| Home Prev |  NetWall 300 Series Getting Started Guide
|
Next |
|---|
This chapter discusses initial cOS Core configuration for the 300 Series. The initial setup sections consist of:
Section 4.2, Web Interface and Wizard Setup describes using a web browser with the cOS Core Setup Wizard over a network connection.
Section 4.3, Manual Web Interface Setup describes using a web browser over a network connection to perform setup manually (without the wizard).
Section 4.4, Manual CLI Setup describes manual setup using the cOS Core CLI either over an SSH network connection or directly through a local console connection to cOS Core.
In all the above cases, it is assumed that the requirement is to set up cOS Core so that traffic from a protected network can enter one firewall Ethernet interface, be filtered, and then exit another Ethernet interface towards the Internet or other wide area network.
![[Tip]](images/tip.png) |
Tip: Upgrade to the latest cOS Core version |
|---|---|
|
A new NetWall 300 Series unit may not have the very latest cOS Core version pre-installed. After initial setup, it is recommended to upgrade to the latest available cOS Core version. The procedure for upgrading is described in the separate cOS Core Administration Guide. |
This section describes the predefined entries in the default cOS Core configuration that are unique to the NetWall 300 Series.
Ethernet Interface DHCP settings
The NetWall 300 Series appliance comes with a default cOS Core configuration with the following settings on the Ethernet interfaces:The G1 interface has a DHCP server enabled. This means connecting clients will be automatically allocated an IP address by cOS Core, providing the client has DHCP enabled on its connecting interface. Clients will also be allocated DNS server addresses if cOS Core itself has received them from an ISP.
The G6 and S1 interfaces both have a DHCP client enabled. This means they can be automatically assigned an IP address if either is connected to an ISP. DNS server addresses can also be received by cOS Core.
Zone Groupings
The Ethernet interfaces are also grouped together into a Zone in the cOS Core configuration in the following way:The interfaces G6 and S1 belong to a predefined Zone object called WANZone.
The Predefined IP Rule Set
The default configuration also contains a predefined IP rule set that allows traffic to flow from the G1 interface and its network to the WANZone interfaces. This means that protected clients on G1 will have predefined access to the Internet through S1. Alternatively through G6 if S1 is not available.The Predefined all-nets Routes
There is a predefined all-nets route for both the G6 and S1 interfaces. The S1 route has a lower value for its Metric property which means it will take precedence over G6 for Internet traffic if both are connected to an ISP. However, should the S1 connection become unavailable, cOS Core will automatically route all-nets traffic through G6, providing redundancy.Changing the Default Configuration
Note that there are no restrictions on how cOS Core is configured in the NetWall 300 Series product or how the Ethernet interfaces are used. The administrator is free to change or delete any of the default configuration components.