Establish contact between the NGFW Engine and the Management Server.
Before you begin
Create a Single Firewall element for each
Forcepoint NGFW engine that you deploy in the AWS cloud.
Steps
-
On your computer, open a terminal program, then enter the following command to open an SSH connection to the command line of the
NGFW Engine using the aws user account:
ssh -i <your ssh private key>.pem aws@<aws instance public ip address>
-
On the command line of the NGFW Engine, enter the following command to start the
NGFW Configuration Wizard:
-
Configure the general settings and network interfaces for the NGFW Engine.
For detailed instructions, see the
Forcepoint Next Generation Firewall Installation Guide
.
-
On the Prepare for Management Contact page, select DHCPv4 or
DHCPv6.
-
Select Contact, then press the spacebar.
-
Enter the Management Server contact IP address and the one-time password.
You can copy and paste the one-time password from the Save or Upload Initial Configuration dialog box.
-
Highlight Finish, then press Enter.
The engine now tries to make initial contact with the Management Server. The progress is shown on the command line. If you see a connection refused message, make sure that
the one-time password is correct and that a route to the Management Server IP address has been configured for the
NGFW Engine. Save a
new initial configuration if you are unsure about the password.
Note: If the initial management contact fails for any reason, you can start the configuration again with the
sg-reconfigure command.
Result
After you see notification that Management Server contact has succeeded, the engine installation is complete and the engine is ready to receive a policy. When the initial configuration is complete, the status of the NGFW Engine element changes in the Management Client
from Unknown to No Policy Installed.
The connection state is Connected, indicating that the Management Server can connect to the node.
Next steps
Install a policy on the engine using the Management Client.