Jump to:navigation, search
Wiki
























































De.png
Fr.png


Global settings of the UTM

Last adaptation to the version: 11.8

New:

  • Web server certificate can be deposited
  • Design adaptation
  • Translation

Previous versions: 11.6.12 | 11.7

Appliance settings

Appliance settings
caption: Value Description:

Firewall

╭╴ Firewall ╶╮
Firewall Name:     Full Qualified Domain Name-compliant firewall name.

Here you can define how the UTM responds to requests.
If the mail relay is to be used, it may be useful to enter the FQDN of the mail exchange (MX) here so that other mail servers can match it using the reverse resolution of the PTR resource record (PTR).

Global contact person:     This field is used to enter the name of the administrator or organization that will later be specified in the UTM error messages for queries.
Global email address:     An email address is entered here to which mails can be sent that otherwise cannot be delivered.
Otherwise, undeliverable mails remain on the hard disk space, which can lead to the fact that the available space is no longer sufficient at some point and no more mails will be accepted.

The global email address is also the postmaster address for the mail relay.

Report language: German Language in which UTM reports are sent.
Alternatively to choose: English

DNS-Server

╭╴ DNS-Server ╶╮
Check Nameserver prior to local cache: Off (Default) On On activation, the name servers entered here will check the name resolution before the local cache of the UTM.

Primary Nameserver:

Secondary Nameserver:

   

   

An dieser Stelle können die IP-Adressen zweier externer Nameserver eingetragen werden, an welche die UTM die DNS-Anfragen weiterleiten soll.

DNS servers that can be reached via the external interface should be entered here.
Please do not enter a DNS server from your own internal network.

Time Settings;

╭╴ Time Settings ╶╮
Current Date: 2020-20-32 25:00:20 The current time can also be entered manually.

refreshes the display.
In the interaction of servers, VPN connections and especially with OTP authentication, it is important that all components are synchronized in time.

NTP Server: ntp.securepoint.de The required NTP server can be entered here
Timezone: Europe/Berlin Correct time zone

Webserver

╭╴ Webserver ╶╮
Administration Webinterface Port: 11115Link= Port to reach the administration interface (which is used e.g. to display the web page shown in the image. In delivery state: 192.168.175.1:11115
User Webinterface Port: 443Link= Port to reach the user interface. This is used for example to access filtered mails and VPN configurations.

The user interface port must be changed if port 443 (HTTPS) is used for the reverse proxy.
The user interface port must be changed if port 443 (HTTPS) is forwarded.

Certificate:     Without a dedicated selected certificate, the default certificate of the UTM is used, which was issued by the default CA: firewall.foo.local
If the UTM should be recognized by the browser with a valid certificate, proceed as follows:
  1. Create a CA (→ Authentication →CertificatesTab CA Button Add CA )
  2. Export the public part of the CA
  3. Create Certificate (Certificates Button Add Certificate
    1. When CA selects the CA exported in step 2
    2. Alias DNS FQDN - Name of the UTM , as in → Network →FirewallTab Server Settings Box ╭╴ Firewall╶╮ Field firewall name: entered
      Multiple entries are possible!
    3. Alias IP IP Address IP address under which UTM can be reached.
      Several entries are possible in each case!
  4. Select the just created certificate under → Network →Server SettingsTab Server Settings Box ╭╴Webserver╶╮ Certificate:
  5. Import the exported CA in the browser as a certificate authority

Advanced Settings

╭╴ Advanced Settings ╶╮
Advanced Settings 32000Link= Advanced Settings
Advanced Settings SHORT - Log three entries per minute The Last-Rule-Logging setting controls the number of messages that are written to the Syslog.
  • NONE - Do not log
  • SHORT - Log three entries per minute
Only the first three log messages per minute are displayed.
  • LONG - Log everything

We recommend to leave the setting at short.