Provide the necessary information to allow the NGFW Engine to establish contact with the
Management Server.
Note: If you imported a configuration file, the information is filled in automatically.
Important: If there is a firewall between this engine and the Management Server, make sure that the intermediate firewall’s
policy allows the initial contact and all subsequent communications.
Steps
-
Select when you want the appliance to make contact with the Management Server.
- At the end of this session — The appliance makes contact after you confirm the entered
information.
- After the appliance restarts — The appliance makes contact after you confirm the entered information and the
appliance restarts.
-
Enter the one-time password generated by the SMC.
Note: The one-time password is engine-specific and can be used only for one initial connection to the Management Server. After
initial contact has been made, the engine receives a certificate from the SMC
for identification. If the certificate is deleted or expires, repeat the initial contact using a new one-time password.
-
(Optional if you set the appliance to attempt to make contact at the end of this session) Enter the SHA-512 fingerprint generated
by the SMC.
Filling in the certificate fingerprint increases the security of the communications.
-
If the NGFW Engine uses a modem for management contact, define the modem settings.
-
Highlight Settings, then press Enter.
-
On the Modem Settings page, enter the PIN code, then select OK.
The same PIN code must be configured in the properties of the modem interface in the Management Client.
-
Highlight OK, then press Enter.
-
Select Next.
-
Review the configuration summary, then continue the configuration in one of the following ways:
- If you set the initial contact to be made at the end of this session, select Finish and Contact the Management
Server.
- If you set the initial contact to be made after the appliance restarts, select Apply Configuration and
Finish.
-
If you set the initial contact to be made after the appliance restarts, after the configuration has been applied, select
Finish and Turn Off.
When you turn the appliance back on, the appliance makes the initial contact.
-
If you set the initial contact to be made at the end of this session, and if you did not previously enter the SHA-512 fingerprint
generated by the SMC, verify that the fingerprint shown matches, then select
Finish and Proceed.
Note: If you do not select Finish and Proceed within the timeout, the Reject option
is used, and you must make the initial contact again.
Result
After the initial contact has been made successfully, the NGFW Configuration Wizard shuts down and the Ethernet
port used to connect to the appliance is released for regular use.If you set the initial contact to be made at the end of this session,
a notification is shown in the web browser. If you set the initial contact to be made after the appliance restarts, the notification
is not shown.
The engine element’s status changes in the Management Client from Unknown to No
Policy Installed. The connection state is Connected, indicating that the Management Server can
connect to the node.
Note: If the status remains Unknown, run the NGFW Configuration Wizard again, and review the settings. All settings can be changed, except for the engine role.
To change the engine role, you must first reset the appliance to factory default settings.
Next steps
After the appliance has been configured, install a policy on the engine using the Management Client.