Upload the multiple Single Firewall initial configuration to the Installation Server

Uploading the initial configuration to the Installation Server makes the configuration available for use in plug-and-play installations.

1. Make sure that Upload Initial Configuration is selected.
2. (Optional) Select Enable SSH Daemon to allow remote access to the engine command line. SSH access can be helpful in remote troubleshooting.
   • After management contact is established, you can enable and disable remote command-line access to the engine at any time through the right-click menu of the engine. We recommend disabling SSH access whenever it is not needed and making sure that your Access rules allow SSH access to the engines from the administrators’ IP addresses only.
   • While the Firewall Template does not allow these connections, the temporary policy activated right after the engine’s initial configuration does allow SSH access from the Management Server’s IP address. (The temporary policy is in effect until you install the working policy.) Alternatively, you can upload a working policy to be installed on the Firewalls after they have contacted the Management Server.
     CAUTION:
     If you enable SSH, set the password for command-line access after the initial configuration either through the Management Client or by logging on to the command line. When the password is not set, anyone with SSH access to the engine can set the password.
3. Select the Local Time Zone and the Keyboard Layout for use on the command line. The time zone setting is only for displaying the time on the local console; the engines always use UTC (GMT) time internally. The clock is automatically synchronized to match the Management Server’s time.
4. Click Next. The Review and Edit Local Time Zones page opens.
5. Review the local time zones of the Firewalls and change them, if necessary.
6. Click Next.
   The Select a Policy to Install on the Firewalls page opens.