Forum Systems Sentry 556 Series Manual
2
Forum Systems Sentry™ 556x
Hardware Installation Guide
Legal Marks
No portion of this document may be reproduced or copied in any form, or by any means – graphic, electronic, or mechanical, including
photocopying, taping, recording, or information retrieval system – without expressed permission from Forum Systems, Inc.
FORUMOS™ Firmware, Forum Systems XMLSec™ WebAdmin, Forum Systems XML Security Appliance™, Forum Sentry™, Forum
Presidio™, Forum XWall™, Forum Sentry™ Web Services Gateway, Forum Presidio™ OpenPGP Gateway, Forum FIA Gateway™,
Forum XWall Type-PCI™, Forum XWall® Web Services Firewall and Forum XRay™ are trademarks and registered trademarks of Forum
Systems, Inc.
All other products are trademarks or registered trademarks of their respective companies.
Copyright © 2002-2019 Forum Systems, Inc. – All Rights Reserved.
Forum Systems Sentry™ Hardware Installation Guide 556x Rev B, published November 2019
D-ASF-SE-012440
3
TABLE OF CONTENTS
INTRODUCTION...................................................................................................................................................................4
Audience..........................................................................................................................................................................4
Conventions Used............................................................................................................................................................4
Overview ..........................................................................................................................................................................4
Product Versions.........................................................................................................................................................4
UNPACK AND INSTALL THE SYSTEM...............................................................................................................................5
Unpacking the Product.....................................................................................................................................................5
Rack Precautions ........................................................................................................................................................5
Server Precautions......................................................................................................................................................5
Installing the Product into a Rack................................................................................................................................5
Electrical Safety Precautions.......................................................................................................................................5
PLAN FOR PHYSICAL INSTALLATION...............................................................................................................................7
System Startup and Shutdown Procedures......................................................................................................................7
Power On.....................................................................................................................................................................7
Power Off.....................................................................................................................................................................7
Restart.........................................................................................................................................................................7
Installation Overview ........................................................................................................................................................7
Decide Among In-Line Two IPs or One Port Network Configuration Modes ....................................................................7
1-port Mode.................................................................................................................................................................8
In-line Mode (Two IP Addresses) ................................................................................................................................8
Physical Interfaces for the Forum 556x Series............................................................................................................9
System Schematics..........................................................................................................................................................9
CONNECT THE NETWORK.................................................................................................................................................9
Configure the Network for One-Port Mode.......................................................................................................................9
Configure the Network for In-line Mode............................................................................................................................9
CONNECT THE CLI............................................................................................................................................................10
CONFIGURE HYPERTERMINAL.......................................................................................................................................11
Change the <Backspace> Key Sends Setting................................................................................................................11
HyperTerminal Settings.............................................................................................................................................11
Configure Terminal Emulation for the Serial Console Port.............................................................................................12
POWER ON........................................................................................................................................................................12
Powering On the System................................................................................................................................................12
CONFIGURE THE SYSTEM...............................................................................................................................................13
Remaining Software Installation Tasks ..........................................................................................................................13
Initialize the System on the CLI......................................................................................................................................13
Configure Network Interfaces for the Product.................................................................................................................13
Overview of Default Device Gateway Settings...............................................................................................................14
Default Gateway Rules...................................................................................................................................................14
In-line Mode Configuration.........................................................................................................................................14
1-port Mode Configuration.........................................................................................................................................15
Establish Enable Mode Password..................................................................................................................................15
Add the Default Administrator User Name and Password..............................................................................................16
Troubleshoot the Management Device Interface Filter...................................................................................................16
Troubleshoot Routing Information for the Product..........................................................................................................16
ACCESS THE WEB ADMINISTRATION INTERFACE .......................................................................................................17
APPENDIX..........................................................................................................................................................................18
Appendix A – Specifications...........................................................................................................................................18
Power Supply ............................................................................................................................................................18
System Operating Environment.................................................................................................................................18
Cooling Fans .............................................................................................................................................................18
System.......................................................................................................................................................................18
Appendix B – Regulatory Information.............................................................................................................................18
Appendix C – FORUM APPLIANCE - LIMITED HARDWARE WARRANTY..................................................................19
Appendix D – Constraints of CLI and Users...................................................................................................................20
INTRODUCTION
Audience
The Forum Systems Sentry™ Hardware Installation Guide is for IT or Network Administrators who will install the product.
Conventions Used
A red asterisk ( * ) aligned with a field term means that this field is required.
In this and other documentation, the Forum Systems Web Administration Interface is referred to as the WebAdmin and the Forum XML
Security Appliance™ is referred to as the ‘device’, ‘product’ or ‘system’.
In this document, all commands and parameters that must be entered are displayed in italicized boldface.
Instructions for the CLI user are displayed in italicized boldface text inside brackets. Press the <enter> key or
after each command.
Example:
login as: admin1
[Enter your User Name, then press <enter>.]
Overview
Forum Systems develops and markets security products that actively guard data as it moves between and within enterprises by
protecting specific content within XML and non-XML Documents – at the origin, during transmission and after it reaches its destination.
Features of the product include:
Fast, non-intrusive installation.
Rack mounted, installs in minutes, works with content servers, firewalls, load balancers, SSL accelerators and Virtual Private
Networks.
Flexible network configuration.
Dual port flexibility – the product operates either in In-line or 1-port physical network configuration modes.
oIn In-line mode, the product uses the WAN and LAN network interfaces with one shared or two distinct IPs.
oIn 1-port mode, the product operates in a standard proxy server network configuration using the WAN interface.
Product Versions
This document covers installation of the Forum Systems 456X Rev B models. All instructions also pertain to HSM-enabled and FIPS-
certified systems.
UNPACK AND INSTALL THE SYSTEM
Unpacking the Product
Follow these steps in the sequence given to unpack the product. Inspect the shipping container that the product arrived in, and note if
any damage had occurred. If the product shows damage, file a damage claim with the carrier who delivered it.
Decide on a suitable location for the rack unit that will hold the product. It should be installed in a clean, dust-free environment that is
well ventilated. Avoid areas where heat, electrical noise and electro-magnetic fields are generated. Place the product near a grounded
power outlet. Leave enough clearance in front of the rack to enable you to open the front door completely (~25 inches). Additionally,
leave approximately 30 inches of clearance in the back of the rack to allow for sufficient airflow and ease in servicing.
Rack Precautions
Ensure that the leveling jacks on the bottom of the rack are fully extended to the floor with the full weight of the rack resting on
them.
In a single rack installation, stabilizers should be attached to the rack.
In multiple rack installations, the racks should be coupled together.
Always make sure rack is stable before extending a component from rack.
Extend only one component at a time; extending two or more simultaneously may cause the rack to become unstable.
Server Precautions
Review the electrical safety precautions in the System Safety section.
Determine placement of each component in rack before you install server.
Install heaviest server components on the bottom of the rack first, and then work up.
Use a regulating uninterruptible power supply (UPS) to protect the server from power surges, voltage spikes and to keep your
system operating in case of a power failure.
Always keep the rack's front door and all panels and components on the servers closed when not servicing to maintain proper
cooling.
Installing the Product into a Rack
Follow these steps to install the product into a rack unit. Additionally, review the installation instructions that came with the rack unit you
are using. It is recommended that two people be involved in lifting the product onto the mounting rails to assure the safety of both the
product and the involved personnel.
The 556x product uses rack mounting rails to attach the system to standard server racks or telco racks. The front product rail is already
attached to the chassis. The rear product rail is included in the product accessories box. And should be attached behind the front product
rail with the locking tab facing the same way. The rear product rail section should be slid under the locking tabs and then screwed into
place using the small flat screws (2 for each rack rail section).
Standard racks
When installing on standard racks, you need to connect the rear rack rail sections (medium length L-shaped sections) to the rear of the
front rack tail. This is accomplished by placing the lugs at the rear of the front rack rail section into the slots in the rear rack rail section
and sliding them until they are correctly sized to be on the outside of the front and rear of the standard rack attachment points. Once the
sizing is correct, lock the rear rack rail section in place using 2 small round screws (2 for each rack rail section). Attach the rack rails to
your standard rack. Once the main rack rails are in place, slide the product into the rails using the product rails and make sure all screws
are tightened before releasing it. The telco rack mounting brackets (small L-shaped sections that attach to the front rack rail) are not
needed for this type of installation and should be set aside and saved in case of the product being moved at a later time to a different
rack type.
Telco racks
When installing on telco racks, you will need to use two L-shaped brackets on either side of the telco rack (4 in total). These brackets will
attach to the main rack rails at the raised locations. Two small round screws should be inserted through each L-shaped bracket into the
main rack rail to hold the brackets to the tail with enough space between the two brackets to accommodate the telco rack. Make any
adjustments needed to balance the weight of the product evenly on the telco rack and install the two main rails to the telco rack using the
L-shaped brackets. Once the main rack rails are in place, slide the product into the rails using the product rails and make sure all screws
are tightened before releasing it. The rear rack rail assemblies (medium length sized L-shaped sections that attach to the front rack rail)
are not needed for this type of installation and should be set aside and saved in case of the product being moved at a later time to a
different rack type.
Electrical Safety Precautions
Basic electrical safety precautions should be followed to protect installers from harm and the product from damage. Follow these rules to
ensure electrical safety:
Be aware of the locations of the power on/off switch on the chassis as well as the room's emergency power-off switch,
disconnection switch or electrical outlet. If an electrical accident occurs, you can then quickly remove power from the system.
Do not work alone when working with high voltage components.
When disconnecting power, you should first power down the system with the operating system first and then unplug the power
cords of all the power supply units in the system.
When working around exposed electrical circuits, another person who is familiar with the power-off controls should be nearby
to switch off the power if necessary.
Use only one hand when working with powered-on electrical equipment. This is to avoid making a complete circuit, which will
cause electrical shock. Use extreme caution when using metal tools, which can easily damage any electrical components or
circuit boards they come into contact with.
Do not use mats designed to decrease static electrical discharge as protection from electrical shock. Instead, use rubber mats
that have been specifically designed as electrical insulators.
The power supply power cords must include a grounding plug and must be plugged into grounded electrical outlets.
PLAN FOR PHYSICAL INSTALLATION
System Startup and Shutdown Procedures
The following sequences are required for powering on/off and restarting the system:
Power On
Connect the two provided product power cords to the rear of the product and a wall outlet.
Press product main power switch ON at the front of the product. If the faceplate is in place, you will need to remove it using
the thumbscrews to gain access to the power switch.
Power Off
From the CLI, enter enable mode and type the <shutdown> command (output truncated):
ForumOS# shutdown
INIT: Switching to runlevel: 0
Power down.
_
Power the system off using the power switch at the back of the product to the OFF position. The system will begin the
shutdown sequence, power down and display a blinking cursor.
There is a power button at the front of the system that can be used for powering down for short periods of time, but only after shutting
down the system via the CLI or WebAdmin.
Restart
From the CLI, type the <reboot> command (output truncated):
ForumOS# reboot
000090 IPOLMASTR No Access Control Policies found
000092 IFILEUTLS Found 0 temp files
md: recovery thread finished ...
Flushing ide devices: hda hdc
Restarting system.
Installation Overview
The following is an overview of installation steps, presented in sequence, to install the product:
Decide on in-line or 1-port physical network configuration for the product.
Setup the serial port console cable connections to the product.
Initialize Command Line Interface (CLI) (start terminal emulation software, e.g. Hyper Terminal™, and connect to product).
The Forum Systems Installation Wizard* appears and prompts you to configure Network Interfaces for the product,
default gateway, DNS, and default Administration user.*
Test WebAdmin UI accessibility.
*Refer to the Forum Systems Sentry™ HSM Quick Start Guide for more information on this portion of installation.
Decide Among In-Line Two IPs or One Port Network Configuration Modes
Network configuration options for your product include:
One port mode
In-line (two IP addresses) mode
Before physical installation, IT Administrators must decide which mode best matches your network structure.
Note: Be sure you run the shutdown command before powering off the system to allow policy backup and recovery process to
complete.
1-port Mode
The following figure displays network configuration mode for 1-port:
Figure 1: 1-Port Network Configuration Schematic.
In the 1-port mode configuration, the product operates using only the WAN interface connected to the network and accepts client
requests directed to the configured device IP(s) of the WAN port.
In-line Mode (Two IP Addresses)
The following figure displays network configuration mode for in-line (two IP addresses):
Figure 3: In-Line Configuration Schematic for Two IP Addresses.
With in-line configuration with two IP addresses, the product still sits between the corporate “Local Area Network” and the outside “Wide
Area Network” with two network interfaces being used for bi-directional network traffic via distinct IPs. In-line configuration means the
product provides physical network connectivity between clients and application server(s).
Physical Interfaces for the Forum 556x Series
When physically installing the product, consider the following:
INTERFACE
DESCRIPTION
WAN Port:
The WAN port, the left most of the two upper NIC ports next to each other on the right half of the rear of the
appliance, is used in both in-line and 1-port modes for data traffic. With in-line mode, the WAN port should be
the external-facing (Internet) port, connected to whichever upstream device (router, firewall, etc.) is applicable.
In 1-port mode, only the WAN port is used for data traffic. When in in-line or 1-port mode, traffic is directed to
the security system based on the defined IP(s) on the system.
LAN Port:
The LAN port, the right most of the two upper NIC ports next to each other on the right half of the rear of the
appliance, is only used in in-line mode. This is the internal-facing port, connected to the internal network or a
network device that provides connectivity to the internal network.
MANAGE-
MENT Port:
Forum Systems products can be managed out-of-band using the lower left most NIC port on the rear of the
appliance. This means that management connectivity and associated network traffic are provided from an
interface that is separate from the interface(s) used for regular traffic. Access to the Command Line Interface
(CLI) and the WebAdmin is provided on this interface. The MANAGEMENT interface can be moved to the LAN
or WAN port after initial setup.
There is a single MANAGEMENT IP address on the device that applies to the Management Ethernet interface
only. The IP address used for the MANAGEMENT port is completely independent of whether the device is
configured to run in in-line or 1-port mode. The MANAGEMENT port must have an IP associated, even if you
intend to manage the product via the WAN or LAN interface. If you do not have a physical network connection
to the MANAGEMENT interface, set the IP to the non-routable IP, 169.254.0.1, per RFC 3330.
CONSOLE
Port:
The DB9 (serial) port at the left rear of the appliance next to the power supplies is used for connecting the
product console for direct CLI access.
Smart Card
Reader
Serial
Connector
The smart card reader (HSM products only) is the small round connector on the bottom left hand side of the
appliance which is used for HSM configuration.
System Schematics
The following diagram displays the Forum Systems system:
Figure 4: Product Schematic for non HSM-enabled System.
CONNECT THE NETWORK
Configure the Network for One-Port Mode
Connect the WAN port to your data network.
Connect the MANAGEMENT port to your private management network
(the network that your organization uses for management.)
Configure the Network for In-line Mode
1. Connect the WAN port to your data network.
2. Connect the LAN port the other side of your data network.
3. Connect the MANAGEMENT port to your private management network
(the network that your organization uses for management.).
CONNECT THE CLI
Connect the CONSOLE serial port at the rear of the product to a laptop / PC serial port in order to access the Command Line Interface
(CLI). The CLI can also be accessed via SSH on port 22 to the management IP address once it is initialized and configured on the
network.
The following two sections describe the configuration of two different terminal emulation tools (HyperTerminal and KiTTy) that can be
used on a PC to connect to the Forum Sentry CLI interface via the serial port.
CONFIGURE HYPERTERMINAL
Change the <Backspace> Key Sends Setting
Before setting the terminal emulation for the serial console port, first change the <Backspace> Key Sends setting in HyperTerminal to
behave in the same manner as the <Delete> key.
1. Launch using Start
Run
and type hypertm.exe.The HyperTerminal screen appears.
2. The Connection Description screen appears. Click Cancel to close.
3. From the menu bar, select File, Properties. The New Connection Properties screen appears. Click the Settings tab.
4. In the Backspace key sends area, check the Del radio button. Click OK to close the screen.
HyperTerminal Settings
Please refer to the following settings for configuring HyperTerminal:
Connect using = COM1
Bits per second = 9600
Data bits = 8
Parity = None
Stop bits = 1
Flow control = Hardware
Configure Terminal Emulation for the Serial Console Port
The New Connection screen for HyperTerminal appears. If not visible, re-launch using Start
Run
and type hypertm.exe.The New
Connection screen for HyperTerminal appears.
1. From the menu bar, select File,New Connection.The New Connection – HyperTerminal screen appears.
2. In the Connection Description screen, enter a Connection Name in the Name field, click OK.The Connect To screen
appears.
3. From the Connect using drop down list, click the com port that your console is connected to; probably COM1, click OK.The
COM1 Properties screen appears.
4. From the Bits per second drop down list, click 9600.
5. From the Data bits drop down list, click 8.
6. From the Parity drop down list, click None.
7. From the Stop bits drop down list, click 1.
8. From the Flow control drop down list, click Hardware, then click OK.The HyperTerminal screen opens with a blinking cursor.
POWER ON
Powering On the System
Physical installation is now complete. Review the System Startup and Shutdown Procedures section for the required sequence used
while powering on the system.
CONFIGURE THE SYSTEM
Remaining Software Installation Tasks
If you are running with HSM, you must first initialize the Hardware Security Module (HSM) on the CLI for the first time. Refer to the HSM
Quick Start Guide for more information.
Note: When this task is complete, the Installation Wizard will continue with the remaining sections of the Installation Wizard.
If you are running without HSM, continue with the Initialize the System on the CLI section.
When finished, continue with the Initialize the System on the CLI section of this document until installation is complete.
Initialize the System on the CLI
The Forum Systems Installation Wizard allows you to cycle through a one-time wizard and prompts you to enter critical data in the proper
sequence, including the default Administrator user name and password. If you skip prompts or exit the wizard before configuration is
complete, the product will refresh, and re-display the wizard until all required data has been entered.
The Forum Systems Installation Wizard displays the following start-up screen and sequenced prompts:
-------------------------------------------------------
Forum OS - Command Shell
-------------------------------------------------------
Forum Systems Model:
Serial Number: 0000
Licensed to: Unknown
License Expiration: 12/31/99 12:00 AM
Firmware Version: X.X
Product Version: X.X
System Name: Value not set
Server Start Date/Time: Wed, 30 August 2006 02:13:00 AM EST
Server Up-Time: 0 years, 0 months, 4 days, 22 h,
43 min, 33 s, 590ms
Security World ID: N/A
------------------------------------------------------
Type ? for help
*******************************************************
*Welcome to the Forum Systems Installation Wizard *
**
* Before using the command line interface, some *
* basic information will be needed to configure *
* the management network interface. Type exit at *
* the command prompt if you would like to defer *
* this wizard until later. *
**
* Once this information is collected you will be *
* able to use the command line interface or the *
* web admin gui. *
**
*******************************************************
# Please enter: Data entry method
# Manually enter data or import an existing bootstrap file
1 to manually enter data
2 to import a bootstrap (fsb) file
> 1
[Type (1) or (2), and then press <enter]
Configure Network Interfaces for the Product
*******************************************************
*Management Interface Settings for the System *
**
* This includes the ip address and netmask that will *
* be used for managing the device. *
*******************************************************
#Please enter: Management Address
#The IP Address for management
<default> 10.5.3.92
[Press <enter> to accept default or enter the Management IP Address, and then press <enter>]
#Please enter: Management Netmask
#The management netmask for the system
<default> 255.255.255.0
[Press <enter> to accept default or enter the Management Netmask, and then press <enter>]
*******************************************************
*Physical Network Topology *
**
* These are global settings for the device that *
* restrict all device communication policies to *
* either a one-port configuration, or inline with *
* separate IP addresses on the WAN and LAN *
* interfaces. *
*******************************************************
# Please enter: Topology Mode
# The network topology for the system
1 for One-Port mode
2 for Inline (Dual IP address) mode
> 1
[Enter (1) or (2) and then press <enter>]
*******************************************************
*Device Interface Settings for the System *
**
* This includes the ip address and netmask that will *
* be used for all system traffic. In a proxy *
* configuration this will be the address that clients *
* connect to. *
*******************************************************
# Please enter: Device IP Address
# The default IP Address for the system
> 10.5.6.92
[Press <enter> to accept default or enter the System IP Address, and then press <enter>]
# Please enter: Device Netmask
# The default device netmask for the system
> 255.255.255.0
[Press <enter> to accept default or enter the System Netmask Address, and then press <enter>]
Overview of Default Device Gateway Settings
This section describes typical network configurations and how they would relate to your default gateway setting. After reviewing this
topic, continue with the Forum Systems Installation Wizard.
Note: The default gateway in the Installation Wizard is used for managing traffic
through the system that is going to or coming from the subnets not connected to the
system.
Default Gateway Rules
Only one default gateway is allowed per product.
The default gateway setting can only apply to one interface.
The default gateway setting is applied globally to your entire system.
The default gateway setting is optional, except in one case. This exception is when clients, the product, your back end servers
and your WebAdmin console are all on the same LAN.
You may change your default gateway setting.
In-line Mode Configuration
If you have selected In-line mode (single IP), the default gateway setting could apply to the System Default, or the Virtual Interface, or the
MANAGEMENT interface. The Virtual Interface aggregates both the WAN and the LAN binding interfaces.
If you have selected In-line mode (two IPs), the default gateway setting could apply to the System Default, or WAN, or LAN, or the
MANAGEMENT interface.
1-port Mode Configuration
If you have selected 1-port mode, the default gateway setting could apply to the System Default, WAN or MANAGEMENT interface.
At this point, continue with the Forum Systems Installation Wizard.
*******************************************************
*Default Gateway Setting *
**
* This is an optional default gateway for the *
* system that applies to either the device setting *
* or the management interface. *
*******************************************************
# Please enter: Device Gateway
# The default gateway for the system
Enter blank value for none
> 10.5.3.1
[Enter Device Gateway, and then press <enter>]
# Please enter: Gateway Interface
# Interface directed to the gateway
1 Let the System Choose for you
2 for WAN
3 for Management
> 1
[Enter the gateway interface. Press 1 to let the system choose for you, or 2 for WAN, or 3 for
Management, and then press <enter>]
*******************************************************
*DNS Name Server Configuration Settings *
**
* These are optional DNS settings that can be applied *
* to the device. *
*******************************************************
# Please enter: Primary DNS
# The address of the primary DNS
> 10.5.2.11
[Enter Primary DNS, and then press <enter>]
# Please enter: Secondary DNS
# The address of a secondary DNS
> 10.5.2.12
[Enter Secondary DNS, and then press <enter>]
Establish Enable Mode Password
Note: When leaving Command mode, evident by the cursor ForumOS>, you enter Enable mode, evident by the cursor ForumOS#.
********************************************************
*Enable Password *
**
* Enable mode is a privileged mode of operation in *
* CLI that allows you to modify System settings. *
* These settings allow you to enter an enable mode *
* password that will allow an administrator to enter *
* enable mode. *
********************************************************
Note: The Enable mode password must be unique, is case sensitive, and may be from 6 to 32 alphanumeric characters.
#Please enter: New Password
#The new enable mode password
> <enter a password for enable mode >
#Please enter: Confirm Password
#Confirm the new enable mode password
> <re-enter the password for enable mode >
Add the Default Administrator User Name and Password
********************************************************
*Management User Policy *
**
* The following settings allow you to enter a user *
* policy that can be used to gain access to other *
* user interfaces such as the Web Administration UI. *
********************************************************
Note: User names must be unique, are case sensitive, and may be from 1 to 80 alphanumeric characters. The ‘@’ character,
underscores, dashes and spaces are allowed; however, no leading or trailing spaces are allowed. User passwords must be unique,
are case sensitive, may be from 6 to 255 alphanumeric characters, and may be any keyboard characters.
#Please enter: User name
#A unique user name
> admin1
#Please enter: New Password
#The new user password
> ******
#Please enter: Confirm password
#confirm the new user password
> ******
Installation Wizard is now complete!
Type ? for a list of commands
ForumOS>
Record this new password for your convenience. At this point, you are connected to the product in Command mode and have completed
the Installation Wizard.
Troubleshoot the Management Device Interface Filter
The management device interface filter is used to prevent allow management traffic between the data network and management network
for security purposes.
If the MANAGEMENT interface and WAN interface are configured to be on same subnet, you must turn this filter off. From the CLI, enter
the network config mgmt-filter command. Enter N to turn the filter off.
Troubleshoot Routing Information for the Product
The system supports both Interface routes as well as Gateway routes. When there is no default gateway configured on the product and
you want to set up your routes, enter the route network add command from the CLI. For example, for the MANAGEMENT interface to
see the 10.5.2.0 network, use the following CLI command (shown with defined syntactical elements):
<Network IP Address> <Netmask> <Route Type> <Gateway Address>
1=Gateway
2=Interface>
route network add 10.5.2.0 255.255.255.0 110.5.3.1
Note: For more information on the route network add command, refer to the Forum Systems Sentry™ Command Line Interface
Reference.
The CLI has displayed its start-up screen in the HyperTerminal window and the Forum Systems Installation Wizard has appears. Follow
the Installation Wizard’s prompts.
The Forum Systems Installation Wizard allows you to cycle through a one-time wizard and prompts you to enter critical data in the proper
sequence, including the default Administrator user name and password. If you skip prompts or exit the wizard before configuration is
complete, the product will refresh, and re-display the wizard until all required data has been entered.
The Forum Systems Installation Wizard displays the following start-up screen and sequenced prompts:
------------------------------------------------------
Forum OS - Command Shell
------------------------------------------------------
Forum Systems Model:
Serial Number: 0000
Licensed to: Unknown
License Expiration: 12/31/99 12:00 AM
Firmware Version: X.X
Product Version: X.X
System Name: Value not set
Server Start Date/Time: Wed, 30 August 2006 02:13:00 AM EST
Server Up-Time: 0 years, 0 months, 4 days, 22 h,
43 min, 33 s, 590ms
Security World ID: N/A
-------------------------------------------------------------------------------
Type ? for help
*******************************************************
*Welcome to the Forum Systems Installation Wizard *
**
* Before using the command line interface, some *
* basic information will be needed to configure *
* the management network interface. Type exit at *
* the command prompt if you would like to defer *
* this wizard until later. *
**
* Once this information is collected you will be *
* able to use the command line interface or the *
* web admin gui. *
**
*******************************************************
# Please enter: Data entry method
# Manually enter data or import an existing bootstrap file
1 to manually enter data
2 to import a bootstrap (fsb) file
> 1
[Type (1) or (2), and then press <enter]
ACCESS THE WEB ADMINISTRATION INTERFACE
The WebAdmin is a browser-based client that comes SSL-enabled.To access the WebAdmin, please have the following ready:
user name.
password.
a browser from which to access the WebAdmin.
The default port for the WebAdmin is 5050. If the default port number for the WebAdmin has changed, provide this new port number to
your Administrators so that they can access the WebAdmin UI.
APPENDIX
Appendix A – Specifications
Power Supply
SPECIFICATION
DESCRIPTION
Type
2 x 500W with +3.3V, +5V, +12V, -5V and -12V main DC outputs and a 5V standby
output.
Input Voltage
100 - 240VAC (w/ ± 10% tolerance - units are auto-switching capable).
2.6A - 6.1A
50-60Hz
Fans
4 x 4-cm fans
Safety Regulations
UL 1950, CUL, TUV, CE
EMI
FCC Class A, EN 55022 Class A, EN 61000-3-2/3-3, CISPR 22 Class A
EN 55024/CISPR 24, (EN 6000-4-2, EN 61000-4-3, EN 61000-4-4, EN 61000-4-5,
EN 61000-4-6, EN 61000-4-8, EN 61000-4-11)
BTU
430.25 BTU/Hour
System Operating Environment
SPECIFICATION
DESCRIPTION
Operating Temperature Range
10 - 35 degrees C / 50 - 95 degrees F
Operating Humidity Range
20 - 95% (non-condensing)
Cooling Fans
SPECIFICATION
DESCRIPTION
System
Four 4-cm heavy-duty counter-rotating fans
System
SPECIFICATION
DESCRIPTION
Dimensions
17 x 1.7 x 25.6 in. (W x H x D)
Weight
Gross Full System: ~44 lbs.
Regulations
FCC Class A, CSA, EN, IEC, UL, CE
Appendix B – Regulatory Information
This section provides the FCC compliance statement for Class A devices and describes how to keep the Forum Systems XML Security
System CE compliant.
FCC COMPLIANCE STATEMENT FOR CLASS A DEVICES
The System(s) described in this user guide has been tested and found to comply with the limits for a Class A digital device, pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment
is operated in a commercial environment. This equipment generates, uses, and radiates radio frequency energy and, if not installed and
used in accordance with the instructions, may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause harmful interference, in which case the user will be required to correct
the interference at his/her own expense.
Changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to operate the
equipment.
Note: The assembler of a personal computer system may be required to test the System and/or make necessary modifications if an
System is found to cause harmful interference or to be non-compliant with the appropriate standards for its intended use.
CE CERTIFICATION
The System(s) described in this user guide complies with all applicable European Union (CE) directives. For computer systems to
remain CE compliant, only CE-compliant parts may be used. Maintaining CE compliance also requires proper cable and cabling
techniques. The customer must ensure that these products are installed with proper shielding to maintain CE compliance. Forum
Systems does not offer engineering services for designing cabling systems. In addition, Forum Systems will not retest or re-certify
Systems that have been reconfigured by customers.
Appendix C – FORUM APPLIANCE - LIMITED HARDWARE WARRANTY
General Terms
This limited hardware warranty (Warranty) applies only to original purchasers using Forum Systems Appliances. The term "Hardware"
means the hardware portion of a Forum Systems Appliance. The term “Hardware” does not include any software programs, whether pre-
loaded with the Hardware, installed subsequently or otherwise.
Nothing in this Warranty affects any statutory rights of consumers that cannot be waived or limited by contract.
Limited Hardware Warranty
Forum Systems (Forum) warrants that the Hardware ("Hardware") shall be free from material defects in design, materials, and
workmanship and will function, under normal use and circumstances, materially in accordance with the documentation provided with the
Hardware for a period of 90 days from receipt.
Customer's sole and exclusive remedy, and Forum System’s sole and exclusive liability for defective Hardware shall be, subject to the
terms and conditions contained herein, and solely upon confirmation of a defect or failure of Hardware to perform as warranted, to
replace the nonconforming Hardware. All replacement Hardware furnished to Customer under this Warranty shall be new or
reconditioned to be functionally equivalent to new. Replacement Hardware is warranted to be free of defects in material or workmanship
for the remainder of the limited hardware warranty period of the original Hardware. All defective Hardware, which has been replaced,
shall become the property of Forum Systems. All replacement Hardware shall remain Customer's property.
Warranty Claims
By submitting a warranty claim, Customer accepts and agrees to be bound by all the terms and conditions contained herein.
To request warranty service, contact Forum Systems Customer Support within the warranty period. If warranty service is required,
Forum will issue a Return Merchandise Authorization ("RMA"). Upon receiving an RMA number, Customer must package the Hardware
in its original or equivalent packaging with the RMA number clearly marked on the outside of the package. In no event will Forum
Systems accept any returned Hardware without a valid RMA number. The package must then be mailed or otherwise shipped to Forum
Systems or its designated representative with all costs of mailing/shipping/insurance prepaid. Forum Systems does not accept liability for
loss or damage to the Hardware during shipment and requires that the return be insured for its full value. Forum Systems will ship the
replacement Hardware to Customer freight prepaid upon receiving proof of such shipment. If Forum Systems does not receive the
defective Hardware within 90 days of receiving the proof of shipment, Forum Systems will invoice Customer for the full price of the new
Hardware and freight charges.
Warranty Restrictions and Disclaimer
The foregoing warranties and remedies shall be void due to any of the following: (1) if the Hardware has been opened, modified, altered,
or repaired, except by Forum Systems or its authorized agents, (2) if the Hardware has not been installed or maintained or used in
accordance with instructions provided by Forum Systems, (3) misuse, abuse, accident, thermal or electrical irregularity, theft, vandalism,
fire, water or other peril, (4) damage caused by containment and/or operation outside the environmental specifications for the Hardware,
(5) connection of the Hardware to other systems, equipment or devices or use with other software (other than those specifically approved
by Forum Systems) without the prior approval of Forum Systems, or (6) removal or alteration of identification labels on the Hardware or
its parts (7) failure to comply with all warranty return terms and conditions as set forth herein. Forum Systems shall not be responsible for
any software, information, or memory data of Customer contained in, stored on, or integrated with any Hardware returned to Forum
Systems for replacement whether under warranty or not. Customer is responsible for backing up its programs and data to protect against
loss or corruption.
The Hardware is not designed, manufactured or intended for use in hazardous environments requiring fail-safe performance, such as in
the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, weapons systems, direct life-support
machines, or any other application in which the failure of the Hardware could lead directly to death, personal injury, or severe physical or
property damage or environmental damage (collectively, "High Risk Activities"). Forum Systems expressly disclaims any express or
implied warranty of fitness for such High Risk Activities.
EXCEPT FOR THE LIMITED WARRANTIES SET FORTH IN THIS SECTION, THE HARDWARE IS PROVIDED ON AN "AS IS" BASIS
WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED. FORUM SYSTEMS DOES NOT WARRANT THAT THE
HARDWARE WILL MEET THE CUSTOMER’S REQUIREMENTS OR THAT ITS OPERATION WILL BE UNINTERRUPTED OR ERROR
FREE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, FORUM SYSTEMS DISCLAIMS ALL WARRANTIES,
EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. Some jurisdictions do not allow the exclusion of implied warranties or
limitations on how long an implied warranty may last, so the above limitations may not apply to Customer.
Limitation of Liability
IN NO EVENT WILL FORUM SYSTEMS OR ITS AFFILIATES OR SUPPLIERS BE LIABLE FOR ANY LOSS OF USE, INTERRUPTION
OF BUSINESS, LOST PROFITS, OR LOST DATA, COST OF PROCUREMENT OF SUBSTITUTE GOODS OR TECHNOLOGY OR
INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, OF ANY KIND REGARDLESS OF THE FORM OF ACTION,
WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF FORUM SYSTEMS
OR ITS AFFILIATES OR SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE, AND WHETHER OR NOT
ANY REMEDY PROVIDED SHOULD FAIL OF ITS ESSENTIAL PURPOSE. THE TOTAL CUMULATIVE LIABILITY TO CUSTOMER,
FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY WILL BE LIMITED TO AND WILL NOT EXCEED THE
PURCHASE PRICE OF THE FORUM SYSTEMS APPLIANCE PAID BY CUSTOMER. Some jurisdictions do not allow the exclusion or
limitation of incidental or consequential damages, so the above limitation or exclusion may not apply to Customer.
Appendix D – Constraints of CLI and Users
ELEMENT
CONSTRAINT
CHAR COUNT
Enable Mode
Password
Must be unique, is case sensitive, and may be from 8 to 32 alphanumeric
characters. No spaces allowed.
6-32
User Name
Unique and case sensitive. The ‘@’ character, underscores, dashes and spaces
are allowed; however, no leading and trailing spaces are allowed.
1-80
User Password
Case sensitive, may be any keyboard character.
6-255
User Password for
users assigned to
SNMP Groups
Case sensitive, may be from 8 to 255 alphanumeric characters, and accepts the
‘@’ character, underscores and dashes.
8 to 255
Table of contents
Popular Gateway manuals by other brands
NetVito
NetVito RTV1835W-D90 user manual
Moxa Technologies
Moxa Technologies MGate 5121 Series user manual
WAGO
WAGO 758-915 manual
4IPNET
4IPNET HSG326 Quick installation guide
Ruckus Wireless
Ruckus Wireless MediaFlex 7211 Quick setup guide
ZyXEL Communications
ZyXEL Communications Unified Security Gateway ZyWALL 300 user guide