gb-ware® - gta - global technology associates · pdf filepreparing the gb-ware hardware...

Product Guide

Global Technology Associates3505 Lake Lynda Drive Suite 115

Orlando, FL 32817

Tel: +1.407.380.0220Fax. +1.407.380.6080Email: [email protected]

Web: www.gta.com

GB-OS 6.2®

GBWA201411-01

GB-Ware®

Powered by:

ii

GB-Ware Product Guide

Table of Contents

Table of ContentsIntroduction........................................................................................................................................................................................... 1

Features. …………………………………………………………………………………………………………………………………… 1Standard Features ……………………………………………………………………………………………………………………… 1Optional Features ……………………………………………………………………………………………………………………… 1

Additional Options for 10-User Version …………………………………………………………………………………………… 1Software.Specifications. ………………………………………………………………………………………………………………… 2Hardware.Specifications. ………………………………………………………………………………………………………………… 2

Memory Recommendations …………………………………………………………………………………………………………… 3PPP Hardware ………………………………………………………………………………………………………………………… 3

Serial Port Hardware ………………………………………………………………………………………………………………… 4Modem/ISDN TA Hardware ………………………………………………………………………………………………………… 4Cable Modems and xDSL Hardware ……………………………………………………………………………………………… 4

Support.……………………………………………………………………………………………………………………………………… 5Support Options ………………………………………………………………………………………………………………………… 5Software Updates ……………………………………………………………………………………………………………………… 5

About.This.Guide. ………………………………………………………………………………………………………………………… 5Conventions.………………………………………………………………………………………………………………………………… 5

Installation.............................................................................................................................................................................................6Registration.………………………………………………………………………………………………………………………………… 6

Retrieving Activation Codes …………………………………………………………………………………………………………… 6Installing.GB-Ware.on.PC.Hardware.…………………………………………………………………………………………………… 6

Installation Requirements ……………………………………………………………………………………………………………… 6Preparing the GB-Ware Hardware …………………………………………………………………………………………………… 7

Upgrading Hard Drive GB-Ware Installations from 3.4.x to 6.1.0 ……………………………………………………………… 7Installing the Compact Flash Card Reader or IDE Adapter …………………………………………………………………… 8Setting the Boot Sequence ………………………………………………………………………………………………………… 8

Installing the GB-Ware Runtime ……………………………………………………………………………………………………… 8Installing.GB-Ware.on.Virtual.Hosts.…………………………………………………………………………………………………… 9Running.the.GB-Ware.Installer. ………………………………………………………………………………………………………… 9

Accepting the End User License Agreement ……………………………………………………………………………………… 9Selecting the Installation Item ……………………………………………………………………………………………………… 10Selecting the Installation Disk ……………………………………………………………………………………………………… 11Installing the Runtime ……………………………………………………………………………………………………………… 12Completing Installation ……………………………………………………………………………………………………………… 12

GB-Ware Online Activation …………………………………………………………………………………………………………… 13Restarting the GB-Ware Firewall …………………………………………………………………………………………………… 13

Initial.Configuration............................................................................................................................................................................14Selecting.a.User.Interface. ……………………………………………………………………………………………………………… 14

Requirements …………………………………………………………………………………………………………………………… 14Using the Web Interface ……………………………………………………………………………………………………………… 14

Connecting to the Firewall ………………………………………………………………………………………………………… 14Configuration Using the Web interface …………………………………………………………………………………………… 15Logging Into the Firewall …………………………………………………………………………………………………………… 15Running the Basic Setup Wizard …………………………………………………………………………………………………… 16

Accessing Your GTA Firewall ………………………………………………………………………………………………………… 19Using the Console Interface …………………………………………………………………………………………………………… 20

Video Console Interface …………………………………………………………………………………………………………… 20Serial Console Interface …………………………………………………………………………………………………………… 20Switching Between Console Interfaces …………………………………………………………………………………………… 21

Troubleshooting..................................................................................................................................................................................22Guidelines.…………………………………………………………………………………………………………………………………… 22Frequently.Asked.Questions.(FAQ). …………………………………………………………………………………………………… 22Reference.A:.Installing.the.Compact.Flash.Card. …………………………………………………………………………………… 27Requirements.……………………………………………………………………………………………………………………………… 27Assembling.the.Compact.Flash.IDE.Adapter.………………………………………………………………………………………… 28Installing.the.Compact.Flash.IDE.Adapter. …………………………………………………………………………………………… 28

Locating IDE Controller Ports ………………………………………………………………………………………………………… 28Mounting the Compact Flash Card …………………………………………………………………………………………………… 29Connecting the IDE Cable …………………………………………………………………………………………………………… 29Connecting the Power Supply ………………………………………………………………………………………………………… 30

Compact.Flash.Adapters.Boards.and.ATA/IDE.Cable.Compatibility.. …………………………………………………………… 30Adapter Boards ……………………………………………………………………………………………………………………… 30Conductor ATA Cables ……………………………………………………………………………………………………………… 31

1


Introduction

IntroductionGB-Ware is a complete software firewall system that loads from a Compact Flash module or hard drive installed on x86 or x86-84 hardware. After software installation, GB-Ware must be configured for local network requirements either manually or using the Basic Setup Wizard found in the Web interface.

FeaturesGB-Ware includes a number of features to help you protect your network resources from unauthorized use.

Standard FeaturesGTA’s NAT (Network Address Translation) and Stateful Packet Inspection engine are at the heart of all GB-Ware firewalls. These facilities, tightly integrated with the network layer, guarantee maximum data throughput, reliable NAT and unparalleled security. (Pass through policies allow the use of the firewall without NAT.) GB-Ware features also include:

• Email proxy with optional spam and virus prevention tools• Intrusion Prevention• IPSec VPN (Virtual Private Networking)• Encryption methods including DES, 3DES, AES, Blowfish and Camellia• User authentication for any platform via the GBAuth utility• DHCP and DNS services via built-in DHCP and DNS servers*• Transparent network access for standard TCP and UDP applications• Protocols including FTP, PASV FTP, RealAudio/Video, ICQ, AIM, online gaming, Net2Phone, PPP,

PPPoE and PPTP• Bridging for user-identified Ethernet protocols• Safe access to external networks using the PSN, GTA’s enhanced DMZ network• Secure remote logging using the GTAsyslog or a third-party syslog• Default stealth (no ping) mode• NAT-T• VLAN support

GB-Ware administrators have a choice of two user interfaces:

• Web interface: A secure platform independent remote management interface providing comprehensive access to configuration options via a frames-enabled, SSL-compatible Web browser.

• Console interface: Primarily used for firewall recovery access with limited configuration options. The Console interface is accessible using either a serial or a video connection.

Optional Features• Email filtering with Mail Proxy optional features Anti-Spam and Anti-Virus• Content Filtering with a Web Filtering subscription for URL categorization• VPN hardware acceleration• A variety of support offerings for firmware upgrades• GTA certified Compact Flash card• Multi-Interface option (up to 20 network interfaces)• Additional Mobile VPN Clients

Additional Options for 10-User Version• 25, 50 or unrestricted user license upgrades• GB-Ware Plus Packages (DNS server and PSN (DMZ))

*Available on select GTA firewalls.

2


Introduction

Software SpecificationsTable 1.1: Software Specifications

Specification 10 Users Unrestricted Users Enterprise

Concurrent Users 10 Unrestricted UnrestrictedConcurrent Connections 1,000 128, 000 Varies*PPP Configurations 5 5 5Tunnels 25 300 1,024Static Routes 10 300 1,024Security Policies (each kind) 75 400 12,500Protocols 255 255 255IP Aliases 5 300 1,024IP Pass-through Hosts 10 300 300Address Objects 50 600 1,024Time Group Objects 75 100 256VPN Security Associations 20 600 10,000VPN Users (maximum non-concurrent) 50 750 7,500Mobile VPN Users (maximum concurrent) 10 300 5,000Mobile IPSec Client, PPTP, and L2TP Licenses

2 2 2

GTA SSL Client Licenses 2 2 2DNS Server Optional Standard StandardDNS Domains Optional 20 20DNS Hosts Optional 500 500DNS Networks Optional 80 80VLANs 10 300 4,096Interfaces 2 3 4Top User Reports 10 50 100*Concurrent connections are memory dependent up to 4GB with over 3 million connections.

Hardware SpecificationsGB-Ware is designed to operate efficiently on a broad spectrum of hardware; but remember, the hardware you select will impact GB-Ware’s performance. This is especially true when GB-Ware is used in an intranet configuration with full network speeds on all interfaces. The best possible performance can be obtained by using a Pentium class or higher CPU with PCI network cards.

NoteCheck www.gta.com for an up-to-date list of compatible network interface cards and drivers.

GB-Ware running GB-OS 6.1.0 and above will no longer support the CFDISK.1B or CFDISK.1C IDE/Compact Flash Adapter from PC Engines. Any GB-Ware firewall using the CFDISK.1B IDE or CFDISK.1C IDE/Compact Flash Adapter boards should have the adapter board replaced prior to upgrading to GB-OS 6.1.0 and above. See Compact Flash Adapters Boards and ATA/IDE Cable Compatibility for more information.

http://www.gta.com

3


Introduction

System Requirements:• x86 architecture processor; Pentium-class or faster CPU recommended• Optional CPU supports 64 Bit OS• Memory requirements differ between products

• GB-Ware (User Limited) - 512 MB RAM• GB-Ware Unrestricted - 1 GB RAM• GB-Ware Enterprise - 2 GB RAM

• 1 storage device:• 1 GB GTA-certified Compact Flash card with Compact Flash IDE adapter and Ultra DMA

(80-Conductor) IDE/ATA cable, or;• 1 GB ATA (IDE) compliant hard disk drive, or;• 1 GB SATA compliant hard disk drive.

• 2 compatible network cards (NICs)• 1 Serial (RS-232/COM) port• 1 USB port on the motherboard (for hardware key block installation)• 1 ATAPI (IDE) CD-ROM (installation and recovery only)• 1 Video card, 1 monitor and 1 keyboard (for video console use only; keyboard may not be

required for operation if the motherboard’s BIOS supports booting without a keyboard)• Ethernet cables: crossover cables for connections to routers or computers; straight-through

cables for connections to hubs or switches

Optional Components:• 1-18 additional network cards (if using the Multi-Interface Option)• Async modem (PPP connections or pager only)• ISDN TA with RS-232 interface (PPP connections only)• Cable modem• Serial ports for COM 1-4 (1645x/1655x UARTs only)

Memory RecommendationsAdding RAM is an easy, cost-effective way that may boost system performance. Generally, the more features that are being utilized (e.g. DNS server or Mail Proxy), the more RAM is recommended for optimum performance.

NoteSome GB-Ware options may require additional RAM.

PPP HardwareGB-OS supports the use of a PPP network connection in place of a network interface card for the external network interface. The PPP interface supports only a dial-up connection and a single remote system configuration. One of the following should be used:

• An external asynchronous modem. COM ports 1-4 are supported; only COM ports based on the 1645x/1655x UARTs are supported.

• An internal asynchronous modem. Only modems that use 1645x/1655x compliant UARTs are supported.

• An ISDN external modem/terminal adapter. COM ports 1-4 are supported; only COM ports based on the 1645x/1655x compliant UARTs are supported.

• Network interface card (NIC) for use with PPPoE (ADSL) or PPTP.

4


Introduction

Serial Port HardwareMost serial ports will easily support any asynchronous modem or a single BRI 64Kbps ISDN connection. If both channels of a BRI line are used to achieve 128Kbps, throughput may be limited to 115Kbps due to serial port limitations.

Modem/ISDN TA HardwareGTA recommends configuring the modem or ISDN TA on another system before installing it on GB-Ware. Most modems allow the storage of a user configuration and the recall of this configuration using a specific command (e.g. ATZ). It is usually easiest to configure the modem before installation, and then to recall that configuration and set the modem with a few commands.

NoteThe default configuration for most modems will generally work with GB-Ware.

You should configure the modem to use a fixed DTE speed (the speed at which the computer talks to the modem). If the modem supports DTE speeds of 38,400 or 57,600 baud, use whichever of these values will ensure the highest throughput. Configure your serial port to the highest possible speed when using an ISDN TA. Unless you wish to connect at a specific speed, set DCE (the speed at which the modem talks to a remote modem) to auto-negotiate.

Cable Modems and xDSL HardwareCable modems and DSL (ADSL etc.) configurations utilize a passive interconnection device (cable modem, xDSL box) that is typically connected to an Ethernet network interface card via a special network patch cable (crossover cable).

5


Introduction

SupportInstallation ("up and running") support is available to original owners who have registered their firewall. If you need installation assistance during the first 30 days of original ownership, contact the GTA Support team by emailing [email protected]. Be sure to include your product name, serial number, activation code, feature activation code numbers for your optional/subscription features and if possible a Configuration Report.

Installation support only covers installation and default configuration of the firewall. For further assistance, contact an authorized GTA Channel Partner or GTA Sales staff for information about support offerings.

Support OptionsIf you need support after installation and default configuration, a variety of support contracts are available. Contact an authorized GTA Channel Partner or GTA Sales staff for more information. Support ranges from support per incident to annual contract coverage.

Other avenues for assistance are available through an authorized GTA Channel Partner, the GTA Firewall User Forum (forum.gnatbox.com), or the GTA Web site (www.gta.com).

Software UpdatesOnce registered, you can view available updates in the GTA Online Support Center section of the GTA Web site (www.gta.com/support/center/login/). Click on the serial number of your registered product to see if an update is available for that specific unit. Click on the DOWNLOADS.link to view all available software versions. Updates are also available through the GB-OS Web interface.

To check for and install updates to GB-OS:• Navigate to Configure>Configuration>Runtime>Update.• In the AvAilAble UpdAte(s) section, click the CHECK.NOW button.• If an update is available, installation notes and an INSTALL button will appear for the update.

CAUTIONBefore updating, be sure to backup your configuration.

About This GuideThis Product Guide describes how to set up and install GB-Ware and change the factory settings to your network’s configuration scheme. The GB-OS User’s Guide includes configuration functions, descriptions of the Web interface, administrative tools and terms specific to GB-OS.

User’s guides, product guides and feature guides are available for GTA products. These manuals and other documentation for registered products can be found at www.gta.com and on installation CDs.

ConventionsA few conventions are used in this guide to help you recognize specific elements of the text. If you are viewing this guide in PDF format, color variations may also be used to emphasize notes, warnings and new sections.

Bold Italics EmphasisItalics PublicationsBlue Underline Clickable hyperlink (email address, Web site or in-PDF link)Small CapS On-screen field namesMonospace Font On-screen textCondensed Bold On-screen menus, menu itemsBOLD.SMALL.CAPS On-screen buttons, links

mailto: [email protected]

http://www.gta.com

http://www.gta.com

http://www.gta.com/support/center

http://www.gta.com

6


Installation

InstallationThis chapter covers the registration and the installation of GB-Ware.

RegistrationTo be eligible for technical support and software updates, you must register your GTA firewall.

1. To register, visit www.gta.com. Click on SUPPORT and then the SUPPORT.CENTER link to visit https://gta.com/support/center/login/.

2. If you do not have an online support account, click on the CREATE.AN.ACCOUNT.NOW link and enter your information. Once you have completed the form, click the SUBMIT.button to save the profile.

3. Enter your user ID and password on the login page. Click on the REGISTER.A.PRODUCT link. Enter your serial number and installation code, then click the SUBMIT.button. Write down the activation code and store it with your serial number and installation code records. To view your registered products, click the VIEW.YOUR.REGISTERED.PRODUCTS link.

In addition to qualifying you for installation support, your product registration will allow GTA to inform you about software updates and special offers.

NoteIf you cannot retrieve your activation code, or a code does not appear under VIEW.YOUR.REGISTERED.

PRODUCTS, please email [email protected] with a brief description of your problem in the body of the email. Include the product serial number and your online support account’s user ID in the email subject.

Retrieving Activation CodesOptional features require separate feature activation codes. Serial numbers and installation codes are included with the packaging and are also available under VIEW.YOUR.REGISTERED.PRODUCTS on the GTA Online Support Center, http://www.gta.com/support/center/login/. GB-Ware serial numbers and installation codes are required to retrieve GB-Ware activation codes.

Installing GB-Ware on PC HardwareGB-Ware software must be installed on x86 (Intel-compatible) computer hardware before you can use your firewall. The GB-Ware installation CD will install the firewall software onto your computer hardware.

CAUTIONDuring the installation process, all pre-existing information stored on the computer’s hard drive or Compact Flash card will be destroyed. Once GB-Ware has been installed on your system, the unit will become a single purpose firewall that will not run other applications.

Installation RequirementsGB-Ware can be installed either on a bootable Compact Flash disk or hard drive on the intended firewall, or installed onto a Compact Flash disk using a USB reader/writer on a proxy computer, and then later inserted into the intended firewall.

NoteSee Reference A: Installing the Compact Flash Card for instructions on installing a Compact Flash card and Compact Flash adapter.

http://www.gta.com


mailto: [email protected]


7


Installation

To install GB-Ware directly onto the hard drive or Compact Flash card of the intended firewall, you will need the following components:

• x86 (Intel-compatible) computer with 512 MB RAM• USB port (on the motherboard only)• ATAPI (IDE) CD-ROM drive• Video card, monitor and keyboard (video console only)• 1 GB (or larger) ATA (IDE) compliant hard disk drive, 1 GB (or larger) SATA compliant hard disk

drive• GB-Ware software and hardware key block with activation code

To copy GB-Ware onto a Compact Flash disk using a computer other than the intended firewall (for later installation in the intended firewall), you will need these components:

• x86 (Intel-compatible) computer with a USB port and ATAPI (IDE) CD-ROM drive• GTA-certified 1 GB (or higher) Compact Flash card• USB Compact Flash card reader/writer• GB-Ware software and hardware key block with activation code

NoteGTA recommends installing only hardware required by GB-Ware or GB-Ware options. Non-essential devices such as SCSI controllers and sound cards remain unused and may in some cases decrease firewall performance.

Preparing the GB-Ware HardwareIf GB-Ware is to be installed onto a hard disk drive, then a 512 MB or greater ATA (IDE) or SATA hard disk drive must be installed on the intended firewall.

If GB-Ware is to be installed onto a Compact Flash card, then the computer (either the intended firewall or an installation proxy computer) must have a Compact Flash card reader or a Compact Flash IDE Adapter installed.

Finally, the computer needs to be configured to boot from a CD-ROM drive. This enables the GB-Ware installation CD to activate and install the GB-Ware firewall software when powering on the PC.

Upgrading Hard Drive GB-Ware Installations from 3.4.x to 6.1.0When upgrading a hard drive GB-Ware firewall from version 3.4.x to 6.1.0:

1. Back up the firewall configuration. 2. Reinstall the firewall software completely from the CD. 3. Restore the configuration.

The GB-Ware CD image (ISO-9660) is available for download from GTA’s Online Support Center, http://www.gta.com/support/center/login/. Failure to reinstall from the CD may cause hard drive geometry errors that prevent the upgrade.

8


Installation

Installing the Compact Flash Card Reader or IDE AdapterIf GB-Ware is to be installed onto a Compact Flash card, then the Compact Flash card reader must be installed before the GB-Ware installer can be run.

To install the Compact Flash card reader or IDE adapter:1. Attach the USB Compact Flash card reader or Compact Flash IDE adapter and insert the

Compact Flash card. Alternately, attach a hard drive. See Reference A: Installing the Compact Flash Card for detailed instructions. (Skip this step if installing on an existing hard drive.)

xWARNINGOnly install the Compact Flash IDE adapter when your computer is powered off and unplugged. Failure to unplug the computer could result in destruction of equipment, or serious harm or death due to electrical current. Never install internal computer hardware while it is plugged in or powered on.

2. Power on the computer. Insert the GB-Ware installation CD into the system’s CD-ROM drive.3. Restart the computer using a cold reboot. (In a cold reboot, shut down, turn off, and then turn

your computer back on.)

Setting the Boot SequenceUsing the appropriate process for your computer system, change the sequence so that the system boots from an IDE CD-ROM drive.

NoteSetting the boot sequence varies by computer. Please consult your computer’s hardware documentation to set the boot sequence on your computer

To set the boot sequence:1. Power on the computer and enter the CMOS (BIOS). Do this before any installed operating

system (such as Microsoft Windows) boots.2. Change the boot sequence so that a CD-ROM drive attempts to boot first, before all other drives

on the IDE controller. This will enable the GB-Ware System installation CD to boot upon powering up the computer.

3. Save the settings and exit the BIOS. Power off the computer.

Installing the GB-Ware Runtime

xWARNINGInstalling GB-Ware on a hard drive will erase its contents and replace them with GB-Ware. If you wish to keep the data on a hard drive, do not install GB-Ware on it; instead, install GB-Ware on a different hard drive. You may also wish to temporarily disconnect other (non-GB-Ware) hard drives to prevent accidental erasure during firewall installation.

Installing the GB-Ware runtime requires the completion of the following steps:1. Boot the system from the Installation CD.2. Accept the EULA (End Use License Agreement).3. Select the Installation media (IDE Compact Flash or HDD).4. Install the runtime.5. Attach the hardware key block (optional).6. Remove the Installation CD and reboot the system.

Detailed installation instructions for each step are available in the sections that follow.

9


Installation

Installing GB-Ware on Virtual HostsTo run GB-Ware on virtual hosts, launch your virtual machine manager and follow the steps for new installation. Insert the GB-Ware installation CD or select the ISO image of the CD to launch the install process.

1. Specify the memory requirements• GB-Ware (User Limited) - 512 MB RAM• GB-Ware Unrestricted - 1 GB RAM• GB-Ware Enterprise - 2 GB RAM

2. Specify the disk space requirements (GTA recommends 1 GB).3. Next, add virtual NICs (GTA recommends at least 2).

Once the computer finishes booting, switch to the console view. You will see the About GB-OS Runtime Installer screen. Continue with the instructions below. (You will not need to insert the CD or reboot the computer again).

NoteRunning GB-Ware on virtual hosts requires online activation. If you are upgrading from a previous version of GB-Ware, and are currently utilizing a key block, please contact an authorized GTA Channel Partner, or GTA Sales at [email protected], for information on converting to online activation.

Running the GB-Ware InstallerAfter setting the BIOS, insert the installation CD and boot the computer. You will see the About GB-OS Runtime Installer screen for the installation CD. Press the SPACE.BAR or ENTER key to continue and install GB-Ware.

Figure 2.1: The About GB-OS Runtime Installer Screen

Accepting the End User License AgreementThe GB-OS System Software Licensing Agreement will appear. Use the TAB.or arrow key to move to the selection. Press the SPACE.BAR or ENTER.to select your answer. Select VIEW.LICENSE to read the terms of the software and hardware license. If you agree with the terms, select ACCEPT.to continue the installation. The DO.NOT.ACCEPT selection cancels installation and closes the GB-Ware Installer.

Figure 2.2: The GB-OS Software License Agreement

10


Installation

Selecting the Installation ItemThe GB-OS Runtime Installer screen will appear. If you are upgrading, verify that your configuration has been backed up to another location. Any information currently on the disk will be over-written during the installation.

Select the desired item from the list. Use the SPACE.BAR to cycle through available options, or use the F2.key to display a list of options and the arrow keys to move through the list. Once you have selected the desired option, use the TAB.key to move to the OK.selection and press the SPACE.BAR to begin the installation process.

Available item selections are:• GB-Ware Video: GB-Ware Video is recommended to utilize the GB-OS Web interface for

configuration and firewall management and provides access to the Console interface using a video connection and keyboard. GTA recommends those running GB-Ware on virtual hardware to use this option.

• GB-Ware SIO: GB-Ware SIO (Serial Interface Only) utilizes the Web interface for configuration and firewall management and provides access the GB-OS Console interface over a serial connection.

• GB-Ware-x86-64 Video: Requires a CPU that supports 64 Bit OS. GB-Ware Video is recommended to utilize the GB-OS Web interface for configuration and firewall management and provides access to the Console interface using a video connection and keyboard. GTA recommends those running GB-Ware on virtual hardware to use this option.

• GB-Ware-x86-64 SIO: Requires a CPU that supports 64 Bit OS. GB-Ware SIO (Serial Interface Only) utilizes the Web interface for configuration and firewall management and provides access the GB-OS Console interface over a serial connection.

• BootManager SIO: BootManager SIO (Serial Interface Only) allows the user to change console output from video to serial during boot.

• BootManager Video: BootManager Video allows the user to change console output from serial to video during boot.

• Erase Disk: Erase Disk allows the user to clear all disk data from the selected disk.

CAUTIONUsing the ERASE.DISK choice will erase a drive’s contents. Only use the ERASE.DISK choice if you are sure you want to destroy all data on the destination disk.

Figure 2.3: Selecting the Installation Item

11


Installation

Selecting the Installation DiskThe installer will prompt you to select a drive that should receive the GB-Ware installation. From the list of available devices, select the Compact Flash card or hard drive device onto which you wish to install GB-Ware. The Compact Flash card, once mounted using an adapter or USB card reader, is considered a disk drive by the system.

Press the SPACE.BAR to cycle through available options, or use the F2 key to display a list of devices and the ARROW.keys to move through the list.

NoteUSB drives may appear, but should not be selected for installation as they are not IDE-bootable devices. CD-ROM or DVD-ROM drives will not be displayed by the GB-Ware system installation process, as they are not writable discs. Other drives will not display.

Devices recognized by GB-Ware will contain one of the following prefixes:• da: The prefix da indicates a direct access USB device. A USB Compact Flash card reader/

writer containing a Compact Flash card might be designated da0. Any additional USB devices recognized by the installation will be designated as da1, da2, etc.

• ad: The prefix ad identifies an IDE device. Any recognized IDE device installed on the primary IDE controller master will be designated ad0, whether it’s a hard drive or a Compact Flash card mounted in a Compact Flash IDE adapter. Any additional recognized IDE device will be designated by the IDE controller slot it occupies; if you have not disconnected your firewall’s hard drive, and you put a Compact Flash card and IDE adapter on the primary IDE controller slave port, the hard drive will be recognized as ad0, while the Compact Flash card will be designated ad1.

NoteIf there is an indication of the device size in the description, this can be used to help identify the correct drive. Device geometry format is in cylinders/heads/sectors.

NoteOnce you have selected the desired device, select the disk access mode. For running GB-Ware on virtual hosts, select LBA mode

Press TAB to OK, then press the SPACE.BAR or ENTER to continue.

Figure 2.4: Selecting the Installation Disk

12


Installation

Installing the RuntimeThe next dialog will display the warning: Installing will destroy any existing data on <device number>!!! Are you sure you want to install GB-Ware? where “device number” is the Compact Flash card or hard drive you will be writing to, and “runtime version” is the GB-OS runtime version you have selected.

Tab to OK, then press SPACE.BAR or ENTER when you are sure you have selected the correct drive and are ready to install the runtime.

Figure 2.5: Installing the Runtime

It may take several minutes for the runtime to install. An animated indicator will display the status of the installation process. A message similar to the following will display when the system installation is complete:

Loading runtime image for <runtime number> – succeeded Initializing slice 3 – succeeded

Initializing runtime slice 2 – succeeded

Initializing runtime slice 1 – succeeded

Completing InstallationYour Compact Flash disk or hard disk should now have GB-Ware firewall software installed. Remove the GB-Ware installation CD and press ENTER to reboot. Power off the computer.

If you have installed GB-Ware using a proxy computer, remove the GB-Ware media (IDE Compact Flash or HDD) from the computer and install it as the boot disk on the intended firewall.

If you have installed GB-Ware for running on virtual hardware, select <empty> from the DVD drive pull down menu.

NoteSee Reference A: Installing the Compact Flash Card for instructions on installing a Compact Flash card and Compact Flash IDE adapter on your intended firewall.

13


Initial Configuration

GB-Ware Online ActivationIn order to activate your GB-Ware software, log into the GTA Online Support Center, http://www.gta.com/support/center/login/. Your firewall must be registered.

Requirements for Online Activation:

• Firewall registered in the GTA Support Center• Serial number entered• Activation code using online activation entered• DNS configured• Internet connection (HTTPS access to als.gta.com)

Once this is completed, activation is automatic.

If you would like to request a keyblock, please contact GTA Sales.

NoteRunning GB-Ware on virtual hosts requires online activation.

NoteWithout online activation, the software will operate in an unregistered mode during which the system is operational for only two users.

Restarting the GB-Ware FirewallAfter installing GB-Ware remove the Installation CD and reboot the computer. Your GB-Ware firewall will now be operational.

NoteGTA recommends disconnecting or disabling any unnecessary hardware in the GB-Ware firewall system. This prevents accidental access of other drives and simplifies hardware configuration.


14



Initial ConfigurationThis chapter covers the initial configuration of your GTA firewall. For detailed configuration explanations and walkthroughs, refer to the GB-OS User’s Guide which is available on the GB-OS installation CD or from www.gta.com.

Depending upon which user interface you choose to use for initial firewall configuration, you may need to attach different hardware to your GB-Ware firewall.

Selecting a User InterfaceYour GB-Ware firewall can be accessed using two methods. If possible, GTA recommends using the Web interface. Each style of user interface has unique requirements for physical setup before they can be used for firewall configuration.

For initial configuration instructions using the Web interface, see Using the Web Interface. For initial configuration instructions using the Console interface, see Using the Console Interface. Generally, it is recommended to configure GB-Ware with the Web interface, as the Console interface is primarily used only as an effort of last resort if the Web interface is not accessible.

RequirementsIf using the Web interface, you will need:

• 1 crossover Ethernet cable to connect with the computer directly, or 1 straight-through Ethernet cable to connect with the computer through a hub or switch

• 2 straight-through Ethernet cables, one for each required network connection• 1 computer with an Ethernet network card (NIC) and a SSL-compatible, frames-enabled browser

If using the Video Console interface, you will need:• 1 keyboard• 1 monitor

If using the Serial Console interface, you will need:• 1 null-modem serial cable• 1 computer with a serial port and terminal emulation software installed (such as Putty or

TeraTerm)

Using the Web InterfaceUsed as the primary interface, the Web interface is platform-independent and can be used on any frames-capable browser, including Internet Explorer, Safari, Google Chrome or Mozilla Firefox running on platforms such as Windows, Mac and Unix.

Connecting to the FirewallTo configure your GB-Ware firewall using the Web interface, temporarily join a computer to the firewall’s default network. This allows you to connect and configure the firewall’s network settings to match your own network scheme, integrating it with your network.

1. Connect the computer’s NIC to the firewall’s NIC 0 using a crossover cable. (Alternatively, use a straight-through cable to connect the computer to the firewall’s NIC 0 through a hub or switch.)

NoteNIC 0 is the firewall’s first logical Ethernet port/connector.

http://www.gta.com

15



2. Back up the computer’s network settings, then temporarily change your computer’s network settings (this allows you to access the firewall’s default network): IP Address: 192.168.71.253 Gateway/Router: 192.168.71.254 Subnet Mask: 255.255.255.0 DNS Server: none (or 192.168.71.254, if this field is required)

Figure 3.1: Changing Network Settings to Match Firewall Defaults (Windows XP)

3. If necessary, reboot your computer to apply the network configuration. GTA recommends using an SSL-compatible and frames-capable browser to administer your

firewall.

CAUTIONAdministration of the firewall without SSL is insecure and may send sensitive information such as passwords in clear text. It is not recommended if you have a hub or other network device between your computer and the firewall appliance.

Configuration Using the Web interfaceTo configure the firewall using the Web interface, you must first log into the firewall and then run the Basic Setup Wizard.

Logging Into the Firewall1. Start a Web browser on your computer and enter the firewall’s URL into the browser’s location/

address field: https://192.168.71.254. 2. If your network and cables are set up correctly, you will be prompted with a security alert dialog

indicating that the certificate authority is not one you have chosen to trust; that the security certificate date is valid; and that the name on the security certificate does not match the name of the site.

Figure 3.2: Accepting the Firewall’s SSL Certificate (Internet Explorer)

Click YES, or if your alert differs, choose the selection that allows you to proceed. (You may establish your firewall SSL certificate once you have logged on to the firewall.)

https://192.168.71.254/

16



3. Next, in the login screen, enter the default user ID, fwadmin (all lower case). Then enter the default password, also fwadmin (all lower case). Click OK or press the return key when finished.

Figure 3.3: Entering the Default User ID and Password

CAUTIONGTA recommends changing the default user ID and password to prevent unauthorized access. Passwords can be changed after logging in.

Running the Basic Setup WizardUpon initial login to the GTA firewall, you will be prompted with the Basic Setup Wizard, which is designed to facilitate the entry of basic network settings. The firewall has default settings which need to be changed to match your own network settings. To run the Basic Setup Wizard, navigate to Wizards>Basic Setup in the Web interface.

1. On the first screen of the Basic Setup Wizard, you will be prompted to enter the firewall administrator’s contact information.

Click the Next Arrow to continue.

Figure 3.4: Entering the Administrator’s Contact Information

2. The next screen will allow for entry of the firewall’s serial number and any activation codes for optional features that you purchased along with your product. Enter activation codes (hexadecimal characters only - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F) with dashes included.

The serial number and activation code(s) can be retrieved from the GTA Online Support Center (http://www.gta.com/support/center).


Figure 3.5: Entering the Serial Number and Activation Codes


17



3. You will then be prompted to enter and confirm a new username and password for the firewall’s default administrator account. The username must be a minimum of three (3) characters, and the password a minimum of four (4) characters.


Figure 3.6: Entering the Firewall Administrator’s Password

4. The following screen pertains to Network Preferences. Select the type of network to support: either IPv4 or both IPv4 and IPv6.


Figure 3.7: Network Preferences

5. The next screen will configure the firewall’s date and time settings. Although it is possible to manually configure the firewall date and time, it is highly recommended that you enable the NTP checkbox and enter an NTP server.

Figure 3.8: Configuring the Date and Time

6. The next screen will configure the protected interface. A protected interface is the interface which is connected to the protected network.

Select DHCP Server to have the firewall use DHCP to obtain the protected interface’s IP address. The protected interface does not require a registered IP address.


Figure 3.9: Configuring the Protected Interface

18



7. You will then be prompted to define the external interface. The external interface is used to communicate to the external network, typically the Internet. An external interface requires a public or legitimate IP address (if attached to the Internet).

Select DHCP to have the firewall use DHCP to obtain the external interface’s IP address. Select PPP to configure a PPP connection for the external interface. Select stAtic to assign a static IP address, default gateway and DNS server to the external interface.


Figure 3.10: Configuring the External Interface

8. The host name is the system name assigned to the GTA firewall. The host name is used to tag log messages and for creating SSL certificates. GTA recommends using a fully qualified domain name as the host name for your GTA firewall. A fully qualified domain name is the complete domain name for a specific computer (host) on the network, which is broken down to a host, domain and top-level domain (e.g. firewall.example.com). Host names must be unique. If your network DHCP servers make IP address assignments based on the system name, enter the host name, often assigned by your ISP.


Figure 3.11: Entering the Host Name

9. The next screen configures the PSN interface. A Private Service Network (PSN) is optional and may not be required for configurations such as intranets or for outbound access only. However, if you offer public access to servers (such as a Web server) the installation of a PSN interface is highly recommended.

To configure a PSN interface, select the enAble checkbox, otherwise select the Next Arrow to proceed with the wizard. Select dHcp to have the firewall use DHCP to obtain the interface’s IP address, otherwise select stAtic to assign a static IP address manually. The PSN interface does not require a registered IP address.


Figure 3.12: Configuring the PSN Interface

19



10. The final screen of the Basic Setup Wizard is a summary view of all entered settings. Please review your firewall’s setup prior to committing the displayed configuration. To make changes to your basic setup, select the BAck button to return to the appropriate screen.

Click the SAve icon to save the displayed configuration, or select the cANcel icon to abort.

CAUTIONSaving settings configured using the Basic Setup Wizard will erase any existing configuration settings and will reboot the firewall if it is in Live Mode.

Figure 3.13: Reviewing the Firewall’s Basic Setup

Completion of the Basic Setup Wizard will automatically create a new GB-OS CA and local certificate signed by the CA, and the notificAtions section will set the to Address as the contAct Address.

Accessing Your GTA FirewallAfter completing the initial configuration in the setup wizard, your GTA firewall should be active and functioning in default security mode (all internal users are allowed outgoing connections, and no unsolicited connections are allowed in).

After testing connectivity, you can now perform any additional configuration tasks using the Web interface. See the GB-OS User’s Guide or more information on configuring your GTA firewall.

20



Using the Console InterfaceThe Console interface is a GUI-based interface of hierarchical menus. It operates only on the GTA Firewall console; it cannot be accessed in any other way. The Console interface should only be used for basic configuration or for recovery purposes. Comprehensive configuration settings are only available from the Web interface.

The Console interface can be accessed using either a video connection and keyboard or a serial connection to a computer running terminal emulation software. Depending on whether GB-Ware Video or GB-Ware SIO was installed on the GB-Ware system, either the Video Console interface or the Serial Console interface will be accessible. To switch between the Video Console interface and the Serial Console interface, see Switching Between Console Interfaces.

NoteFor more information on configuring your GTA firewall using the Console interface, see the GB-OS Console User’s Guide.

Video Console InterfaceIf you want to initially configure your firewall using the Video Console interface, attach a monitor and a keyboard directly to your firewall (a mouse will not be used). Then, power on your GTA firewall.

Once the GTA firewall is operational, it will display a real-time view of log messages being generated. To log in to the firewall, press ALT and F2 simultaneously. The default user ID and password are both fwadmin.

Serial Console InterfaceIf you wish to initially configure your firewall using the Serial Console interface, attach either a terminal (using a serial console cable), or a computer with terminal emulation software (such as TeraTerm) using a DB-9 null-modem cable to the GTA firewall. Enter these settings for the console connection:

Table 3.2: Connecting to the Console interface

Field Description

Emulation VT-100Port COM port connected via DB-9 cable to the firewallBaud Rate 38400Data/Bit Rate 8Parity NoneStop 1Flow Control Hardware

After you have connected to the firewall, a login prompt will be displayed. The default user ID and password are both fwadmin.

21



Switching Between Console InterfacesTo switch from the Video Console interface to the Serial Console interface, access the system using the Web interface while in Live mode and navigate Configure>Configuration>Runtime>Options.

NoteThe Runtime Options screen is not available while in Test mode.

In the console Mode section, select the method in which you would like to access the Console interface.

CAUTIONChanging Console Mode settings will cause the firewall to reboot.

Figure 3.14: Switching Between Console Interfaces

22


Troubleshooting

TroubleshootingLog messages, reports and activity snapshots are your first reference for general troubleshooting. This section contains useful troubleshooting procedures and frequently asked questions for solving firewall configuration errors.

Troubleshooting issues discussed in this chapter are specific to GB-Ware. For all other troubleshooting issues regarding your GTA firewall, please refer to the GB-OS User’s Guide.

GuidelinesGTA Support recommends the following guidelines as a starting point when troubleshooting network problems:

• Check your policies. Are the correct policies in place for the type of traffic you are trying to allow or disallow?

• Start with the simplest case of hosts directly attached to the firewall.• Use IP addresses, not names. Your problem could be DNS.• Work with one network segment at a time. • Verify your firewall system configuration by navigating to Configure>Verify. The verification check

is the best method of ensuring that your system is configured correctly. Correct all errors and warnings listed.

• Your first tests should be connectivity tests. Ping and traceroute are very useful tools for testing connectivity.

• Make sure the network cabling is connected to the correct network interface. Some useful guidelines are:

• Verify the network interface numbers, MAC addresses and logical names listed on the Monitor>System>Overview screen and in log reports.

• Use the logical elimination method. Connect a network cable to the first network interface and use the ping facility to test for connectivity with a host on the desired network. If unsuccessful, move the cable to the next network interface and perform the test again. Repeat until successful, or all network interfaces have been tested.

• View the hardware report located at Monitor>System>Hardware. Check the report to ensure all your network devices have been recognized by the system at boot time.

Frequently Asked Questions (FAQ)Select a question/error message from the list below. If your issue is not covered below, please contact GTA Support for more information.

GB-Ware fails to boot with console message: “CPU doesn’t support x86-64”.After installation, my GB-Ware displays the following verification warning: WARNING: Not enough RAM for product, minimum is “_”I requested a USB hardware key block, how do I install it?I lost my user name and/or password. How can I log on to my firewall?I selected the Video Console interface, but now I would like to use the Serial Console interface.My computer is not booting from the Installation CD.My system does not see the Compact Flash Card.The warning message “Initializing runtime slice 2 failed; No Space left on device” is displayed.How do I revert to my previous configuration after a version upgrade?When I try to boot from the GB-Ware installation CD to install the system, I get the error message,

“Mounting CD – failed: Input/output error.” What steps can I take to locate the problem?My system did not auto-detect the Compact Flash.When I boot GB-Ware, GB-Ware hangs after the memory slice default number displays. (You may also hear a beeping sound coming from the firewall or serial console computer.)When I boot GB-Ware, I receive the error message “rl0: Couldn’t map ports/memory”.When running GB-Ware on a virtual host, I cannot contact the Web interface.

23


Troubleshooting

Q: GB-Ware fails to boot with console message: “CPU doesn’t support x86-64”.The hardware CPU does not support 64 bit OS. Re-install GB-OS and select the GB-Ware-x86 runtime.

Q: After installation, my GB-Ware displays the following verification warning:WARNING: Not enough RAM for product, minimum is 512MB

WARNING: Not enough RAM for product, minimum is 1GB

WARNING: Not enough RAM for product, minimum is 2GB

The firewall in which GB-Ware has been installed on does not have enough memory for the GB-Ware version. Increase the amount of RAM installed.

Q: I requested a USB hardware key block, how do I install it?

Figure 4.1: USB Key Block

1. Register your GB-Ware firewall and retrieve your activation code. (For more information, see the registration section.)

2. Plug the USB key block in to your GB-Ware firewall.

Figure 4.2: Installation of the USB Key Block

3. Enter the GB-Ware serial number and activation code in the Configure>System>Activation Codes section of the GB-Ware Web interface.

NoteIf the hardware key block is not recognized once you have booted the system, and the serial number and activation code are both entered correctly, make sure that your firewall’s USB port is active and functional according to your hardware’s BIOS. These settings may be checked during the boot process before operating system software is loaded.

Refer to your system’s hardware guide for specific instructions.

24


Troubleshooting

Q: I lost my user name and/or password. How can I log on to my firewall?If login information has been irretrievably lost, a firewall can be reset to factory defaults, erasing all current configuration data and resetting both the case-sensitive user name and password to fwadmin.

CAUTIONResetting the firewall will cause it to lose current configuration data, but retains the serial number and activation codes.

To reset your firewall to factory defaults, attach either a terminal (using a serial console cable), or a computer with terminal emulation software (using a DB-9 null-modem cable). Enter these settings for the console connection:

Table 4.1: Connecting to the Console Interface

Field Description

Emulation VT-100 or PuTTYPort COM port connected via DB-9 cable to the firewallBaud Rate 38400Data/Bit Rate 8Parity NoneStop 1Flow Control Hardware

Power on the firewall. The following will display:

GB-OS 5.x.x

loading ...

When the word “loading” appears, immediately press CONTROL-R. The system will begin to load, and configuration and hardware data will appear on screen. Finally, a confirmation question displays:

Are you sure you want to reset your firewall configuration?: (“yes” or “no”)

To reset to factory defaults, type the word “yes” in lower case letters. Typing any other key will reboot the system without resetting to defaults. If there is no input after two minutes, the firewall will continue its boot process.

Q: I selected the Video Console interface, but now I would like to use the Serial Console interface.To switch from the Video Console interface to the Serial Console interface, access the system using the Web interface while in Live mode and navigate Configure>Configuration>Runtime>Options. In the console Mode section, select the method in which you would like to access the Console interface and save the section.

CAUTIONChanging Console Mode settings will cause the firewall to reboot.

25


Troubleshooting

Q: My computer is not booting from the Installation CD.Make sure you are using the GB-Ware Installation CD, that the boot sequence has been properly configured and that you are using an IDE CD-ROM drive.

Q: My system does not see the Compact Flash Card.Make sure you are using a GTA-certified Compact Flash card and that the Compact Flash is properly connected to the computer.

Q: The warning message “Initializing runtime slice 2 failed; No Space left on device” is displayed.This message may display for the following reasons:

1. The Compact Flash card is too small. GTA only supports GTA-certified Compact Flash cards.2. The Compact Flash card no longer functions correctly. Replace the Compact Flash card if

necessary.

Q: How do I revert to my previous configuration after a version upgrade?The firewall’s Compact Flash or hard drive memory is in two sections (“slices”); one contains the current software version plus any saved configuration, the other contains the previous software version and configuration. A new firewall’s two memory slices are identical.

When the firewall is upgraded to a new runtime, the upgrade process automatically overwrites the memory slice not in use with the new software version and the existing configuration, leaving the production firewall version and configuration intact. When the firewall is rebooted, the updated memory slice will load by default.

When the system boots up, the memory slice information will load. When the word “Default” appears, immediately type the number of the slice you wish to load.

1 GB-OS slice 1

2 GB-OS slice 2

Default: 1

Q: When I try to boot from the GB-Ware installation CD to install the system, I get the error message, “Mounting CD – failed: Input/output error.” What steps can I take to locate the problem?Use these troubleshooting steps:

1. If you have more than one CD-ROM drive installed, either disconnect the additional CD-ROM drives and retry, or verify that the installation CD-ROM drive is detected first in the boot sequence, before other CD-ROM drives in the IDE controller ports.

2. Connect a different CD-ROM drive and retry.3. Try installing GB-Ware into a different hardware system.

Q: My system did not auto-detect the Compact Flash.Use these troubleshooting steps:

1. If the Compact Flash module was not auto-detected, make sure that the card is fully seated in the adapter board.

2. Enter the system BIOS of the target system for GB-Ware. Once in the BIOS, load the setup defaults and/or the BIOS defaults. Locate and run IDE auto-detection. The Compact Flash module should be auto-detected on the primary IDE controller port. Select SAVE.

3. If you have an older system, try setting the PIO mode to 0, then retry auto-detect.

26


Troubleshooting

Q: When I boot GB-Ware, GB-Ware hangs after the memory slice default number displays. (You may also hear a beeping sound coming from the firewall or serial console computer.)Enter the firewall’s BIOS. Load the setup defaults and/or the BIOS defaults. Disable logical block access (LBA) in the BIOS, if the option is available. LBA may also be referred to as “logical” or “logical block,” or it may be indicated with an option to change to CHS (cylinders/heads/sectors).

Q: When I boot GB-Ware, I receive the error message “rl0: Couldn’t map ports/memory”.Enter the firewall’s BIOS. Disable plug-and-play. Reboot. If the error message still appears, enter the BIOS again and load the setup defaults and/or the BIOS defaults.

Q: When running GB-Ware on a virtual host, I cannot contact the Web interface.If you cannot connect and login into the Web interface, launch the console in your virtual machine manager. Check to see if the NICs are named and ordered properly.

27


Reference A: Installing the Compact Flash Card

Reference A: Installing the Compact Flash CardIf you are installing your GB-Ware firewall on a Compact Flash card, use these instructions to install the Compact Flash card for your firewall. The instructions assume that the Compact Flash IDE adapter is being installed in the intended firewall; modification is necessary to install the GB-Ware firewall Compact Flash IDE adapter on an installation proxy computer.

RequirementsThe following are required to install the Compact Flash card for your firewall:

• Mounting posts• 1 GB GTA-certified Compact Flash card• Compact Flash IDE adapter board • Ultra DMA (80-Conductor) IDE/ATA cable

NoteGB-Ware running GB-OS 6.1.0 and above will no longer support the CFDISK.1B or CFDISK.1C IDE Compact Flash Adapter from PC Engines. Any GB-Ware firewall using the CFDISK.1B IDE or CFDISK.1C IDE Compact Flash Adapter boards should have the adapter board replaced prior to upgrading to GB-OS 6.1.0 and above. See Compact Flash Adapters Boards and ATA/IDE Cable Compatibility for more information.

This component kit is available for purchase from GTA; GB-Ware may also be installed to a hard drive instead of using a Compact Flash card kit.

Figure A.1: Compact Flash IDE Adapter Components

Before beginning, do not plug in any part of the system. Make sure that you are properly grounded to prevent static electricity discharge before opening the case.

xWARNINGImproper grounding can damage your system or Compact Flash card, and may cause physical injury or death. Never service your GB-Ware system while it is plugged in or powered on.

28



Assembling the Compact Flash IDE AdapterInsert the four white nylon mounting posts into the mounting holes in the adapter board. (You can also mount the adapter board in a hard disk drive bay using 3.5” hard disk drive mounting hardware.)

Figure A.2: Inserting the Mounting Posts into the IDE Adapter Board

Holding the Compact Flash card with the label up, slide the card into the slot on the adapter board, pinholes in, until firmly and evenly seated.

Figure A.3: Inserting the Compact Flash Card into the IDE Adapter Board

Installing the Compact Flash IDE AdapterOpen the case of your intended firewall. (Please contact the case manufacturer if you have questions on how to complete this step.)

Locating IDE Controller PortsLocate the IDE controller ports on the motherboard, and remove anything that is plugged into them. The Compact Flash module may not function properly with other components plugged into the IDE controller ports. (Refer to the motherboard’s user guide if you cannot locate the IDE controller ports.)

Figure A.4: Locating the Primary IDE Controller Port

29



Mounting the Compact Flash CardMount the adapter board securely inside the firewall’s case; find a place where the components fit easily and securely, and where the IDE cable can easily reach from the adapter board to the primary IDE controller port. DO NOT mount the adapter board onto or near other electronic components inside the case.

xWARNINGThe Compact Flash card is NOT hot-swappable. Never insert or remove the Compact Flash card while the power is on. Doing so can damage the Compact Flash card, and electrical discharge could cause injury. Never open your GB-Ware firewall’s chassis while it is plugged in or powered on.

Figure A.5: Mounting the Compact Flash IDE Adapter Inside the Intended Firewall

Connecting the IDE CableInsert one end of the IDE cable into the primary IDE controller port with the red-striped side of the cable lined up with pin #1 of the IDE controller port. Insert the other end of the IDE cable into the IDE port of the adapter board with the red-striped side of the IDE cable nearest to the 4-pin power port.

Figure A.6: Attaching the IDE Cable to the Compact Flash IDE Adapter Board

30



Connecting the Power SupplyLocate a 4-pin power connector on your system’s power supply, and connect a power cable from it to the 4-pin power port of the adapter board.

Figure A.7: Connecting the Power Supply to the 4-pin Power Port of the IDE Adapter Board

Close the case and power on your firewall to test for operational error.

If you have not yet installed GB-Ware on the Compact Flash card, see the installation chapter to continue installing GB-Ware.

Compact Flash Adapters Boards and ATA/IDE Cable Compatibility

xWARNINGBefore checking your hardware for compatibility, turn off the power to your firewall and disconnect all power cables.

Adapter BoardsGB-Ware running GB-OS 6.1.0 and above will no longer support the CFDISK.1B or CFDISK.1C IDE/Compact Flash Adapter from PC Engines. Any GB-Ware firewall using the CFDISK.1B IDE or CFDISK.1C IDE/Compact Flash Adapter boards should have the adapter board replaced prior to upgrading to GB-OS 6.1.0 and above.

To determine which adapter board is installed in your GB-Ware firewall, physically examine the board. Model Number CFDISK.1E must appear on the board in order for it to be supported for GB-OS 6.1.0 and above.

Figure A.8: Supported CFDISK.1E Adapter Board

31



Figure A.9: Unsupported CFDISK.1C Adapter Board

Conductor ATA CablesGB-Ware running GB-OS 6.1.0 and above will no longer support 40-Conductor ATA cables. GB-Ware running GB-OS 6.1.0 or above should use an 80-conductor cable, which supports Ultra DMA IDE/ATA.

To determine which conducter cable is used, physically examine the cable by counting the number of lines present on the cable itself.

Figure A.10: Supported 80-Conductor Ultra ATA/IDE Cable

Figure A.11: Unsupported 40-Conductor ATA/IDE Cable

32


Copyright

Copyright © 1996-2012, Global Technology Associates, Incorporated (GTA). All rights reserved.

Except as permitted under copyright law, no part of this manual may be reproduced or distributed in any form or by any means without the prior permission of Global Technology Associates, Incorporated.

Technical Support GTA includes 30 days “up and running” installation support from the date of purchase. See GTA’s Web site for more

information. GTA’s direct customers in the USA should call or email GTA using the telephone and email address below. International customers should contact a local Authorized GTA Channel Partner.

Tel: +1.407.380.0220 Email: [email protected]

Disclaimer Neither GTA, nor its distributors and dealers, make any warranties or representations, either expressed or implied, as

to the software and documentation, including without limitation, the condition of software and implied warranties of its merchantability or fitness for a particular purpose. GTA shall not be liable for any lost profits or for any direct, indirect, incidental, consequential or other damages suffered by licensee or others resulting from the use of the program or arising out of any breach of warranty. GTA further reserves the right to make changes to the specifications of the program and contents of the manual without obligation to notify any person or organization of such changes.

Mention of third-party products is for informational purposes only and constitutes neither an endorsement nor a recommendation for their use. GTA assumes no responsibility with regard to the performance or use of these products.

Every effort has been made to ensure that the information in this manual is accurate. GTA is not responsible for printing or clerical errors.

Trademarks & Copyrights GB-OS and GB-Ware are registered trademarks of Global Technology Associates, Incorporated. Global Technology Associates

and GTA are service marks of Global Technology Associates, Incorporated.

Microsoft, Internet Explorer, Microsoft SQL and Windows are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries.

Adobe and Adobe Acrobat Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.

UNIX is a registered trademark of The Open Group.

Linux is a registered trademark of Linus Torvalds.

BIND is a trademark of the Internet Systems Consortium, Incorporated and University of California, Berkeley.

WELF and WebTrends are trademarks of NetIQ.

Sun, Sun Microsystems, Solaris and Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and/or other countries.

Java software may include software licensed from RSA Security, Inc.

Some products contain software licensed from IBM are available at http://oss.software.ibm.com/icu4j/.

Some products include software developed by the OpenSSL Project (http://www.openssl.org/).

Mailshell and Mailshell Anti-Spam is a trademark of Mailshell Incorporated. Some products contain technology licensed from Mailshell Incorporated.

All other products are trademarks of their respective companies.

.Global.Technology.Associates,.Inc.

3505 Lake Lynda Drive, Suite 109 • Orlando, FL 32817 USA Tel: +1.407.380.0220 • Fax: +1.407.380.6080 • Web: http://www.gta.com • Email: [email protected]

gb-ware® - gta - global technology associates · pdf filepreparing the gb-ware hardware...

Documents