Netgate Netgate-4100 User manual
Security Gateway Manual
Netgate-4100
© Copyright 2022 Rubicon Communications LLC
Mar 29, 2022
Security Gateway Manual Netgate-4100
This Quick Start Guide covers the first time connection procedures for the Netgate® 4100 Desktop Firewall Appliance
and will provide the information needed to keep the appliance up and running.
Tip: Before getting started, we recommend downloading the PDF version of the Product Manual and the PDF version
of the pfSense Documentation in case you lose Internet access.
© Copyright 2022 Rubicon Communications LLC 1
CHAPTER
ONE
OUT OF THE BOX
1.1 Getting Started
The basic firewall configuration begins with connecting the Netgate® appliance to the Internet. The Netgate appliance
should be unplugged at this time.
Connect one end of an Ethernet cable to the WAN port (shown in the Input and Output Ports section) of the Netgate
appliance. The other end of the same cable should be inserted into a port of the Cable or DSL modem. The modem
provided by the ISP should have multiple LAN ports. Any port should work.
Next, connect one end of a second Ethernet cable to the LAN port (shown in the Input and Output Ports section) of
the Netgate appliance. Connect the other end to the computer.
2
Security Gateway Manual Netgate-4100
Warning: The default IP Address on the LAN subnet on the Netgate firewall is 192.168.1.1/24. The same
subnet cannot be used on both WAN and LAN, so if the default IP address on the ISP-supplied modem is also
192.168.1.1/24,disconnect the WAN interface until the LAN interface on the firewall has been renumbered
to a different subnet (like 192.168.2.1/24).
1.2 Initial Configuration
Plug the power cable into the power port (shown in the Input and Output Ports section) to turn on the Netgate®
Firewall. Allow 4 or 5 minutes to boot up completely.
Warning: If your DSL or Cable Modem has a default IP Address of 192.168.1.1, please disconnect the Ethernet
cable from the WAN1 port on your Netgate 4100 Security Gateway before proceeding. You will need to change
the default IP Address of the device during a later step in the configuration.
1. From the computer, log into the Web Interface
Open a web browser (Google Chrome in this example) and type in 192.168.1.1 on the address bar. Press
Enter.
Fig. 1: Enter the Default LAN IP Address
2. A warning message may appear. If this message or similar message is encountered, it is safe to proceed. Click
the Advanced Button and then click Proceed to 192.168.1.1 (unsafe) to continue.
3. At the Sign In page, enter the default pfSense®Plus username and password and click Next.
• Default Username: admin
• Default Password: pfsense
1.2.1 The Setup Wizard
The following steps will step through the Setup Wizard for the initial configuration of the firewall.
Note: Ignore the warning to reset the ‘admin’ account password. One of the steps in the Setup Wizard is to change
the default password.
1. Click Next to start the Setup Wizard.
2. Click Next after you have read the information on Netgate Global Support.
3. On the General Information page, use the following as a guide to configure the firewall.
Hostname: Any desired name can be entered. For the purposes of this guide, the default hostname pfsense
is used.
© Copyright 2022 Rubicon Communications LLC 3
Security Gateway Manual Netgate-4100
Fig. 2: Click Advanced and then Proceed to 192.168.1.1 (unsafe)
Fig. 3: Click Next
© Copyright 2022 Rubicon Communications LLC 4
Security Gateway Manual Netgate-4100
Domain: The default localdomain is used for the purposes of this tutorial.
DNS Servers: For purposes of this setup guide, use the Google public DNS servers (8.8.8.8 and 8.8.4.4).
Fig. 4: Type in the DNS Server information and Click Next
4. Use the following information for the Time Server Information page.
Time Server Hostname: Use the default time server address.
Timezone: Select the time zone for the location of the firewall. For this guide, the Timezone will be set to
America/Chicago for US Central time.
5. The WAN interface is the Public IP address the network will use to communicate with the Internet. Use the
following information for the WAN configuration page.
DHCP is the default and is the most common type of interface for home cable modems.
Default settings for the other items on this page should be acceptable for normal home users.
6. Configuring LAN IP Address & Subnet Mask. The default LAN IP address of 192.168.1.1 and subnet mask
of 24 is usually sufficient.
Tip: If your DSL or Cable Modem has a default IP Address of 192.168.1.1, change the IP Address of your
Netgate 4100 Security Gateway to a different subnet, such as 192.168.2.1 with a subnet mask of 24 to avoid
an IP Address conflict.
7. Change the Admin Password. Enter the same password in both fields.
8. Click Reload to save the configuration.
© Copyright 2022 Rubicon Communications LLC 5
Security Gateway Manual Netgate-4100
Fig. 5: Change the Timezone and Click Next
Fig. 6: Default Settings Should be Acceptable. Click Next
© Copyright 2022 Rubicon Communications LLC 6
Security Gateway Manual Netgate-4100
9. After a few seconds, a message will indicate the Setup Wizard has completed. To proceed to the pfSense®Plus
dashboard, click Finish.
10. A final notification screen will appear with the Copyright and Trademark Notices. Read and click Accept
to continue to the dashboard.
Fig. 7: Read and Click Accept
If you unplugged the Ethernet cable at the beginning of this configuration, reconnect it to the WAN1 port now.
This completes the basic configuration for the Netgate appliance.
© Copyright 2022 Rubicon Communications LLC 7
Security Gateway Manual Netgate-4100
1.3 pfSense Plus Overview
This page provides an overview of the pfSense®Plus dashboard and navigation. It also provides information on how to
perform frequent tasks such as backing up the pfSense®Plus software and connecting to the Netgate firewall console.
1.3.1 The Dashboard
pfSense®Plus software is highly configurable, all of which can be done through the dashboard. This orientation will
help to navigate and further configure the firewall.
Fig. 8: The pfSense®Plus Dashboard
Section 1 shows important system information such as the model, Serial Number, and Netgate Device ID for this
Netgate firewall.
Section 2 identifies what version of pfSense®Plus software is installed, and if an update is available.
Section 3 describes Netgate Service and Support.
Section 4 shows the various menu headings. Each menu heading has drop-down options for a wide range of configu-
ration choices.
© Copyright 2022 Rubicon Communications LLC 8
Security Gateway Manual Netgate-4100
1.3.2 Re-running the Setup Wizard
To re-run the Setup Wizard, navigate to System -> Setup Wizard.
Fig. 9: Re-run the Setup Wizard
1.3.3 Backup and Restore
It is important to backup the firewall configuration prior to updating or making any configuration changes. From the
menu at the top of the page, browse to Diagnostics > Backup/Restore.
Click Download configuration as XML and save a copy of the firewall configuration to the computer con-
nected to the Netgate firewall.
This backup (or any backup) can be restored from the same screen by choosing the backed up file under Restore
Configuration.
Note: Auto Config Backup is a built-in service located at Services -> Auto Config Backup. This service will save
up to 100 encrypted backup files automatically, any time a change to the configuration has been made. Visit the Auto
Config Backup page for more information.
© Copyright 2022 Rubicon Communications LLC 9
Security Gateway Manual Netgate-4100
Fig. 10: Backup & Restore
Fig. 11: Click Download configuration as XML
© Copyright 2022 Rubicon Communications LLC 10
Security Gateway Manual Netgate-4100
Connecting to the Console
There are times when accessing the console is required. Perhaps GUI console access has been locked out, or the
password has been lost or forgotten.
See also:
Connecting to the Console Port Connect to the console. Cable is required.
Tip: To learn more about getting the most out of your Netgate appliance, sign up for a pfSense Plus Training course
or browse our extensive Resource Library.
1.4 Input and Output Ports
1.4.1 Networking Ports
The WAN1 and WAN2 Combo-Ports are shared ports. Each has an RJ-45 port and an SFP port. Only the RJ-45 or the
SFP connector can be used each port.
Note: Each port, WAN1 and WAN2, is descrete and individual. You can use the RJ-45 connector on one port, and
the SFP connector on the other.
Port Interface Name Port Name Port Type Port Speed
2 WAN1 ix3 RJ-45/SFP 1 Gbps
3 WAN2 ix2 RJ-45/SFP 1 Gbps
4 LAN1 - LAN4 igc0 - 3 RJ-45 2.5 Gbps
© Copyright 2022 Rubicon Communications LLC 11
Security Gateway Manual Netgate-4100
1.4.2 Other Ports
Port Description
1 Console
5 Power
• The Console access can be accessed with a console cable using the mini-USB connector, or it can be accessed
with a USB-to-RJ45 “Cisco” cable
• The Power connector is 12VDC with threaded locking connector. Power Consumption 20W (idle)
1.4.3 Front Side
LED Pattern Description
Boot Process The sequence, circle -> square -> diamond, quickly flashes blue.
Boot Completed The diamond slowly flashes blue.
Update is Available The square slowly flashes orange.
1.5 Safety and Legal
1.5.1 Safety Notices
1. Read, follow, and keep these instructions.
2. Heed all warnings.
3. Only use attachments/accessories specified by the manufacturer.
Warning: Do not use this product in location that can be submerged by water.
© Copyright 2022 Rubicon Communications LLC 12
Security Gateway Manual Netgate-4100
Warning: Do not use this product during an electrical storm to avoid electrical shock.
1.5.2 Electrical Safety Information
1. Compliance is required with respect to voltage, frequency, and current requirements indicated on the manu-
facturer’s label. Connection to a different power source than those specified may result in improper operation,
damage to the equipment or pose a fire hazard if the limitations are not followed.
2. There are no operator serviceable parts inside this equipment. Service should be provided only by a qualified
service technician.
3. This equipment is provided with a detachable power cord which has an integral safety ground wire intended for
connection to a grounded safety outlet.
a) Do not substitute the power cord with one that is not the provided approved type. If a 3 prong plug is
provided, never use an adapter plug to connect to a 2-wire outlet as this will defeat the continuity of the
grounding wire.
b) The equipment requires the use of the ground wire as a part of the safety certification, modification or
misuse can provide a shock hazard that can result in serious injury or death.
c) Contact a qualified electrician or the manufacturer if there are questions about the installation prior to
connecting the equipment.
d) Protective grounding/earthing is provided by Listed AC adapter. Building installation shall provide appro-
priate short-circuit backup protection.
e) Protective bonding must be installed in accordance with local national wiring rules and regulations.
1.5.3 FCC Compliance
Changes or modifications not expressly approved by the party responsible for compliance could void the user’s au-
thority to operate the equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the
following two conditions:
1. This device may not cause harmful interference, and
2. This device must accept any interference received, including interference that may cause undesired operation.
Note: This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant
to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference
when the equipment is operated in a residential environment.
1.5.4 Industry Canada
This Class B digital apparatus complies with Canadian ICES-3(B). Cet appareil numérique de la classe B est conforme
à la norme NMB-3(B) Canada.
© Copyright 2022 Rubicon Communications LLC 13
Security Gateway Manual Netgate-4100
1.5.5 Australia and New Zealand
This is a AMC Compliance level 2 product. This product is suitable for domestic environments.
1.5.6 CE Marking
CE marking on this product represents the product is in compliance with all directives that are applicable to it.
1.5.7 RoHS/WEEE Compliance Statement
English
European Directive 2002/96/EC requires that the equipment bearing this symbol on the product and/or its packaging
must not be disposed of with unsorted municipal waste. The symbol indicates that this product should be disposed
of separately from regular household waste streams. It is your responsibility to dispose of this and other electric and
electronic equipment via designated collection facilities appointed by the government or local authorities. Correct
disposal and recycling will help prevent potential negative consequences to the environment and human health. For
more detailed information about the disposal of your old equipment, please contact your local authorities, waste
disposal service, or the shop where you purchased the product.
Deutsch
Die Europäische Richtlinie 2002/96/EC verlangt, dass technische Ausrüstung, die direkt am Gerät und/oder an der
Verpackung mit diesem Symbol versehen ist, nicht zusammen mit unsortiertem Gemeindeabfall entsorgt werden darf.
Das Symbol weist darauf hin, dass das Produkt von regulärem Haushaltmüll getrennt entsorgt werden sollte. Es liegt in
Ihrer Verantwortung, dieses Gerät und andere elektrische und elektronische Geräte über die dafür zuständigen und von
der Regierung oder örtlichen Behörden dazu bestimmten Sammelstellen zu entsorgen. Ordnungsgemäßes Entsorgen
und Recyceln trägt dazu bei, potentielle negative Folgen für Umwelt und die menschliche Gesundheit zu vermeiden.
Wenn Sie weitere Informationen zur Entsorgung Ihrer Altgeräte benötigen, wenden Sie sich bitte an die örtlichen
Behörden oder städtischen Entsorgungsdienste oder an den Händler, bei dem Sie das Produkt erworben haben.
Español
La Directiva 2002/96/CE de la UE exige que los equipos que lleven este símbolo en el propio aparato y/o en su
embalaje no deben eliminarse junto con otros residuos urbanos no seleccionados. El símbolo indica que el producto
en cuestión debe separarse de los residuos domésticos convencionales con vistas a su eliminación. Es responsabilidad
suya desechar este y cualesquiera otros aparatos eléctricos y electrónicos a través de los puntos de recogida que ponen
a su disposición el gobierno y las autoridades locales. Al desechar y reciclar correctamente estos aparatos estará
contribuyendo a evitar posibles consecuencias negativas para el medio ambiente y la salud de las personas. Si desea
obtener información más detallada sobre la eliminación segura de su aparato usado, consulte a las autoridades locales,
al servicio de recogida y eliminación de residuos de su zona o pregunte en la tienda donde adquirió el producto.
© Copyright 2022 Rubicon Communications LLC 14
Security Gateway Manual Netgate-4100
Français
La directive européenne 2002/96/CE exige que l’équipement sur lequel est apposé ce symbole sur le produit et/ou son
emballage ne soit pas jeté avec les autres ordures ménagères. Ce symbole indique que le produit doit être éliminé dans
un circuit distinct de celui pour les déchets des ménages. Il est de votre responsabilité de jeter ce matériel ainsi que
tout autre matériel électrique ou électronique par les moyens de collecte indiqués par le gouvernement et les pouvoirs
publics des collectivités territoriales. L’élimination et le recyclage en bonne et due forme ont pour but de lutter contre
l’impact néfaste potentiel de ce type de produits sur l’environnement et la santé publique. Pour plus d’informations
sur le mode d’élimination de votre ancien équipement, veuillez prendre contact avec les pouvoirs publics locaux, le
service de traitement des déchets, ou l’endroit où vous avez acheté le produit.
Italiano
La direttiva europea 2002/96/EC richiede che le apparecchiature contrassegnate con questo simbolo sul prodotto e/o
sull’imballaggio non siano smaltite insieme ai rifiuti urbani non differenziati. Il simbolo indica che questo prodotto
non deve essere smaltito insieme ai normali rifiuti domestici. È responsabilità del proprietario smaltire sia questi
prodotti sia le altre apparecchiature elettriche ed elettroniche mediante le specifiche strutture di raccolta indicate dal
governo o dagli enti pubblici locali. Il corretto smaltimento ed il riciclaggio aiuteranno a prevenire conseguenze
potenzialmente negative per l’ambiente e per la salute dell’essere umano. Per ricevere informazioni più dettagliate
circa lo smaltimento delle vecchie apparecchiature in Vostro possesso, Vi invitiamo a contattare gli enti pubblici di
competenza, il servizio di smaltimento rifiuti o il negozio nel quale avete acquistato il prodotto.
1.5.8 Declaration of Conformity
ˇ
Cesky[Czech]
NETGATE tímto prohla uje, e tento NETGATE device, je ve shod se základními po adavky a dal ími p íslu n mi
ustanoveními sm rnice 1999/5/ES.
Dansk [Danish]
Undertegnede NETGATE erklærer herved, at følgende udstyr NETGATE device, overholder de væsentlige krav og
øvrige relevante krav i direktiv 1999/5/EF.
Nederlands [Dutch]
Hierbij verklaart NETGATE dat het toestel NETGATE device, in overeenstemming is met de essentiële eisen en
de andere relevante bepalingen van richtlijn 1999/5/EG. Bij deze verklaart NETGATE dat deze NETGATE device,
voldoet aan de essentiële eisen en aan de overige relevante bepalingen van Richtlijn 1999/5/EC.
English
Hereby, NETGATE , declares that this NETGATE device, is in compliance with the essential requirements and other
relevant provisions of Directive 1999/5/EC.
© Copyright 2022 Rubicon Communications LLC 15
Security Gateway Manual Netgate-4100
Eesti [Estonian]
Käesolevaga kinnitab NETGATE seadme NETGATE device, vastavust direktiivi 1999/5/EÜ põhinõuetele ja nimetatud
direktiivist tulenevatele teistele asjakohastele sätetele.
Suomi [Finnish]
NETGATE vakuuttaa täten että NETGATE device, tyyppinen laite on direktiivin 1999/5/EY oleellisten vaatimusten
ja sitä koskevien direktiivin muiden ehtojen mukainen. Français [French] Par la présente NETGATE déclare que
l’appareil Netgate, device est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive
1999/5/CE.
Deutsch [German]
Hiermit erklärt Netgate, dass sich diese NETGATE device, in Übereinstimmung mit den grundlegenden Anforderun-
gen und den anderen relevanten Vorschriften der Richtlinie 1999/5/EG befindet”. (BMWi)
ΕλληνικH [Greek]
ΜΕ ΤΗΝ ΠΑΡΟΥΣΑ NETGATE ΔΗΛΩΝΕΙ ΟΤΙ NETGATE device, ΣΥΜΜΟΡΦΩΝΕΤΑΙ ΠΡΟΣ ΤΙΣ ΟΥΣΙ-
ΩΔΕΙΣ ΑΠΑΙΤΗΣΕΙΣ ΚΑΙ ΤΙΣ ΛΟΙΠΕΣ ΣΧΕΤΙΚΕΣ ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔΗΓΙΑΣ 1995/5/ΕΚ.
Magyar [Hungarian]
Alulírott, NETGATE nyilatkozom, hogy a NETGATE device, megfelel a vonatkozó alapvetõ követelményeknek és az
1999/5/EC irányelv egyéb elõírásainak.
Íslenska [Icelandic]
Hér me l sir NETGATE yfir ví a NETGATE device, er í samræmi vi grunnkröfur og a rar kröfur, sem ger ar eru í
tilskipun 1999/5/EC.
Italiano [Italian]
Con la presente NETGATE dichiara che questo NETGATE device, è conforme ai requisiti essenziali ed alle altre
disposizioni pertinenti stabilite dalla direttiva 1999/5/CE.
Latviski [Latvian]
Ar o NETGATE deklar , ka NETGATE device, atbilst Direkt vas 1999/5/EK b tiskaj m pras b m un citiem ar to saist
tajiem noteikumiem.
© Copyright 2022 Rubicon Communications LLC 16
Security Gateway Manual Netgate-4100
Lietuviškai [Lithuanian]
NETGATE deklaruoja, kad šis NETGATE ı˛renginys atitinka esminius reikalavimus ir kitas 1999/5/EB Direktyvos
nuostatas.
Malti [Maltese]
Hawnhekk, Netgate, jiddikjara li dan NETGATE device, jikkonforma mal- ti ijiet essenzjali u ma provvedimenti o rajn
relevanti li hemm fid-Dirrettiva 1999/5/EC.
Norsk [Norwegian]
NETGATE erklærer herved at utstyret NETGATE device, er i samsvar med de grunnleggende krav og øvrige relevante
krav i direktiv 1999/5/EF.
Slovensky [Slovak]
NETGATE t mto vyhlasuje, e NETGATE device, sp a základné po iadavky a v etky príslu né ustanovenia Smernice
1999/5/ES.
Svenska [Swedish]
Härmed intygar NETGATE att denna NETGATE device, står I överensstämmelse med de väsentliga egenskapskrav
och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG.
Español [Spanish]
Por medio de la presente NETGATE declara que el NETGATE device, cumple con los requisitos esenciales y cua-
lesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE.
Polski [Polish]
Niniejszym, firma NETGATE o wiadcza, e produkt serii NETGATE device, spełnia zasadnicze wymagania i inne
istotne postanowienia Dyrektywy 1999/5/EC.
Português [Portuguese]
NETGATE declara que este NETGATE device, está conforme com os requisitos essenciais e outras disposições da
Directiva 1999/5/CE.
© Copyright 2022 Rubicon Communications LLC 17
Security Gateway Manual Netgate-4100
Român˘
a [Romanian]
Prin prezenta, NETGATE declar˘
a c˘
a acest dispozitiv NETGATE este în conformitate cu cerint
,ele esent
,iale s
,i alte
prevederi relevante ale Directivei 1999/5/CE.
1.5.9 Disputes
ANY DISPUTE OR CLAIM RELATING IN ANY WAY TO YOUR USE OF ANY PRODUCTS/SERVICES, OR
TO ANY PRODUCTS OR SERVICES SOLD OR DISTRIBUTED BY RCL OR ESF WILL BE RESOLVED BY
BINDING ARBITRATION IN AUSTIN, TEXAS, RATHER THAN IN COURT. The Federal Arbitration Act and
federal arbitration law apply to this agreement.
THERE IS NO JUDGE OR JURY IN ARBITRATION, AND COURT REVIEW OF AN ARBITRATION AWARD
IS LIMITED. HOWEVER, AN ARBITRATOR CAN AWARD ON AN INDIVIDUAL BASIS THE SAME DAM-
AGES AND RELIEF AS A COURT (INCLUDING INJUNCTIVE AND DECLARATORY RELIEF OR STATU-
TORY DAMAGES), AND MUST FOLLOW THE TERMS OF THESE TERMS AND CONDITIONS OF USE AS
A COURT WOULD.
To begin an arbitration proceeding, you must send a letter requesting arbitration and describing your claim to the
following:
Rubicon Communications LLC
Attn.: Legal Dept.
4616 West Howard Lane, Suite 900
Austin, Texas 78728
The arbitration will be conducted by the American Arbitration Association (AAA) under its rules. The AAA’s rules
are available at www.adr.org. Payment of all filing, administration and arbitrator fees will be governed by the AAA’s
rules.
We each agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class,
consolidated or representative action. We also both agree that you or we may bring suit in court to enjoin infringement
or other misuse of intellectual property rights.
1.5.10 Applicable Law
By using any Products/Services, you agree that the Federal Arbitration Act, applicable federal law, and the laws of
the state of Texas, without regard to principles of conflict of laws, will govern these terms and conditions of use and
any dispute of any sort that might arise between you and RCL and/or ESF. Any claim or cause of action concerning
these terms and conditions or use of the RCL and/or ESF website must be brought within one (1) year after the claim
or cause of action arises. Exclusive jurisdiction and venue for any dispute or claim arising out of or relating to the
parties’ relationship, these terms and conditions, or the RCL and/or ESF website, shall be with the arbitrator and/or
courts located in Austin, Texas. The judgment of the arbitrator may be enforced by the courts located in Austin, Texas,
or any other court having jurisdiction over you.
© Copyright 2022 Rubicon Communications LLC 18
Other Netgate Gateway manuals
Netgate
Netgate XG-1537 User manual
Netgate
Netgate XG-7100-1U User manual
Netgate
Netgate SG-4860 User manual
Netgate
Netgate SG-5100 User manual
Netgate
Netgate SG-5100 User manual
Netgate
Netgate Netgate-2100 User manual
Netgate
Netgate FXS Series User manual
Netgate
Netgate Netgate-6100 User manual
Netgate
Netgate SG-3100 User manual
Netgate
Netgate SG-1100 User manual
