Integration into the local network, initial registration and licensing
Last adaptation to the version: 12.6.2
New:
- Updated to Redesign of the webinterface
Integration into the local network
Adjust IP addresses of the UTM via CLI
If administration via the CLI is not an issue, the IP adresses can be provided directly to the UTM via CLI
The monitor and keyboard is connected directly to the UTM.
The login is done on the console.
To be able to administer the UTM, the admin interface must be accessed via the IP of the UTM and the port of the admin interface via the interface LAN2.
In the factory settings, the UTM can be reached via https://192.168.175.1:11115.
If the IP or the interface cannot be reached from the local network, changes must be made.
- Connecting keyboard and monitor directly to the UTM
- Log in to the UTM: Username Admin / Password: insecure
- the Command Line Interface appears.
- change network configuration:
- Determine the existing interfaces: interface get
- Determine the ID of the IP addresses: interface address get
LAN2 corresponds to the internal interface through which the admin interface can be reached.
The ID is needed for changing the IP address in the next step. - Change the interface IPs: interface address set id 1 address 192.168.12.1/24
system update interface (desired IP of the internal network with subnet mask) - Activate an interface: interface address new device LAN1 or A0 address 192.168.x.y/24
system update interface
- Set up administration access:
In the factory settings, access to the admin interface of the UTM is only possible via the internal interface LAN2. If the admin interface is to be accessible via another interface, the IP of the host (or a net IP with subnet mask) must be released:
manager new hostlist 192.168.168.0/24
system update rule Here: All hosts in the network 192.168.168.0 (no matter at which interface) can access the admin interface
Attention: If e.g. the IP 192.168.175.1 is at LAN1 or A0 and the admin interface should be called from a computer in the network at LAN1, the IP 192.168.175.x must be released extra nevertheless.
Adjust the IP address of your own computer
The IP address of your own computer is temporarily adapted to the default network of the internal interface of the UTM.
This is followed by connecting your own computer to interface A1 (the internal interface) of the UTM.
This is how it works
Change IP address on Windows
- Display of network connections: r ncpa.cpl↵
- Show status of Ethernet connection with double click
- Show properties of the interface
- Show properties of the TCP/IPv4 connection
- Set IP address:
- IP address:192.168.175.2
- Subnet mask:255.255.255.0
- Default gateway:192.168.175.1 (=Default address of the internal interface of the UTM)
Display of the network interface:
- Access via desktop display:
- Click on the network icon in the taskbar next to the clock
- Click on Network and Internet settings.
- Click on Change adapter options.
- Access by command:
- Windows key r ncpa.cpl
- Double-click on the interface used to display the status of the ethernet connection
- In the status click on the button Properties
- Select the entry Internet Protocol, Version 4 (TCP/IPv4) in the properties.
- Click Properties button
- Select entry Use the following IP address:
- Set IP address:
- IP address:192.168.175.2
- Subnet mask:255.255.255.0
- Default gateway:192.168.175.1 (=Default address of the internal interface of the UTM)
Change IP address on Linux
Please refer to the corresponding documentation of the used distribution.
Examples for Ubunutu:
- Opening the terminal
- Identify the name of the interface: ip a
- Change IP address: (In the example enp0s3 is the interface used: sudo ip address add 192.168.175.2/24 dev enp0s3
Change IP address on a MAC
Change IP address on a MAC
notempty
- Menu System settings / network
- Configure IPv4: Manuell
select in the dropdown menu - IP address:192.168.175.2
- Subnet mask:255.255.255.0
- Router:192.168.175.1 (=Default address of the internal interface of the UTM)
- Button:
After finishing the installation wizard and rebooting, the UTM is located in another network.
For further configuration, the IP address of your own computer must then be changed again.
For further configuration, the IP address of your own computer must then be changed again.
Setting the original IP address:
- Fixed IP Addresses: Enter as described above
- Enable DHCP:
- Windows: Properties Internet Protocol Version 4 (TCPIPv4) → select Obtain an IP address automatically
- Linux: Example for Ubuntu: sudo ip address del 192.168.175.2/24 dev enp0s3
sudo dhclient enp0s3
If necessary, refer to the documentation of the distribution used. - MAC: coming soon...
First access
If not already done, the following connections must be made now physically:
- Connect interface for the external interface (A0) towards the Internet (modem, router, etc.).
- Connect the internal interface (A1)
- with your own computer, if the IP address has been adjusted on it.
- to the network from which the UTM is to be administered, if the IP address of the UTM has been adjusted.
https://192.168.175.1:11115 (Default) or
https://172.16.0.1:11115, if the IP address of the UTM was changed to 172.16.0.1
When the admin interface is called up for the first time, a certificate warning appears in the browser.
Since the browser doesn't know the certificate of the UTM, a security warning is issued.
This warning must be ignored.
Message in Firefox: Warning: Potential security risk ahead
Button /
Button /
Message in Chrome / Chromium: This is not a secure connection. At the end click on Continue to IP address (unsure) .
Message in Edge: Your connection isn't private. At the end click on Continue to IP address (unsure) .
Message in Safari:
Button / Link Open this website
Button / Link Open this website
First registration | |||
| Caption | Value | Description |  |
|---|---|---|---|
| User | admin | Login with the default login information of the factory settings: admin | |
| Password | insecure | Login with the default login information of the factory settings: insecure | |
| Login (Admin) | |||
Agree to license agreement and privacy policy | |||
| The license agreement and privacy policy must be accepted by clicking the button. | UTM  The privacy policy must be agreed to. UTM  The license agreement must be agreed to.
| ||
Basic configurations | |||
| Firewall name | firewall.ttt-point.local | An individual firewall name must be assigned. |
UTMuser@firewall.name.fqdn  Basic configurations The fields displayed may vary depending on what information is already available on the UTM
|
| System time | yyyy-mm-dd hh-m--ss | The system time should be correct. It is compared with other servers, e.g. for user authentication (Kerberos, OTP, etc.). If the deviation is too large, for example, login will not be possible. | |
| License key | Import valid license. | ||
| Global email address: notempty New as of v12.4.4
|
admin@ttt-point.de | Required information e.g. for the mail connector and the proxy. Also serves as postmaster address for the mail relay. | |
| Authentication method: notempty New as of v12.5.1
|
Authentication method for Web sessions via USC Der Webession-PIN sichert auch die Benutzung der folgenden Aktionen im Rahmen der USC ab:
Wenn der PIN nicht genutzt wird, sind diese Aktionen nicht aus dem Unified Security Portal aufrufbar. | ||
| PIN: notempty New as of v12.5.1
|
PIN as additional security for Websessions No number sequences or duplications are allowed | ||
| Creates a secure PIN | |||
| Displays the license agreement | |||
| Displays the privacy policy | |||
| Logs off again. No settings are saved! | |||
| Complete | Completes the login process and opens the Welcome window. | ||
Welcome | |||
| Basic settings are completed with the welcome dialog. | UTMuser@firewall.name.fqdn  Welcome dialog
| ||
| Starts the Installation Wizard. | |||
| Starts a tour that explains the admin interface and menus in 15 steps. | |||