Lancom R&S Unified AGPO150 User manual
LANCOM R&S®Unified Firewalls
Migration Guide
1
LANCOM Installation Guide – Copyright
Copyright
© 2020 LANCOM Systems GmbH, Wuerselen (Germany). All rights reserved.
While the information in this manual has been compiled with great care, it may not be deemed an
assurance of product characteristics. LANCOM Systems shall be liable only to the degree specified
in the terms of sale and delivery.
The reproduction and distribution of the documentation and software supplied with this product
and the use of its contents is subject to written authorization from LANCOM Systems. We reserve
the right to make any alterations that arise as the result of technical development.
Windows®and Microsoft®are registered trademarks of Microsoft, Corp.
LANCOM, LANCOM Systems, LCOS, LANcommunity and Hyper Integration are registered
trademarks. All other names or descriptions used may be trademarks or registered trademarks of
their owners. This document contains statements relating to future products and their attributes.
LANCOM Systems reserves the right to change these without notice. No liability for technical
errors and/or omissions.
Products from LANCOM Systems include software developed by the “OpenSSL Project” for use in
the “OpenSSL Toolkit” (www.openssl.org).
Products from LANCOM Systems include cryptographic software written by Eric Young (eay@
cryptsoft.com).
Products from LANCOM Systems include software developed by the NetBSD Foundation, Inc. and
its contributors.
Products from LANCOM Systems contain the LZMA SDK developed by Igor Pavlov.
This product contains separate open-source software components. These are
subject to their own licenses, in particular the General Public License (GPL). If
the respective license demands, the source files for the corresponding software
components will be made available on request. Please contact us via e-mail under
LANCOM Systems GmbH
Adenauerstr. 20/B2
52146 Wuerselen
Germany
www.lancom-systems.com
Wuerselen, February 2020
2
LANCOM Installation Guide – Table of Contents
Table of Contents
Copyright 1
Introduction 3
Target group 3
Chapter overview 3
To be checked before the upgrade 5
Supported devices 6
Removed functions 6
Manual settings 7
Upgrade procedure 8
Upgrading the LANCOM R&S®Unified Firewall from versions 9.6 and 9.8
9
Upgrading the LANCOM R&S®Unified Firewall from versions 9.4 and
9.5 10
Installing LCOS FX 10.4 from a USB-Stick 11
Upgrading the LANCOM R&S®Unified Firewall to version 9.6 followed by the
upgrade to LCOS FX 10.4 12
Upgrading the LANCOM R&S®Unified Firewall prior to version 9.4 13
First steps 15
Contact, Service, and Support 16
3
LANCOM Installation Guide – Introduction
Introduction
This LANCOM R&S®Unified Firewall Migration Guide describes how to
upgrade the software of your LANCOM R&S®Unified Firewall to LCOS FX
10.4 or newer.
Target group
This document is intended for network and computer technicians who
are responsible for installing and configuring the systems of the LANCOM
R&S®Unified Firewall.
Chapter overview
The contents of this document will assist you in upgrading your LANCOM
R&S®Unified firewall and in the steps required after the upgrade.
This document contains the following chapters:
AChapter “To be checked before the upgrade“ on page5
Steps to consider before the upgrade
AChapter “Supported devices“ on page6
Hardware supported by version LCOS FX 10.4
AChapter “Removed functions“ on page6
A list of functions that the LANCOM R&S
®
Unified Firewall does not
provide in LCOS FX 10.4 and above
AChapter “Manual settings“ on page7
Settings that you must manually reconfigure after the upgrade
AChapter “Upgrading the LANCOM R&S®Unified Firewall from versions
9.6 and 9.8“ on page9
Upgrade information for versions 9.6 and 9.8 of the LANCOM
R&S
®
Unified Firewall
4
LANCOM Installation Guide – Introduction
AChapter “Upgrading the LANCOM R&S®Unified Firewall from versions
9.4 and 9.5“ on page10
Upgrade information for versions 9.4 and 9.5 of the LANCOM R&S
®
Uni-
fied Firewall
AChapter “Upgrading the LANCOM R&S®Unified Firewall prior to version
9.4“ on page13
Upgrade information for versions of the LANCOM R&S
®
Unified Firewall
prior to 9.4
AChapter “First steps“ on page15
First steps for using your LANCOM R&S
®
Unified Firewall with LCOS
FX10.4 after the upgrade
AChapter “Contact, Service & Support“ on page16
Contact points in case of difficulties during the upgrade
5
LANCOM Installation Guide – To be checked before the upgrade
To be checked before the upgrade
Before upgrading your LANCOM R&S®Unified Firewall to the latest LCOS
FX version, please note the following:
AMake sure that your hardware is supported. A list containing all
supported devices is available in the chapter “Supported devices“ on
page6.
AOn devices with less than 4 GB memory not all UTM settings can be
available at the same time.
AIf you operate two LANCOM R&S®Unified Firewalls in high availability
mode, note the following:
ADisable the high availability mode before upgrading your LANCOM
R&S®Unified Firewalls to LCOS FX 10.4.
AYou have to follow the upgrade instructions for both devices
separately.
AAfter the upgrade, configure the high availability settings of both
devices as described in the LANCOM R&S®Unified Firewall user
manual.
AAs from LCOS FX 10.2, a centralized management of the LANCOM
R&S®Unified Firewall is only possible via the LANCOM R&S®UF
Command Center as from version 6.
AMake sure that your configuration does not need any mandatory
settings described in the chapter “Removed functions“ on page6.
ASome settings are not automatically transmitted to LCOS FX 10.4 of
the LANCOM R&S®Unified Firewall. See chapter “Manual settings“ on
page7.
AIf your configuration contains specific backend scripts created by the
technical support, these are disabled on migration and have to be
re-enabled again by the support after migration.
6
LANCOM Installation Guide – To be checked before the upgrade
Supported devices
LCOS FX 10.4 is supported by the following devices:
AGPO150
AGPA300/500
AGPX850
AGPZ1000/2500/5000
AUTM+100/200/300/500/800/1000/2000/2500/5000
ANP+200/500/800/1000/2000/2500/5000
AGP-U 50/100/200/300/400/500
AGP-E 800/900/1000/1100/1200
AGP-S 1600/1700/1800/1900/2000
AGP-T 10
AUF-50/100/200/300/500/900/1000/1200/2000
AUF-T10
Removed functions
The following functions are not available in LCOS FX 10.4:
AVPN connection via PPTP
ALAN accounting
AVPN SSL bridges
ADesktop notes
ADynamic routing
AConnection-specific DNS server
ACentralized management of the LANCOM R&S®Unified Firewall via the
gateprotect Command Center. Instead, use the LANCOM R&S®Unified
Firewall Command Center.
7
LANCOM Installation Guide – To be checked before the upgrade
Manual settings
The following settings are not updated automatically when upgrading to
LCOS FX 10.4. After the upgrade, reconfigure these settings according to
your requirements.
AHigh availability
AMonitoring
ATraffic shaping and QoS
AApplication filter - valid for version 9.6
AMailproxy certificates - valid for version 9.8
AIDS/IPS
AHTTPS proxy certificates
AReverse proxy
Detailed Information on how to configure the above settings can be found
in the user manual of the current LCOS FX version.
8
LANCOM Installation Guide – Upgrade procedure
Upgrade procedure
In the following chapters you will find instructions for upgrading your
LANCOM R&S®Unified Firewall toLCOS FX 10.4:
Installed version Chapter
≥10.0 Refer to the LCOS FX User Manual under “Update settings“ for more
information on upgrading your LANCOM R&S®Unied Firewall to
LCOS FX 10.4 using the web client.
9.8 Chapter ”Upgrading the LANCOM R&S®Unied Firewall from
versions 9.6 and 9.8“ on page 9
9.7 Note: Contact our sales department if your device is not listed under
supported devices.
Note: An upgrade of the LANCOM R&S®Unied Firewall to LCOS
FX 10.4 is not supported by version 9.7. Instead, a complete
reinstallation has to be performed. In the chapter “Installing LCOS
FX 10.4 from a USB stick“ on page 11 you will nd information
on the manual installation of LCOS FX 10.4.
9.6 Chapter “Upgrading the LANCOM R&S®Unied Firewall from
versions 9.6 and 9.8“ on page 9
9.5 / 9.4 Chapter ”Upgrading the LANCOM R&S®Unied Firewall from
versions 9.4 and 9.5“ on page 10
< 9.4 Chapter “Upgrading the LANCOM R&S®Unied Firewall prior to
version 9.4“ on page 13
9
LANCOM Installation Guide – Upgrade procedure
Upgrading the LANCOM R&S®Unified Firewall from
versions 9.6 and 9.8
6If the upgrade process is interrupted, the LANCOM R&S®Unified
Firewall can be damaged. Do not power off the device during
the upgrade process. Only restart the device if you are explicitly
requested to do so.
AIf you are upgrading the LANCOM R&S®Unified Firewall from version
9.8, configure the external access to the Web client in advance
(“Settings > Firewall > Security > Access“).
AIf you are using a device with less than 4 GB memory, disable the UTM
settings. Otherwise, the upgrade may fail.
AIn the gateprotect administration client, open the update manager
(“Settings > Updates“).
ASelect “Upgrade from v9.x to 10.4“.
Tip: If the upgrade is not listed, click on “Refresh“.
Note: Before upgrading, all patches have to be installed. To install some
patches, the LANCOM R&S®Unified Firewall may have to be restarted.
You can find out whether a restart is necessary in the description of the
respective patches.
AClick on “Install“.
AThe upgrade is downloaded automatically.
AThe LANCOM R&S®Unified Firewall restarts after the download is
complete.
Note: Depending on the device type, the integrity check of the upgrade
can take some time.
The LANCOM R&S®Unified Firewall installs the upgrade automatically.
Note: The installation can take up to 30 minutes.
After the installation, the LANCOM R&S®Unified Firewall restarts
automatically.
AClose the gateprotect administration client.
10
LANCOM Installation Guide – Upgrade procedure
If the upgrade fails or the device reboots and the old version is still installed,
please refer to the log files for further information.
For information on how to access the web client of the LANCOM
R&S®Unified Firewall, refer to chapter “First steps“ on page15.
4If you are using a device with less than 4 GB memory, re-enable the
required UTM settings. Not all UTM settings can be active on these
devices at the same time. For more information, refer to the LCOS
FX user manual..
Upgrading the LANCOM R&S®Unified Firewall from
versions 9.4 and 9.5
For upgrading the LANCOM R&S®Unified Firewall from versions 9.4 and
9.5 the following options are available:
AOption 1 (recommended): Installation of LCOS FX 10.4 from a USB stick.
AOption 2 (not recommended): Upgrade of the LANCOM R&S®Unified
Firewall to version 9.6 with a subsequent upgrade to LCOS FX 10.4.
11
LANCOM Installation Guide – Upgrade procedure
Installing LCOS FX 10.4 from a USB stick
6If the upgrade process is interrupted, the LANCOM R&S®Unified
Firewall can be damaged. Do not power off the device during
the upgrade process. Only restart the device if you are explicitly
requested to do so.
AStart the gateprotect administration client and create a backup of your
configuration (“File > Create backup“).
AProceed as follows to create a bootable USB stick:
AConnect the USB stick to your computer.
AOpen your browser and enter the following URL in the address bar:
https://www.mygateprotect.com
Navigate to “Downloads > Firewall (Full version)“.
AFor LCOS FX 10.4 download the following files:
AThe LANCOM R&S®Unified Firewall system image (ISO file)
AThe USB installer (EXE file)
AExecute the USB installer.
The USB installation wizard opens.
The wizard guides you through the configuration. Please note:
AOn the page “Select the R&S Cybersecurity ISO file“ select the ISO
file you have downloaded previously.
AOn the page “Select a backup file (optional)“ select the backup file
you have created previously.
When the message “Configuration successfully completed“ is
displayed, you have created a bootable USB stick for installing the
new system image.
ARemove the USB stick from your computer.
6Never connect the USB stick to a computer while booting. In this
case, an unattended installation of the LANCOM R&S®Unified
Firewall is executed. During this installation, the hard drives are
formatted.
12
LANCOM Installation Guide – Upgrade procedure
AProceed as follows to install the system image from the bootable USB
stick:
APower off the device.
AConnect the USB stick with the new system image to any USB port of
the device. Power on the device to start the unattended installation
of the system image. The device switches off automatically when the
installation process has completed successfully.
ARemove the USB stick after the device has powered off.
6We recommend that you reformat the USB stick after having
completely installed the latest software version of the LANCOM
R&S®Unified Firewall. This prevents accidental installation of the
system image, which would result in formatting the hard disks and
data loss.
After installation, reconfigure those settings that were not automati-
cally transferred during the upgrade. See chapter “Manual settings“ on
page7.
If the upgrade fails or the device reboots and the old version is still
installed, please refer to the log files for further information.
For information on how to access the web client of the LANCOM
R&S®Unified Firewall, refer to chapter ”First steps“ on page15.
Upgrading the LANCOM R&S®Unified Firewall to version 9.6
followed by the upgrade to LCOS FX 10.4
ARepeat the steps in the chapter “Upgrading the LANCOM R&S®Unified
Firewall prior to version 9.4“ on page13, until you reach version 9.6.
APerform the upgrade of the LANCOM R&S®Unified Firewall to LCOS FX
10.4 as described in chapter ”Upgrading the LANCOM R&S®Unified
Firewall from versions 9.6 and 9.8“ on page9.
13
LANCOM Installation Guide – Upgrade procedure
Upgrading the LANCOM R&S®Unified Firewall prior to
version 9.4
4If you operate a gateprotect Firewall or a LANCOM R&S®Unified
Firewall older than version 9.4, you first have to upgrade the device
software to version 9.4.
6If the upgrade process is interrupted, the LANCOM R&S®Unified
Firewall may be damaged. Do not power off the device during
the upgrade process. Only restart the device if you are explicitely
requested to do so.
AIn the gateprotect administration client, open the update manager
(“Settings > Updates“).
Tip: If the upgrade to the next higher version is not listed, click “Refresh“.
Before the upgrade make sure that all patches are installed. To install a
patch. To install a patch, follow the steps described below.
ASelect the next higher version.
ASelect “Install“.
The upgrade will be downloaded and installed automatically.
Note: The installation can take up to 30 minutes.
AAfter the installation has completed, close the gateprotect
administration client. In the logout window, select the option “Restart“.
Tip: For some patches, a device restart is required. Please refer to the
corresponding patch description for further information.
AEach software version of the LANCOM R&S®Unified Firewall requires a
particular version of the gateprotect administration client. This can be
downloaded under https://mygateprotect.com.
AGo to “Downloads > Management Tools“.
ADownload the installer for your LANCOM R&S®Unified Firewall
version.
AInstall the gateprotect administration client.
AStart the gateprotect administration client.
14
LANCOM Installation Guide – Upgrade procedure
AIf your current software version is still older than version 9.4, repeat the
above steps from step 2.
As soon as you have upgraded to version 9.4, you can continue with
the steps in the chapter “Upgrading the LANCOM R&S®Unified Firewall
from versions 9.4 and 9.5“ on page10.
If the upgrade fails or the device reboots and the old version is still installed,
you will find further information in the log files.
15
LANCOM Installation Guide – First steps
First steps
After having installed LCOS FX 10.4, you can access the LANCOM
R&S®Unified Firewall as follows:
AOpen your browser.
AIn the browser’s address bar, enter <IP address>:3438.
Replace here <IP address> by the current IP address of your LANCOM
R&S®Unified Firewall.
ACreate an exception for the certificate warning.
The login page of the LANCOM R&S®Unified Firewall appears.
AEnter the same credentials that you have previously used in the gatepro-
tect administration client.
AClick on “Login“.
AAfter login, you will be asked to agree to the End User License
Agreement (EULA).
ATo agree to the EULA, select “Accept & Login“.
The web client will be opened.
For information on the first steps with LCOS FX 10.4 on the LANCOM
R&S®Unified Firewall, refer to the operating manual. You can find the
operating manual under “Help” in the upper right corner of the screen. It
provides a general introduction to the software and detailed descriptions
of the configuration dialogs.
This manual suits for next models
49
Table of contents
Popular Firewall manuals by other brands
Forcepoint
Forcepoint V5000 G2 quick start guide
Lundix It
Lundix It SPC SmartBox user manual
Draytek
Draytek V2862AC-K quick start guide
Fortinet
Fortinet FortiGate FortiGate-500A install guide
NETGEAR
NETGEAR FVS318 - ProSafe VPN Firewall Router installation guide
PaloAlto Networks
PaloAlto Networks PA-7000 Series Hardware reference guide
