Prepare for plug-and-play configuration

To use plug-and-play-configuration, save the initial configuration file, then upload it to the Installation Server.

Steps

  1. Register the SMC and Secure SD-WAN for plug-and-play configuration.
    1. Go to https://⁠stonesoftlicenses.forcepoint.com.
    2. In the License Identification field, enter your SMC POL code, then click Submit.
    3. Click Register your appliances for Plug & Play installation on NGFW Installation Cloud.
    4. Enter your Secure SD-WAN Engine appliance POS codes and your contact information, then click Submit.
  2. In the Management Client, select Configuration.
  3. Right-click the Engine for which you want to save the initial configuration, then select Configuration > Save Initial Configuration.
  4. (Optional) If you already have a policy you want to use for the engine, click Select, then select a policy as the initial security policy.
    The selected policy is automatically installed after the Secure SD-WAN Engine has contacted the Management Server.
  5. (Optional) Select Enable SSH Daemon to allow remote access to the Secure SD-WAN Engine command line.
    • Enabling SSH in the initial configuration gives you remote command-line access in case the configuration is imported correctly, but the engine fails to establish contact with the Management Server.
    • After the Secure SD-WAN Engine is fully configured, you can enable or disable SSH access using the Management Client. We recommend that you enable SSH access in the Management Client when needed and disable the access again when you are finished. Make sure that your Access rules allow SSH access to the engines from the administrators’ IP addresses only.
    CAUTION:
    If you enable SSH, set the password for command-line access after the initial configuration either through the Management Client or by logging on to the command line. When the password is not set, anyone with SSH access to the engine can set the password.
  6. From the Local Time Zone drop-down list, select the time zone.
    The time zone selection is used only for converting the UTC time that the engines use internally for display on the command line. All internal operations use UTC time, which is synchronized with the Management Server’s time after the engine is configured. For external operations, engines use the time zone of their geographical location.
  7. From the Keyboard Layout drop-down list, select the keyboard layout used for the engine command line.
  8. Select Upload to Installation Server to upload the initial configuration file automatically to the Installation Server.
  9. Click Close.

Next steps

Configure the Secure SD-WAN Engine software using plug-and-play configuration.