Reconfigure the NGFW Engine after clearing the existing configuration

After you create an engine element and clear the existing engine configuration, you can change the role of an NGFW Engine from one type to another.

For details about how to make initial contact using the NGFW Configuration Wizard in a web browser, see the Forcepoint Next Generation Firewall Installation Guide.

Steps

  1. Select Role and press Enter.
  2. Select the new role for the NGFW Engine and press Enter.
    The role-specific NGFW Configuration Wizard starts.
  3. Select one of the following configuration methods:
    • Select Import and press Enter to import a saved configuration.
    • Select Next and press Enter to manually configure the engine’s settings.
  4. (Manual configuration only) Configure the Operating System Settings and Network Interfaces.
    See the Forcepoint Next Generation Firewall Installation Guide.
  5. Select Switch Engine node to initial configuration and fill in the Management Server information.
  6. Select Contact and enter the Management Server IP address and the one-time password.
    CAUTION:
    Select 256-bit Security Strength only if the engine is not able to communicate with the Management Server after you start using a new internal ECDSA certificate authority.
  7. (Optional) Select Edit Fingerprint and press Enter. Fill in the Management Server’s certificate fingerprint (also shown when you saved the initial configuration).
    Filling in the certificate fingerprint increases the security of the communications.
  8. Select Finish and press Enter.
    The engine makes initial contact with the Management Server.
  9. Install a policy on the engine.