Specifications

ManualsBrandsClavister ManualsComputer equipmentEagle E5

Clavister Eagle E5

Getting Started Guide

Clavister AB

Sjögatan 6J

SE-89160 Örnsköldsvik

SWEDEN

Phone: +46-660-299200

www.clavister.com

Published 2015-04-07

Summary of content (80 pages)

PAGE 1
Clavister Eagle E5 Getting Started Guide Clavister AB Sjögatan 6J SE-89160 Örnsköldsvik SWEDEN Phone: +46-660-299200 www.clavister.
PAGE 2
Clavister Eagle E5 Getting Started Guide Published 2015-04-07 Copyright © 2015 Clavister AB Copyright Notice This publication, including all photographs, illustrations and software, is protected under international copyright laws, with all rights reserved. Neither this manual, nor any of the material contained herein, may be reproduced without the written consent of Clavister. Disclaimer The information in this document is subject to change without notice.
PAGE 3
Table of Contents Preface ................................................................................................................ 5 1. E5 Product Overview .......................................................................................... 7 1.1. Unpacking the E5 .................................................................................... 7 1.2. Interfaces and Ports ................................................................................. 9 2. Registering with Clavister ......
PAGE 4
List of Figures 1.1. An Unpacked Clavister E5 Appliance .................................................................. 7 1.2. Clavister E5 Connection Ports ............................................................................ 9 1.3. The E5 Ethernet Interface Ports .......................................................................... 9 3.1. The E5 Local Console Port ................................................................................ 22 3.2. E5 Power Inlet Socket .................
PAGE 5
Preface Target Audience The target audience for this guide is the administrator who has taken delivery of a packaged Clavister E5 appliance and is setting it up for the first time. The guide takes the user from unpacking and installation of the device through to power-up, including network connections and initial cOS Core configuration. Text Structure The text is divided into chapters and subsections. Numbered subsections are shown in the table of contents at the beginning of the document.
PAGE 6
Preface Text links Where a "See section" link is provided in the main text, this can be clicked on to take the reader directly to that reference. For example, see Section 4.6, “Setup Troubleshooting ”. Web links Web links included in the document are clickable. For example, http://www.clavister.com. Trademarks Certain names in this publication are the trademarks of their respective owners. cOS Core is the trademark of Clavister AB.
PAGE 7
Chapter 1: E5 Product Overview • Unpacking the E5, page 7 • Interfaces and Ports, page 9 1.1. Unpacking the E5 Figure 1.1. An Unpacked Clavister E5 Appliance This section details the unpacking of the E5 appliance. Open the packaging box used for shipping and carefully unpack the contents. The delivered product packaging should contain the following: • The Clavister E5 appliance. • RJ45 Ethernet cable. • Power cable. • A pack of 4 adhesive rubber feet for flat surface mounting.
PAGE 8
Chapter 1: E5 Product Overview Note: If any items are missing If any items are missing from the E5 package, please contact the reseller or distributor. All relevant documentation in PDF format can be downloaded from the Clavister website and is included in the ZIP file distributions of new cOS Core versions. Downloadable E5 Documentation All documentation and other resources for the E5, including this guide, can be downloaded from the E5 product page which can be found at http://www.clavister.com/start.
PAGE 9
Chapter 1: E5 Product Overview 1.2. Interfaces and Ports This section is an overview of the E5 product's external design. Figure 1.2. Clavister E5 Connection Ports The E5 features the following connection ports on the front panel: • On the left there is a set of RJ45 Gigabit Ethernet interfaces which are numbered 1 to 5. All 5 interfaces are connected together by a common switch fabric and share the single logical cOS Core interface name GESW.
PAGE 10
Chapter 1: E5 Product Overview • The top-left flashes green to indicate data traffic. • The top-right light is green if the link is 10 or 100 Mb. • The top-right light is amber if the link is 1 Gb. Note: The GESW interface cannot be used with link aggregation If the cOS Core link aggregation feature is used, the logical GESW interface cannot be part of a LinkAggregation object.
PAGE 11
Chapter 1: E5 Product Overview 11
PAGE 12
Chapter 2: Registering with Clavister Before applying power to the E5 and starting cOS Core, it is important to understand the the customer and product registration procedures. There are two types of registration: • Registering as a Clavister Customer This involves registering basic contact and company information on the Clavister website and establishing login credentials.
PAGE 13
Chapter 2: Registering with Clavister 2. The customer login page is presented. It is assumed that a new customer is accessing the site for the first time so they should press the Register button. If already registered, log in and skip to step 8. 3. The registration webpage is now presented. The required information should be filled in. In the example below, a user called John Smith registers. It is important to enter the administrator's company details as well.
PAGE 14
Chapter 2: Registering with Clavister 5. Below is an example of the email that John Smith would receive. 6. When the confirmation link in the email is clicked, the new customer is taken to a webpage to indicate that confirmation has been successful. They should now log in to the Clavister website with the credentials they have submitted during registration. 7. After logging in, the website toolbar will show the name of the currently logged in customer.
PAGE 15
Chapter 2: Registering with Clavister B. Registration of the E5 Hardware Unit These steps describe manual registration of the E5 hardware unit. Alternatively, if the E5 is connected to the Internet then this registration can be also be performed automatically by the cOS Core Setup Wizard which will appear as a browser popup window in the Web Interface when cOS Core starts for the first time. 1. Log in to the Clavister website and select the Register License option. 2. The registration page is displayed.
PAGE 16
Chapter 2: Registering with Clavister The image above shows an example label which illustrates the typical layout of identification labels found on Clavister hardware products. After Successful Hardware Registration Once the E5 hardware unit is registered, a cOS Core license for the unit becomes available for download and installation from Clavister servers. This installation can be done automatically through the cOS Core Setup Wizard which is described in Section 4.2, “Web Interface and Wizard Setup”.
PAGE 17
Chapter 3: E5 Installation • General Installation Guidelines, page 17 • Flat Surface Installation, page 19 • Rack Mounting, page 20 • Local Console Port Connection, page 22 • Connecting Power, page 24 3.1. General Installation Guidelines Follow these geneneral guidelines when installing your Clavister E5 appliance: • Safety Take notice of the safety guidelines laid out in Chapter 7, Safety Precautions. These are specified in multiple languages.
PAGE 18
Chapter 3: E5 Installation A third party surge protection device should be considered and is strongly recommended as a means to prevent electrical surges reaching the appliance. This is mentioned again in Section 3.5, “Connecting Power”. • Temperature Do not install the appliance in an environment where the ambient temperature during operation might fall outside the specified operating range. This range is documented in Appendix A, E5 Specifications.
PAGE 19
Chapter 3: E5 Installation 3.2. Flat Surface Installation The E5 can be mounted on any appropriate stable, flat, level surface that can safely support the weight of the appliance and its attached cables. Included with the E5 is a bag of 4 rubber feet that can be attached to the underside of the unit for operation on a flat surface. This protects both the surface and the appliance from external damage as well as allowing air to circulate underneath the hardware during operation.
PAGE 20
Chapter 3: E5 Installation 3.3. Rack Mounting A Rack Mount Kit is supplied with the E5 for mounting the product in a 19-inch rack. Included with the kit is the following: • • 2 x side brackets. 8 x bracket screws. 4 for securing one bracket to one side of the E5. The kit is attached to the sides of the E5 unit prior to mounting in the rack. There are pre-drilled holes in each bracket and in the side of the E5 as shown below. Align the bracket screw holes with the pre-drilled holes on the side of the E5.
PAGE 21
Chapter 3: E5 Installation Repeat this for each side of the E5 so the brackets are mounted as shown below. The E5 is now ready to be rack mounted. No rear support is required.
PAGE 22
Chapter 3: E5 Installation 3.4. Local Console Port Connection The local console port is the physical RJ45 RS-232 port on the far right-hand side front panel of the E5. Figure 3.1. The E5 Local Console Port This local console port allows direct management connection to the appliance, either from a separate computer running console emulation software or from a console terminal.
PAGE 23
Chapter 3: E5 Installation • i. 9600 bps. ii. No parity. iii. 8 bits. iv. 1 stop bit. v. No flow control. An RS-232 cable with appropriate terminating connectors. Connection Steps To connect a terminal to the local console port, perform the following steps: 1. Check that the console connection settings are configured as described above. 2. Connect one of the connectors on the cable directly to the local console port on the E5. 3.
PAGE 24
Chapter 3: E5 Installation 3.5. Connecting Power This section describes connecting power. The E5 has a single internal 12V/2.5A AC to DC power adaptor. As soon as power is applied, the E5 will boot-up and cOS Core will start. Important Please review the electrical safety information in Chapter 7, Safety Precautions. Connecting AC Power To connect power, follow these steps: 1. Plug the end of the power cord into the power inlet socket on the E5. Figure 3.2. E5 Power Inlet Socket 2.
PAGE 25
Chapter 3: E5 Installation 25
PAGE 26
Chapter 4: cOS Core Configuration • Management Workstation Connection, page 26 • Web Interface and Wizard Setup, page 29 • Manual Web Interface Setup, page 37 • CLI Setup, page 53 • License Installation Methods, page 61 • Setup Troubleshooting , page 63 • Going Further with cOS Core, page 65 4.1. Management Workstation Connection cOS Core Starts After Power Up It is assumed that the E5 unit is now unpacked, positioned correctly and powered is applied.
PAGE 27
Chapter 4: cOS Core Configuration • Through a web browser. A standard web browser running on a standalone computer (also referred to as the management workstation) can be used to access the cOS Core Web Interface. This provides an intuitive graphical interface for cOS Core management. When this interface is accessed for the first time, a setup wizard runs automatically to guide a new user through key setup steps.
PAGE 28
Chapter 4: cOS Core Configuration For connection to the public Internet, another E5 Ethernet interface should be connected to an ISP and this is referred to in the setup wizard as the WAN interface. In this guide, it is assumed that the physical G2 interface of the E5 is used for Internet connection, although any other unused interface could be used instead. Direct Connection to the Management Interface Connection to the management interface from the workstation can be done directly without a switch.
PAGE 29
Chapter 4: cOS Core Configuration 4.2. Web Interface and Wizard Setup This chapter describes the setup when accessing cOS Core for the first time through a web browser. The user interface accessed in this way is called the Web Interface. It assumes that a physical network connection has been set up from a management computer to the default management Ethernet interface as described in Section 4.1, “Management Workstation Connection”.
PAGE 30
Chapter 4: cOS Core Configuration It is possible to configure cOS Core to use a CA signed certificate instead of self-signed certificate for the management login and doing this is described in the cOS Core Administration Guide. The Login Dialog cOS Core will next respond like a web server with the initial login dialog page as shown below. The available Web Interface language options are selectable at the bottom of this dialog.
PAGE 31
Chapter 4: cOS Core Configuration the Clavister Security Gateway is being used in Transparent Mode between two internal networks, then the configuration setup is best done with manual Web Interface steps or through the CLI instead of through the wizard and these are explained in the two sections that follow. Advantages of the Wizard The wizard makes setup easier because it automates what would otherwise be a more complex set of individual setup steps.
PAGE 32
Chapter 4: cOS Core Configuration Wizard step 3: Select the WAN interface Next, you will be asked for the WAN interface that will be used to connect to an ISP for Internet access. Wizard step 4: Select the WAN interface settings This step selects how the WAN connection to the Internet will function. It can be one of Manual configuration, DHCP, PPPoE or PPTP as shown below.
PAGE 33
Chapter 4: cOS Core Configuration These four different connection options are discussed next in the subsections 4A to 4D that follow. • 4A. Static - manual configuration Information supplied by the ISP should be entered in the next wizard screen. All fields need to be entered except for the Secondary DNS server field. • 4B. DHCP - automatic configuration All required IP addresses will automatically be retrieved from the ISP's DHCP server with this option.
PAGE 34
Chapter 4: cOS Core Configuration DNS servers are set automatically after connection with PPPoE. • 4D. PPTP settings The username and password supplied by an ISP for PPTP connection should be entered. If DHCP is to be used with the ISP then this should be selected, otherwise Static should be selected followed by entering the static IP address supplied by the ISP. DNS servers are set automatically after connection with PPTP.
PAGE 35
Chapter 4: cOS Core Configuration Wizard step 6: Helper server settings Optional NTP and Syslog servers can be enabled here in the wizard or configured later. Network Time Protocol servers keep the system date and time accurate. Syslog servers can be used to receive and store log messages sent by cOS Core. For the default gateway, it is recommended to specify the IPv4 address assigned to the internal network interface. In this setup, this corresponds to 192.168.1.1.
PAGE 36
Chapter 4: cOS Core Configuration Wizard step 7: Activate setup The final step for the configuration is to save and activate it by pressing the Activate button. After this step the Web Interface returns to its normal appearance and the administrator can continue to configure the system. Wizard step 8: License Activation This optional step is to install a license which is fetched automatically from Clavister servers.
PAGE 37
Chapter 4: cOS Core Configuration 4.3. Manual Web Interface Setup This section describes initial cOS Core configuration performed directly through the Web Interface, without using the setup wizard. Configuration is done as a series of individual steps, giving the administrator more direct control over the process. Even if the wizard is used, this section can also be read as a good introduction to using the Web Interface for configuring key aspects of cOS Core.
PAGE 38
Chapter 4: cOS Core Configuration Important: The time server URL requires the "dns:" prefix When specifying a URL in cOS Core for the time server, it must have the prefix "dns:". Once the values are set correctly, we can press the OK button to save the values while we move on to more steps in cOS Core configuration. Although changed values like this are saved by cOS Core, they do not become active until the entire saved configuration becomes the current and active configuration.
PAGE 39
Chapter 4: cOS Core Configuration Reconfiguration is a process that the cOS Core administrator may initiate often. Normally, reconfiguration takes a brief amount of time and causes only a slight delay in traffic throughput. Active user connections through the Clavister Security Gateway should rarely be lost. Tip: How frequently to commit configuration changes It is up to the administrator to decide how many changes to make before activating a new configuration.
PAGE 40
Chapter 4: cOS Core Configuration The initial step is to set up a number of IPv4 address objects in the cOS Core Address Book. Let us assume for this section that the interface used for Internet connection is G2 and that the static IPv4 address for this interface is to be 10.5.4.35, the ISP's gateway IPv4 address is 10.5.4.1, and the network to which they both belong is 10.5.4.0/24.
PAGE 41
Chapter 4: cOS Core Configuration Tip: Creating address book folders New folders can be created when needed and provide a convenient way to group together related IP address objects. The folder name can be chosen to indicate the folder's contents. Now click the Add button at the top left of the list and choose the IP4 Address option to add a new address to the folder. Enter the details of the object into the properties fields for the IP4 Address object. Below, the IPv4 address 10.5.4.
PAGE 42
Chapter 4: cOS Core Configuration interface will now appear and the settings can be changed including the default gateway. Press OK to save the changes. Although changes are remembered by cOS Core, the changed configuration is not yet activated and won't be activated until cOS Core is told explicitly to use the changed configuration. Remember that DHCP should not be enabled when using static IP addresses and also that the IP address of the Default Gateway (which is the ISP's router) must be specified.
PAGE 43
Chapter 4: cOS Core Configuration The destination network in the IP rule is specified as the predefined IP4 Address object all-nets. This is used since it cannot be known in advance to which IP address web browsing will be directed and all-nets allows browsing to any IP address. IP rules are processed in a top down fashion, with the search ending at first matching rule.
PAGE 44
Chapter 4: cOS Core Configuration Like the IP rule for HTTP, this rule also specifies that the action for DNS requests is NAT so all DNS request traffic is sent out by cOS Core with the outgoing interface's IP address as the source IP. For the Internet connection to work, a route also needs to be defined so that cOS Core knows on which interface the web browsing traffic should leave the Clavister Security Gateway.
PAGE 45
Chapter 4: cOS Core Configuration B. DHCP - automatic configuration All the required IP addresses for Internet connection can, alternatively, be automatically retrieved from an ISP's DHCP server by enabling the DHCP Client option for the interface connected to the ISP. This option is enabled by first selecting Network > Interfaces and VPN > Ethernet to display a list of all the interfaces.
PAGE 46
Chapter 4: cOS Core Configuration For PPPoE connection, we must create a PPPoE tunnel interface associated with the physical Ethernet interface. Assume that the physical interface is G2 and the PPPoE tunnel object created is called wan_pppoe. Go to Network > Interfaces and VPN > PPPoE and select Add > PPPoE Tunnel. These values can now be entered into the PPPoE Tunnel properties dialog. An ISP will supply the correct values for pppoe_username and pppoe_password in the dialog above.
PAGE 47
Chapter 4: cOS Core Configuration An ISP will supply the correct values for pptp_username, pptp_password and the remote endpoint. An interface is not specified when defining the tunnel because this is determined by cOS Core looking up the Remote Endpoint IP address in its routing tables. The PPTP client tunnel interface can now be treated exactly like a physical interface by the policies defined in cOS Core rule sets.
PAGE 48
Chapter 4: cOS Core Configuration An example IP pool range might be 196.168.1.10 - 192.168.1.20 with a netmask of 255.255.0.0. In addition, it is important to specify the Default gateway for the server. This will be handed out to DHCP clients on the internal networks so that they know where to find the public Internet. The default gateway is always the IPv4 address of the interface on which the DHCP server is configured, in this case, G1_ip Select the Options tab to set this.
PAGE 49
Chapter 4: cOS Core Configuration Tip: Address book object naming The cOS Core address book is organized alphabetically so when choosing names for IP address objects it is best to have the descriptive part of the name first. In this case, use syslog_ip as the name and not ip_syslog. Allowing ICMP Ping Requests As a further example of setting up IP rules, it can be very useful to allow ICMP Ping requests to flow through the Clavister Security Gateway.
PAGE 50
Chapter 4: cOS Core Configuration The IP rule again has the NAT action and this is necessary if the protected local hosts have private IPv4 addresses. The ICMP requests will be sent out from the Clavister Security Gateway with the IP address of the interface connected to the ISP as the source interface. Responding hosts will send back ICMP responses to this single IP and cOS Core will then forward the response to the correct private IPv4 address.
PAGE 51
Chapter 4: cOS Core Configuration Logging can now be enabled on this rule with the desired severity. Click the Log Settings tab, and click the Enable logging box. All log messages generated by this rule will be given the selected severity and which will appear in the text of the log messages. It is up to the administrator to choose the severity and depends on how they would like to classify the messages.
PAGE 52
Chapter 4: cOS Core Configuration Doing this is described in Section 4.5, “License Installation Methods”.
PAGE 53
Chapter 4: cOS Core Configuration 4.4. CLI Setup This chapter describes the setup steps using CLI commands instead of the setup wizard. The CLI is accessible using either one of two methods: • Using an SSH (Secure Shell) client, across a network connection to the IPv4 address 192.168.1.1 on the default management Ethernet interface. The physical network connection setup to the computer running the client is described in Section 4.
PAGE 54
Chapter 4: cOS Core Configuration The new username/password combination should be remembered and the password should be composed in a way which makes it difficult to guess. The next step is to return the CLI to the default context which is the top level of object categories. Device:/AdminUsers> cc Device:/> Setting the Date and Time Many cOS Core functions, such as event logging and certificate handling, rely on an accurate date and time.
PAGE 55
Chapter 4: cOS Core Configuration Note: Private IPv4 addresses are used for example only Each installation's IP addresses will be different from the example IP addresses but they are used here only to illustrate how setup is done. Also, these addresses are private IPv4 addresses and in reality an ISP would use public IPv4 addresses instead. We first add the gateway IPv4 address object which we will call wan_gw: Device:/> add Address IP4Address wan_gw Address=10.5.4.
PAGE 56
Chapter 4: cOS Core Configuration EthernetDevice: AutoSwitchRoute: AutoInterfaceNetworkRoute: AutoDefaultGatewayRoute: ReceiveMulticastTraffic: MemberOfRoutingTable: Comments: 0:G2 1: No Yes Yes Auto All Setting the default gateway on the interface has the additional effect that cOS Core automatically creates a route in the default main routing table that has the network all-nets routed on the interface. This means that we do not need to explicitly create this route.
PAGE 57
Chapter 4: cOS Core Configuration Device:/> set DNS DNSServer1=dns1_address Assuming a second IP object called dns2_address has been defined, the second DNS server is specified with: Device:/> set DNS DNSServer2=dns2_address B. DHCP - automatic configuration Alternatively, all required IP addresses can be automatically retrieved from the ISP's DHCP server by enabling DHCP on the interface connected to the ISP.
PAGE 58
Chapter 4: cOS Core Configuration source interface and source network (in this example, the network G1_net and interface G1 to flow to the destination network all-nets and the destination interface which is the PPPoE tunnel that has been defined. D. PPTP setup For PPTP connection, first create the PPTP tunnel interface. It is assumed below that we will create a PPTP tunnel object called wan_pptp with the remote endpoint 10.5.4.
PAGE 59
Chapter 4: cOS Core Configuration DHCP Server Setup If the Clavister Security Gateway is to act as a DHCP server then this can be set up in the following way: First define an IPv4 address object which has the address range that can be handed out. Here, we will use the IPv4 range 192.168.1.10 - 192.168.1.20 as an example and this will be available on the G1 interface which is connected to the protected internal network G1_net Device:/> add Address IP4Address dhcp_range Address=192.168.1.10-192.168.1.
PAGE 60
Chapter 4: cOS Core Configuration Add an IP rule called allow_ping_outbound to allow ICMP pings to pass: Device:/> add IPRule name=allow_ping_outbound Action=NAT SourceInterface=G1 SourceNetwork=InterfaceAddresses/G1_net DestinationInterface=G2 DestinationNetwork=all-nets Service=ping-outbound The IP rule again has the NAT action and this is necessary if the protected local hosts have private IPv4 addresses.
PAGE 61
Chapter 4: cOS Core Configuration 4.5. License Installation Methods Without a valid license installed, cOS Core will run in demo mode (demonstration mode) which means that it will cease to function after two hours of operation. Restarting cOS Core will re-enable cOS Core for another two hours. To remove this 2 hour restriction, a valid license must be installed.
PAGE 62
Chapter 4: cOS Core Configuration v. Download a license from the license list to the computer's local disk. vi. The license file is uploaded to the security gateway through the cOS Core Web Interface by going to Status > Maintenance > License and pressing the Upload button to select the license file. Following upload, cOS Core will install the file. Alternatively, the license file can be uploaded using SCP.
PAGE 63
Chapter 4: cOS Core Configuration 4.6. Setup Troubleshooting This appendix deals with connection problems that might occur when connecting a management workstation to a Clavister Security Gateway. If the management interface does not respond after the Clavister Security Gateway has powered up and cOS Core has started, there are a number of simple steps to troubleshoot basic connection problems: 1. Check that the correct interface is being used.
PAGE 64
Chapter 4: cOS Core Configuration This will display console messages that show all the ARP packets being received on the different interfaces and confirm that the correct cables are connected to the correct interfaces.
PAGE 65
Chapter 4: cOS Core Configuration 4.7. Going Further with cOS Core After initial setup is complete, the administrator is ready to go further with configuring cOS Core to suit the requirements of a particular networking scenario. All E5 resources can be downloaded from the E5 product page which can be found at http://www.clavister.com/start.
PAGE 66
Chapter 4: cOS Core Configuration Included with the quick start section is a checklist for troubleshooting and advice on how best to deal with the networking complications that can arise with certificates. Log Messages By default, certain events will generate log messages and at least one log server should be configured in cOS Core to capture these messages, although a feature called memlog will capture recent log messages in local cOS Core memory.
PAGE 67
Chapter 4: cOS Core Configuration 67
PAGE 68
Chapter 5: Resetting to Factory Defaults In some circumstances, it may be necessary to reset the E5 hardware to the state it was in when it left the factory. This is known as a reset to factory defaults. With the E5, a reset can be done in one of the following ways: • By selecting an option in the boot menu. This menu can be accessed on the local CLI console by pressing any console key as cOS Core starts. • Manually, by pressing a recessed button on the front of the E5 unit.
PAGE 69
Chapter 5: Resetting to Factory Defaults Administrators Guide. Performing a Reset Manually As an alternative to resetting using the boot menu, the E5 can be reset manually.. The steps for a manual reset are as follows: 1. The progress of the reset can be followed using a local console connection. If that is required, open a console display window connected to the E5 local console port. 2. Power off the hardware. 3.
PAGE 70
Chapter 6: Warranty Service Limitation of Warranty Clavister warrants to the customer of the E5 Appliance that the Hardware components will be free from defects in material and workmanship under normal use for a period of two (2) years from the Start Date (as defined below).
PAGE 71
Chapter 6: Warranty Service Clavister AB Sjögatan 6J 891 60 Örnsköldsvik SWEDEN If the product has not yet been registered with the Clavister through its client web, a proof of purchase (such as a copy of the dated purchase invoice) must be provided with the shipped product. Important: An RMA Number must be obtained before shipping! Any package returned to Clavister without an RMA number will be rejected and shipped back to the Purchaser at the Purchaser's expense.
PAGE 72
Chapter 7: Safety Precautions Safety Precautions Clavister E5 devices are Safety Class I products and have protective ground terminals. There must be an uninterrupted safety earth ground from the main power source to the product’s input wiring terminals, power cord, or supplied power cord set. Whenever it is likely that the protection has been impaired, disconnect the power cord until the ground has been restored.
PAGE 73
Chapter 7: Safety Precautions Informations concernant la sécurité Cet appareil est un produit de classe I et possède une borne de mise à la terre. La source d’alimentation principale doit être munie d’une prise de terre de sécurité installée aux bornes du câblage d’entree, sur le cordon d’alimentation ou le cordon de raccordement fourni avec le produit. Lorsque cette protection semble avoir été endommagée, débrancher le cordon d’alimentation jusqu’à ce que la mise à la terre ait été réparée.
PAGE 74
Chapter 7: Safety Precautions • se la vostra LAN copre un’area servita da più di un sistema di distribuzione elettrica, accertatevi che i collegamenti a terra di sicurezza siano ben collegati fra loro; • i cavi LAN possono occasionalmente andare soggetti a pericolose tensioni transitorie (ad esempio, provocate da lampi o disturbi nella griglia d’alimentazione della società elettrica); siate cauti nel toccare parti esposte in metallo della rete.
PAGE 75
Appendix A: E5 Specifications Below are the key hardware specifications for the Clavister E5 product. Dimensions, Weight and MTBF Height x Width x Depth (mm) 44 x 280 x 180 Hardware Weight 1.6 kg Packaged Weight 2.
PAGE 76
Appendix B: Declarations of Conformity 76
PAGE 77
Appendix B: Declarations of Conformity 77
PAGE 78
Appendix C: Port Based VLAN Setup VLAN support on the E5 is divided into two types: • On the Ethernet interfaces G1 and G2, VLANs are created by configuring them normally in cOS Core. It is cOS Core that then takes on the task of adding and recognizing VLAN tags in packets. It is not a hardware function. Setting up these types of VLAN with the E5 is discussed in the separate cOS Core Administration Guide.
PAGE 79
Appendix C: Port Based VLAN Setup 2. Associate the VLANs with GESW interfaces Go to Network > Interfaces and VPN > VLAN > Switch Management, enable port based VLAN and set each numbered GESW interface to be associated with the relevant VLAN to get the desired configuration. For this example, the screenshot below shows how this would look in the Web Interface. This last dialog is only available in the Web Interface for Clavister hardware platforms that support port based VLANs.
PAGE 80
Clavister AB Sjögatan 6J SE-89160 Örnsköldsvik SWEDEN Phone: +46-660-299200 www.clavister.