Clavister Eagle E7 User manual
Clavister Eagle E7
Getting Started Guide
Clavister AB
Sjögatan 6J
SE-89160 Örnsköldsvik
SWEDEN
Phone: +46-660-299200
www.clavister.com
Published 2013-05-29
Copyright ©2013 Clavister AB
Clavister Eagle E7
Getting Started Guide
Published 2013-05-29
Copyright ©2013 Clavister AB
Copyright Notice
This publication, including all photographs, illustrations and software, is protected under
international copyright laws, with all rights reserved. Neither this manual, nor any of the material
contained herein, may be reproduced without the written consent of Clavister.
Disclaimer
The information in this document is subject to change without notice. Clavister makes no
representations or warranties with respect to the contents hereof and specifically disclaims any
implied warranties of merchantability or fitness for a particular purpose. Clavister reserves the
right to revise this publication and to make changes from time to time in the content hereof
without any obligation to notify any person or parties of such revision or changes.
Limitations of Liability
UNDER NO CIRCUMSTANCES SHALL CLAVISTER OR ITS SUPPLIERS BE LIABLE FOR DAMAGES OF
ANY CHARACTER (E.G. DAMAGES FOR LOSS OF PROFIT, SOFTWARE RESTORATION, WORK
STOPPAGE, LOSS OF SAVED DATA OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES)
RESULTING FROM THE APPLICATION OR IMPROPER USE OF THE CLAVISTER PRODUCT OR
FAILURE OF THE PRODUCT, EVEN IF CLAVISTER IS INFORMED OF THE POSSIBILITY OF SUCH
DAMAGES. FURTHERMORE, CLAVISTER WILL NOT BE LIABLE FOR THIRD-PARTY CLAIMS AGAINST
CUSTOMER FOR LOSSES OR DAMAGES. CLAVISTER WILL IN NO EVENT BE LIABLE FOR ANY
DAMAGES IN EXCESS OF THE AMOUNT CLAVISTER RECEIVED FROM THE END-USER FOR THE
PRODUCT.
2
Table of Contents
Preface................................................................................................................ 5
1.ProductOverview .............................................................................................. 7
1.1.UnpackingtheProduct ............................................................................ 7
1.2.InterfacesandPorts ................................................................................. 9
2.Installation ......................................................................................................12
2.1.InstallationGuidelines ............................................................................12
2.2.RackMounting ......................................................................................14
2.3.RJ45ConsolePortConnection..................................................................17
2.4.Micro-USBConsolePortConnection .........................................................19
2.5.ConnectingPower ..................................................................................21
2.6.ResettingtoFactoryDefaults ...................................................................22
3.cOSCoreConfiguration .....................................................................................24
3.1.ManagementWorkstationConnection ......................................................24
3.2.WebInterfaceandWizardSetup ...............................................................27
3.3.ManualWebInterfaceSetup ....................................................................35
3.4.CLISetup ..............................................................................................51
3.5.InstallingaLicense .................................................................................59
3.6.SetupTroubleshooting ...........................................................................61
3.7.GoingFurtherwithcOSCore ....................................................................63
4.WarrantyService ..............................................................................................66
5.SafetyPrecautions ............................................................................................68
A.Specifications ..................................................................................................71
B.DeclarationsofConformity ................................................................................72
C.PortBasedVLANSetup .....................................................................................74
3
List of Figures
1.1.AnUnpackedClavisterE7Appliance .................................................................. 7
1.2.Clavister E7 Connection Ports ............................................................................ 9
1.3.TheE7EthernetInterfacePorts .......................................................................... 9
2.1.The E7 Console Port ........................................................................................19
2.2.E7PowerInletConnector ................................................................................21
4
Preface
Target Audience
The target audience for this guide is the administrator who has taken delivery of a packaged
Clavister E7 appliance and is setting it up for the first time. The guide takes the user from
unpacking and installation of the device through to power-up, including network connections
and initial cOS Core configuration.
There are two models of E7 appliance, a first generation and a second. The difference is that the
first generation has an RJ45 console port and the second has a micro-USB port for console
connection. This guide is for both models. However, all images show the second generation with
micro-USB port.
Text Structure
The text is divided into chapters and subsections. Numbered subsections are shown in the table
of contents at the beginning of the document.
Notes to the main text
Special sections of text which the reader should pay special attention to are indicated by icons
on the left hand side of the page followed by a short paragraph in italicized text. There are the
following types of such sections:
Note
This indicates some piece of information that is an addition to the preceding text. It may
concern something that is being emphasised or something that is not obvious or
explicitly stated in the preceding text.
Tip
This indicates a piece of non-critical information that is useful to know in certain
situations but is not essential reading.
Caution
This indicates where the reader should be careful with their actions as an undesirable
situation may result if care is not exercised.
Important
This is an essential point that the reader should read and understand.
Warning
5
This is essential reading for the user as they should be aware that a serious situation
may result if certain actions are taken or not taken.
Text links
Where a "See section" link is provided in the main text, this can be clicked on to take the reader
directly to that reference. For example, see Section 3.6, “Setup Troubleshooting ”.
Web links
Web links included in the document are clickable. For example, http://www.clavister.com.
Trademarks
Certain names in this publication are the trademarks of their respective owners.
cOS Core is the trademark of Clavister AB.
Windows,Windows XP,Windows Vista and Windows 7 are either registered trademarks or
trademarks of Microsoft Corporation in the United States and/or other countries.
Apple and Mac are trademarks of Apple Inc. registered in the United States and/or other
countries.
Preface
6
Chapter 1: Product Overview
• Unpacking the Product, page 7
• Interfaces and Ports, page 9
1.1. Unpacking the Product
Figure 1.1. An Unpacked Clavister E7 Appliance
This section details the unpacking of the E7 appliance. Open the packaging box used for
shipping and carefully unpack the contents. The delivered product packaging should contain the
following:
• The Clavister E7 appliance.
• RS232 null modem cable or micro-USB console cable (depending on version).
• RJ45 Ethernet cable.
• Power cable and power supply.
• USB memory stick containing documentation.
Note: Missing items
If any items are missing from your package, please contact your reseller or distributor.
All documentation can be freely downloaded in PDF format from the Clavister website.
7
End of Life Treatment
The E7 appliance is marked with the European Waste Electrical and Electronic Equipment (WEEE)
directive symbol which is shown below.
The product, and any of its parts, should not be discarded of by means of regular refuse disposal.
At end-of-life, the product and parts should be given to an appropriate service that deals with
the removal of such specialist materials.
Chapter 1: Product Overview
8
1.2. Interfaces and Ports
This section is an overview of the E7 product's external design.
Figure 1.2. Clavister E7 Connection Ports
The E7 features the following connection ports on the front panel:
• On the left there is a set of RJ45 Gigabit Ethernet interfaces which are numbered 1to 8. All 8
interfaces are connected together by a common switch fabric and share the single logical
cOS Core interface name GESW. This means that any security policy in the cOS Core rule sets
that refers to the interface GESW will apply to traffic on any of the 8 physical interfaces.
The GESW interfaces allow the configuration of Port Based VLANs through cOS Core so that
the 8 interfaces can be divided up into different VLANs. This feature is described further in
Appendix C, Port Based VLAN Setup.
• Next, are 3 x RJ45 Gigabit Ethernet interfaces. These have the logical cOS Core names of G1,
G2 and G3. These names are marked on each interface. These interfaces function
independently of each other and are not connected by a switch fabric.
• There are two versions of the E7 appliance. The first generation version provides console
connection through an RS232 RJ45 connector port, the second generation uses a micro-USB
port. All images in this manual show only the micro-USB port version.
The console port is used for direct access to the cOS Core Boot Menu and the cOS Core
Command Line Interface (CLI).
All E7 Ethernet interfaces are capable of link speed auto-negotiation and can operate using
10Base-T, 100Base-Tx, or 1000Base-T.
Figure 1.3. The E7 Ethernet Interface Ports
All the E7 Ethernet interfaces support Automatic MDI-X and do not require a crossover cable for
direct connection from another computer.
Port Based VLAN
For the E7 only, cOS Core allows the administrator to configure of any of the GESW interfaces so
they act as a VLAN. All 8 Ethernet interfaces can act as 8 separate VLANs or they can be grouped
into a lesser number of VLANs. Alternatively, some may be part of a VLAN and some may
continue to act as normal GESW interfaces connected by a switch fabric. After such
configuration, the VLAN processing load for these interfaces is handled by the E7 hardware
Chapter 1: Product Overview
9
without affecting cOS Core performance.
This feature is referred to as Port Based VLAN and is described in more detail in Appendix C, Port
Based VLAN Setup.
Ethernet Interface Status LEDs
On the E7 there are indicator lights at the top left and top right of each interface which illuminate
according to link status and activity. The conditions shown are:
• The top-left flashes green to indicate data traffic.
• The top-right light is green if the link is 10 or 100 Mb.
• The top-right light is amber if the link is 1 Gb.
Chapter 1: Product Overview
10
Chapter 1: Product Overview
11
Chapter 2: Installation
• Installation Guidelines, page 12
• Rack Mounting, page 14
• RJ45 Console Port Connection, page 17
• Micro-USB Console Port Connection, page 19
• Connecting Power, page 21
• Resetting to Factory Defaults, page 22
2.1. Installation Guidelines
Guidelines
Follow these guidelines when installing your Clavister E7 appliance:
•Safety
Take notice of the safety guidelines laid out in Chapter 5, Safety Precautions. These are
specified in multiple languages.
•Power
Make sure that the power source circuits are properly grounded and then use the power cord
supplied with the appliance to connect it to the power source.
•Using Other Power Cords
If your installation requires a different power cord than the one supplied with the appliance,
be sure to use a cord displaying the mark of the safety agency that defines the regulations for
power cords in your country. Such marks are an assurance that the cord is safe.
•Power Overload
Ensure that the appliance does not overload the power circuits, wiring and over-current
protection.
To determine the possibility of overloading the supply circuits, add together the ampere
12
ratings of all devices installed on the same circuit as the appliance and compare the total
with the rating limit for the circuit. The maximum ratings for the E7 are listed in Appendix A,
Specifications.
•Surge Protection
A third party surge protection device should be considered and is strongly recommended as
a means to prevent electrical surges reaching the appliance. This is mentioned again in
Section 2.5, “Connecting Power”.
•Temperature
Do not install the appliance in an environment where the operating ambient temperature
could exceed the specified operating range (see Appendix A, Specifications).
The recommended operating temperature range is "room temperature". That is to say, the
temperature most commonly found in a modern office and in which humans feel
comfortable. This is usually considered to be between 20 and 25 degrees Celsius (68 to 77
degrees Fahrenheit). Special rooms for computer equipment may use a lower range.
•Airflow
Make sure that airflow around the appliance is not restricted.
•Dust
Do not expose the appliance to environments with elevated dust levels.
Note: The specifications appendix provide details
Detailed information concerning power supply range, operating temperature range and
other operating details can be found at the end of this publication in Appendix A,
Specifications.
Flat Surface Installation
The E7 can be mounted on any appropriate stable, flat, level surface that can safely support the
weight of the appliance and its attached cables.
Rubber feet on the E7 unit are attached to the underside of the appliance for operation on a flat
surface. This protects both the surface and the appliance from external damage as well as
allowing air to circulate underneath the hardware during operation.
Caution: Always leave space around the appliance
Always ensure there is adequate space around the appliance for ventilation and access
to operating switches and cable connectors. No objects should be placed on top of the
casing.
The E7 can also be rack mounted using an optional kit which is described next in Section 2.2,
“Rack Mounting”.
Chapter 2: Installation
13
2.2. Rack Mounting
An optional Rack Mount Kit is available for the E7 that is suitable for mounting the product in a 19
inch rack. This must be ordered as a separate product and is not included as standard. Included
with the kit is the following:
• 1 x side bracket for rack mounting including 2 fitted hex screws.
• 1 x side bracket for rack mounting with PSU mounting space including 2 fitted hex screws.
• 1 x plastic cable tie for securing the PSU to the rack mount.
The kit is attached to the sides of the E7 unit prior to mounting in the rack. The steps for
attaching the kit are as follows:
1. Take the bracket with the space for the power supply (PSU) and attached this to the E7 side
nearest from the power inlet. Do this by slotting the brackets hooks into the fan vents on
the side.
2. Push the bracket forward so it engages with the vents.
Chapter 2: Installation
14
3. Take a Hex screw driver and secure the bracket by screwing in the 2 preinstalled screws.
These screws will engage with the corners of the fan vents.
4. Take the second bracket without the PSU space and attached it to the other side of the E7
furthest from the power inlet in the same way. This is also secured by screwing the 2
preinstalled screws into the corners of the vents.
5. Take the external power supply and place it into the space provided on the PSU bracket.
Gather the spare power cord into a bundle and secure this against the PSU as well as the
PSU itself by looping the provided plastic cable tie around both, passing it through the
holes provided in the bracket.
Chapter 2: Installation
15
6. Finally, plug the PSU power cord into the E7 power inlet.
The E7 with the attached mounting bracket is now ready to be mounted in a rack. Following
mounting, a power cable can be plugged into the E7 PSU.
Chapter 2: Installation
16
2.3. RJ45 Console Port Connection
On the first generation of the E7 appliance, the serial console port is a physical RJ45 RS-232 port
on the front panel of the hardware. The second generation of E7 provides a micro-USB port
instead and connection with this is described in Section 2.4, “Micro-USB Console Port Connection”.
This RS232 port allows direct management connection to the appliance, either from a separate
computer running console emulation software or from a console terminal. Serial console access
can then be used for both management of cOS Core with CLI commands or to enter the boot
menu in order to access E7 firmware loader options.
Tip: Skip this section for now if the web interface is used
This section can be initially skipped if initial cOS Core setup is done with the cOS Core
Web Interface since neither boot menu or CLI access will be needed.
Issuing CLI Commands
CLI commands can be issued via the RS-232 console port for both initial cOS Core setup as well as
for ongoing system administration.
The RS-232 console port need not be used if setup is done through a web browser as described
in Section 3.2, “Web Interface and Wizard Setup”. If the local console port is used for setup, no
password is initially needed and the CLI commands required are described in Section 3.4, “CLI
Setup”.
Note: Setting a console password
A serial console password need not be set. If this is the case, anyone with physical access
to the serial console has full administrator rights.
If the E7 is not placed in a secure area, it is therefore advisable to set the console
password. This is done using the console boot menu and more detail on this can be
found in the separate cOS Core Administrators Guide.
Requirements for Serial Console Connection
To use the serial console port, the following is needed:
• A terminal or a computer with a serial port and the ability to emulate a terminal (for instance,
the Hyper Terminal software included with some Microsoft Windows distributions could be
used).
• The terminal console should have the following settings:
• 9600 bps.
• No parity.
• 8 bits.
• 1 stop bit.
• No flow control.
Chapter 2: Installation
17
• An RS-232 cable with appropriate terminating connectors. The E7 package includes an
RS-232 null-modem cable.
Connection Steps
To connect a terminal to the console port, follow these steps:
1. Check that the console connection settings are configured as described above.
2. Connect one of the connectors on the RS-232 cable directly to the console port on the E7.
3. Connect the other end of the cable to a console terminal or to the serial connector of a
computer running console emulation software.
Connection Using SSH
An alternative to using the serial console port for CLI access is to connect via a physical Ethernet
interface and using a Secure Shell (SSH) client on the management workstation to issue CLI
commands. This is discussed further in Section 3.1, “Management Workstation Connection”.
Chapter 2: Installation
18
2.4. Micro-USB Console Port Connection
On the second generation of the E7 appliance, the console port is a physical micro-USB port on
the front panel of the hardware.
This port allows direct management connection to the appliance from a separate computer
running console emulation software. Console access can then be used for both management of
cOS Core with CLI commands or to enter the boot menu in order to access E7 firmware loader
options.
Tip: Skip this section for now if the web interface is used
This section can be initially skipped if initial cOS Core setup is done with the cOS Core
Web Interface since neither boot menu or CLI access will be needed.
Figure 2.1. The E7 Console Port
Connection Steps
To connect a PC to the console port, follow these steps:
1. Connect a micro-USB connector directly to the console port on the E7.
2. Connect the other end of the cable to a USB port on a Windows based computer running
console emulation software.
3. Windows will recognize the device and automatically install the appropriate driver.
4. Direct the console emulator on the Windows computer to connect to the newly installed
device.
Issuing CLI Commands
CLI commands can be issued via the console port for both initial cOS Core setup as well as for
ongoing system administration.
The console port need not be used if setup is done through a web browser as described in
Section 3.2, “Web Interface and Wizard Setup”. If the local console port is used for setup, no
password is initially needed and the CLI commands required are described in Section 3.4, “CLI
Setup”.
Chapter 2: Installation
19
Connection Using SSH
An alternative to using the console port for CLI access is to connect via a physical Ethernet
interface and using a Secure Shell (SSH) client on the management workstation to issue CLI
commands. This is discussed further in Section 3.1, “Management Workstation Connection”.
Note: Setting a console password is recommended
A console password need not be set. If it is not, anyone with physical access to the
console has full administrator rights.
Unless the hardware is placed in a secure area, it is therefore recommended to set the
console password. This is done by entering the console boot menu at system startup.
more information on this can be found in the cOS Core Administrators Guide.
Chapter 2: Installation
20
Table of contents
Other Clavister Firewall manuals
Popular Firewall manuals by other brands
Watchguard
Watchguard SOHO user guide
Watchguard
Watchguard SOHO SOHO and SOHO | tc user guide
Fortinet
Fortinet FortiGate 3000 install guide
ZyXEL Communications
ZyXEL Communications ZyWALL 1050 Declaration of conformity
Lucent Technologies
Lucent Technologies RPSD user guide
SonicWALL
SonicWALL NSA 2600 Getting started guide
