Save the initial configuration and generate the one-time password
Save the initial configuration to establish a management connection for NGFW Engines.
Saving the initial configuration generates the one-time password required for manual configuration using the NGFW Configuration Wizard. You can alternatively upload the configuration details to the Installation Server or save them, for example, on a USB drive.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Select Home.
-
Save the initial configuration information:
- For an individual NGFW Engine node, right-click the node, then select Save Initial Configuration.
- For all the NGFW Engines in a cluster, right-click the top-level cluster element, then select .
- To manually enter details in the NGFW Configuration Wizard or if the engine already has the correct configuration, select View Details, then write down the one-time password.
- Configure the settings.
Next steps
- If you selected to upload the initial configuration to the Installation Server, connect the cables, then turn on the appliance. The appliance contacts the Installation Server and downloads the initial configuration.
- To configure the appliance automatically using a USB drive, turn on the appliance with a USB drive inserted.
- If you manually saved the details, turn on the appliance and import the configuration to the NGFW Configuration Wizard.
Save or Upload Initial Configuration dialog box
Use the information in the following table when you want to save the initial configuration of an NGFW Engine.
Option | Definition |
---|---|
View Details | Opens the Initial Configuration Details dialog box. You can view and copy the one-time password that secures communication between the Management Server and the NGFW Engine. |
Initial Security Policy
(Optional) |
The policy to be installed automatically. Click Select to select an element. |
Local Time Zone | Select a local time zone for commands you enter on the command line. Note: This setting only applies to the local console. NGFW Engines always use UTC (GMT) time internally. The clock on the local console is automatically synchronized with the
Management Server time.
|
Keyboard Layout | Select a language to specify the layout of the keyboard used with the local console. |
Enable SSH Daemon
(Optional) |
When selected, allows remote access to the NGFW Engine command line for troubleshooting purposes.
CAUTION: If you enable SSH, set the password for command-line access after the initial configuration either through the Management Client or by logging
on to the command line. When the password is not set, anyone with SSH access to the NGFW Engine can set the password.
|
USB Drive Installation | Click Save As to save the configuration file to a USB drive. When you turn on the NGFW appliance with the USB drive inserted, it automatically imports and installs the initial configuration and makes initial contact with the Management Server. |
Installation Cloud
(Plug-and-play configuration method, only Single Firewalls that have a dynamic control IP address) |
Click Upload to upload the initial configuration to the Installation Server. When you turn on the NGFW appliance, it automatically downloads and installs the initial configuration and makes initial contact with the
Management Server.
Note: There are special considerations when using plug-and-play configuration. For example, both the SMC and the
NGFW Engines must be registered for plug-and-play configuration before you configure the engines. See Knowledge Base article 9662.
|
Manual Installation | Select from the following options.
|
Initial Configuration Details dialog box
Use this dialog box to view and copy the initial configuration details.
Option | Definition |
---|---|
Engine Node | Shows the name of the selected NGFW Engine node. |
One-Time Generated Password | Shows the one-time password required when the NGFW Engine connects to the Management Server. To copy the password, right-click the password, then select Copy Password. The password is required when the NGFW Engine is configured manually using the NGFW Configuration Wizard. |
Management Server Addresses | The IP address of the Management Server that the NGFW Engine contacts after the initial configuration. |
Management Server Certificate Fingerprint | The certificate fingerprint that secures Management Server communications. |