network Configuration for Connection with Firewall Defaults - Mac OS X3) Reboot your computer if necessary to put your

GB-Ware Firewall Product Guide24Configuring Your FirewallYou will need to configure your firewall to match your network scheme before installing it.Requi

3 – Configuration 25On Macintosh computers, GTA does not recommend using Microsoft Internet Explorer for Macintosh (Mac IE 5). OpenSSL encryption, u

Table of Contents iiiContents1 INTRODUCTION ... 1About

GB-Ware Firewall Product Guide26Entering the Default User ID and PasswordCautionGTA recommends changing the default user ID and password to preven

3 – Configuration 27CautionClosing the browser without clicking SAVE will cause the entered data to be lost, and your firewall will remain in default

GB-Ware Firewall Product Guide28Using CIDR-based or Slash (/) Notation CIDR (Classless Inter-Domain Routing) aggregates routes so that one IP address

3 – Configuration 29CautionFailure to change the default password is a serious security weakness. GTA recommends changing the default

GB-Ware Firewall Product Guide30GBAdmin Network Information WindowEntering Your Network InformationGB-Ware requires entry of the serial number and act

3 – Configuration 31CautionClosing GBAdmin without clicking SAVE will cause the entered data to be lost, and your firewall will remain in default con

GB-Ware Firewall Product Guide321) On your computer, open terminal emulator software such as Tera Term or Microsoft HyperTerminal and enter the follow

3 – Configuration 332) If you specified the video console version during installation and your hardware was configured correctly, and the system did n

GB-Ware Firewall Product Guide34NoteIf you cancel the Setup Wizard, go to Basic Configuration then Features to enter your serial number and activation

3 – Configuration 35Run DHCP?6c. IP Address You will reach this option if you rejected use of dynamic IP address services. Enter the static IP addre

GB-Ware Firewall Product GuideivRe-configuring Your Computer ... 28Accessing the Firewall

GB-Ware Firewall Product Guide36ment Numbers Authority (IANA) has specified network addresses in RFC 1918 that are designated exclusively for internal

3 – Configuration 37Accessing Your GTA FirewallAfter completing the initial configuration in the setup wizard, your GTA firewall should be active and

GB-Ware Firewall Product Guide38

4 – Troubleshooting 394 TroubleshootingTroubleshooting BasicsGTA Support recommends the following guidelines as a starting point when troubleshooti

GB-Ware Firewall Product Guide40• Have you added a static route on the firewall to tell it which router is used to reach the Internet? Have you set th

4 – Troubleshooting 41NoteDistinguish between crossover cables and straight-through cables by comparing the connection ends. On a straight-through c

GB-Ware Firewall Product Guide42Installation of the USB Key Block3. Enter the GB-Ware serial number and activation code in the Basic Configuration th

4 – Troubleshooting 4311. The warning message “Initializing runtime slice 2 failed; No space left on device” is displayed.1. The Compact Flash card

GB-Ware Firewall Product Guide4413. How do I revert to my previous configuration after a version upgrade?The firewall’s Compact Flash or hard drive memo

4 – Troubleshooting 451. If you have more than one CD-ROM drive installed, either discon-nect the additional CD-ROM drives and retry, or verify tha

1 - Introduction 11 IntroductionAbout GTA FirewallsGlobal Technology Associates, Inc. (GTA) has been designing and building Internet firewalls since

GB-Ware Firewall Product Guide46

4 – Troubleshooting 47AppendixInstalling the Compact Flash CardIf you are installing your GB-Ware firewall on a Compact Flash card, use these instruc

GB-Ware Firewall Product Guide48WarningImproper grounding can damage your system or Compact Flash card, and may cause physical injury or death. Nev

4 – Troubleshooting 49(Refer to the motherboard’s user guide if you cannot locate the IDE controller ports.) Locating the Primary IDE Controller Por

GB-Ware Firewall Product Guide50Connecting the IDE CableInsert one end of the IDE cable into the primary IDE controller port with the red-striped side

4 – Troubleshooting 51NoteThose upgrading from GNAT Box System Software version 2.x or lower should record all configuration data and use it as a gui

GB-Ware Firewall Product Guide524) GBAdmin will connect to the GB-Ware firewall and prompt you for the user ID and password selected during installati

4 – Troubleshooting 53NoteIf your NIC is not listed, it’s possible that you are upgrading from an older version in which that NIC was support

GB-Ware Firewall Product Guide54

Index 55IndexSymbols4-pin power port 52.Aactivation code 34, 41, 47.adapter board 49.ADSL 5.asterisk. See wildcard symbol.auto-detect IDE 45.BBa

GB-Ware Firewall Product Guide2• Dynamic DNS• DNS proxy• Transparent and traditional web proxy with script blocking• DNS server (optional on 10 us

GB-Ware Firewall Product Guide56log 43.Login 26.login 43.lost 43.lost 43.lower case 43.Mmailing list 8.memory 43, 44.memory slice 16, 43.Micr

1 - Introduction 3Software SpecificationsSpecification GB-Ware 10 users GB-Ware unrestricted usersConcurrent connec-tions (standard) 1,000 128,000Con

GB-Ware Firewall Product Guide4configuration with full network speeds on all interfaces. The best possible performance can be obtained by using a Penti

1 - Introduction 5Optional Components• 1-18 additional network cards (if using the Multi-Interface Option)• Async modem (PPP connections or pager