Netgate SG-3100 Manual
  1. Manuals
  2. Brands
  3. Netgate Manuals
  4. Gateway
  5. SG-3100
  6. Manual

Netgate SG-3100 Manual

Security gateway
Hide thumbs Also See for SG-3100:
Table of Contents

Advertisement

Quick Links

Security Gateway Manual
SG-3100
© Copyright 2020 Rubicon Communications LLC
Apr 01, 2020

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SG-3100 and is the answer not in the manual?

Questions and answers

Related Manuals for Netgate SG-3100

Summary of Contents for Netgate SG-3100

  • Page 1 Security Gateway Manual SG-3100 © Copyright 2020 Rubicon Communications LLC Apr 01, 2020...
  • Page 2 OUT OF THE BOX 1 Getting Started 2 Initial Configuration 3 pfSense Overview 4 Input and Output Ports 5 Safety and Legal 6 Connecting to the Console Port 7 Reinstalling pfSense Software 8 M.2 SATA Installation 9 Configuring the Switch Ports 10 Additional Resources 11 Warranty and Support...
  • Page 3 Security Gateway Manual SG-3100 This Quick Start Guide covers the first time connection procedures for the Netgate® SG-3100 Firewall Appliance will provide the information needed to keep the appliance up and running. © Copyright 2020 Rubicon Communications LLC...
  • Page 4 CHAPTER GETTING STARTED The basic firewall configuration begins with connecting the pfSense® appliance to the Internet. The pfSense appliance should be unplugged at this time. Connect one end of an Ethernet cable to the WAN port (shown in the Input and Output Ports section) of the pfSense appliance.
  • Page 5 Security Gateway Manual SG-3100 Warning: The default IP Address on the LAN subnet on the pfSense firewall is 192.168.1.1/24. The same subnet cannot be used on both WAN and LAN, so if the default IP address on the ISP-supplied modem is also 192.168.1.1/24, disconnect the WAN interface until the LAN interface on the firewall has been renumbered...
  • Page 6 1. Click Next to start the Setup Wizard. 2. Click Next after you have read the information on Netgate Global Support. 3. On the General Information page, use the following as a guide to configure the firewall.
  • Page 7 Security Gateway Manual SG-3100 Fig. 2: Click Advanced and then Proceed to 192.168.1.1 (unsafe) Fig. 3: Click Next © Copyright 2020 Rubicon Communications LLC...
  • Page 8 Security Gateway Manual SG-3100 DNS Servers: For purposes of this setup guide, use the Google public DNS servers (8.8.8.8 and 8.8.4.4). Fig. 4: Type in the DNS Server information and Click Next 4. Use the following information for the Time Server Information page.
  • Page 9 Security Gateway Manual SG-3100 Fig. 5: Change the Timezone and Click Next Fig. 6: Default Settings Should be Acceptable. Click Next © Copyright 2020 Rubicon Communications LLC...
  • Page 10 Security Gateway Manual SG-3100 Fig. 7: Read and Click Accept © Copyright 2020 Rubicon Communications LLC...
  • Page 11 firewall. Fig. 1: The pfSense Dashboard Section 1 shows important system information such as the model, Serial Number, and Netgate Device ID for this pfsense firewall. Section 2 identifies what version of pfSense software is installed, and if an update is available.
  • Page 12 Security Gateway Manual SG-3100 Section 3 describes Netgate Service and Support. Section 4 shows the various menu headings. Each menu heading has drop-down options for a wide range of configu- ration choices. 3.2 Re-running the Setup Wizard To re-run the Setup Wizard, navigate to System -> Setup Wizard.
  • Page 13 Security Gateway Manual SG-3100 Fig. 3: Backup & Restore Fig. 4: Click Download configuration as XML © Copyright 2020 Rubicon Communications LLC...
  • Page 14 Security Gateway Manual SG-3100 See also: Connecting to the Console Port Connect to the console. Cable is required. Tip: To learn more about getting the most out of your pfSense appliance, sign up for a pfSense Training course or browse our extensive Resource Library.
  • Page 15 CHAPTER FOUR INPUT AND OUTPUT PORTS 4.1 Rear Side 4.1.1 Routed Ethernet Interface Name Port Name mvneta2 OPT1 mvneta0 LED Pattern Description Flashes with 1Gb traffic, solid with link. Left LED only green Both LEDs green Both flash with 100Mb traffic, solid with link. Right LED only green Flashes with 10Mb traffic, solid with link.
  • Page 16 Left Flashes with 10Mb traffic, solid with link. Note: Prior to pfSense® software version 2.4.3, the switched Ethernet ports on the SG-3100 did not support auto MDI-X and required crossover cable unless the client-side connection supported auto MDI-X. This was resolved with 2.4.3 and later versions and a crossover cable is no longer required.
  • Page 17 Security Gateway Manual SG-3100 LED Pattern Description Boot Process The sequence, circle -> square -> diamond, quickly flashes blue. Boot Completed The diamond slowly flashes blue. Update is Available The square slowly flashes orange. © Copyright 2020 Rubicon Communications LLC...
  • Page 18 CHAPTER FIVE SAFETY AND LEGAL 5.1 Safety Notices 1. Read, follow, and keep these instructions. 2. Heed all warnings. 3. Only use attachments/accessories specified by the manufacturer Warning: Do not use this product in location that can be submerged by water. Warning: Do not use this product during an electrical storm to avoid electrical shock.
  • Page 19 Security Gateway Manual SG-3100 5.3 FCC Compliance Changes or modifications not expressly approved by the party responsible for compliance could void the user’s au- thority to operate the equipment. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: 1.
  • Page 20 5.8 Declaration of Conformity 5.8.1 ˇ Cesky[Czech] NETGATE tímto prohla uje, e tento NETGATE device, je ve shod se základními po adavky a dal ími p íslu n mi ustanoveními sm rnice 1999/5/ES. 5.8.2 Dansk [Danish] Undertegnede NETGATE erklærer herved, at følgende udstyr NETGATE device, overholder de væsentlige krav og...
  • Page 21 Alulírott, NETGATE nyilatkozom, hogy a NETGATE device, megfelel a vonatkozó alapvetõ követelményeknek és az 1999/5/EC irányelv egyéb elõírásainak. 5.8.10 Íslenska [Icelandic] Hér me l sir NETGATE yfir ví a NETGATE device, er í samræmi vi grunnkröfur og a rar kröfur, sem ger ar eru í tilskipun 1999/5/EC. 5.8.11 Italiano [Italian] Con la presente NETGATE dichiara che questo NETGATE device, è...
  • Page 22 Security Gateway Manual SG-3100 5.8.12 Latviski [Latvian] Ar o NETGATE deklar , ka NETGATE device, atbilst Direkt vas 1999/5/EK b tiskaj m pras b m un citiem ar to saist tajiem noteikumiem. 5.8.13 Lietuviškai [Lithuanian] NETGATE deklaruoja, kad šis NETGATE ı ˛ renginys atitinka esminius reikalavimus ir kitas 1999/5/EB Direktyvos nuostatas.
  • Page 23 Security Gateway Manual SG-3100 5.8.21 Român ˘ a [Romanian] Prin prezenta, NETGATE declar˘ a c˘ a acest dispozitiv NETGATE este în conformitate cu cerint ele esent iale s i alte prevederi relevante ale Directivei 1999/5/CE. 5.9 Disputes ANY DISPUTE OR CLAIM RELATING IN ANY WAY TO YOUR USE OF ANY PRODUCTS/SERVICES, OR TO ANY PRODUCTS OR SERVICES SOLD OR DISTRIBUTED BY RCL OR ESF WILL BE RESOLVED BY BINDING ARBITRATION IN AUSTIN, TEXAS, RATHER THAN IN COURT.
  • Page 24 Security Gateway Manual SG-3100 5.11 Site Policies, Modification, and Severability Please review our other policies, such as our pricing policy, posted on our websites. These policies also govern your use of Products/Services. We reserve the right to make changes to our site, policies, service terms, and these terms and conditions of use at any time.
  • Page 25 Security Gateway Manual SG-3100 DISCLAIMERS, EXCLUSIONS, OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS. © Copyright 2020 Rubicon Communications LLC...
  • Page 26 CHAPTER CONNECTING TO THE CONSOLE PORT There are times when directly accessing the console is required. Perhaps webGUI or SSH access has been locked out, or the password has been lost or forgotten. This guide shows how to regain access directly through the console. 6.1 Install the Driver A Silicon Labs CP210x USB-to-UART Bridge driver is used to provide access to the console, which is exposed via the Mini-USB port on the appliance.
  • Page 27 Security Gateway Manual SG-3100 6.3 Locate the Console Port Device The appropriate console port device that the workstation assigned as the serial port must be located before attempting to connect to the console. Note: Even if the serial port was assigned in the BIOS, the workstation’s OS may remap it to a different COM Port.
  • Page 28 Security Gateway Manual SG-3100 driver and then try again. FreeBSD The device associated with the system console is likely to show up as /dev/cuaU0. Look for messages about the device attaching in the system log files or by running dmesg.
  • Page 29 Security Gateway Manual SG-3100 Fig. 1: An example of using PuTTY in Windows. © Copyright 2020 Rubicon Communications LLC...
  • Page 30 Security Gateway Manual SG-3100 6.4.2 Terminal Settings The settings to use within the terminal program are: Speed 115200 baud, the speed of the BIOS Data bits 8 Parity none Stop bits 1 Flow Control Off or XON/OFF. Hardware flow control (RTS/CTS) must be disabled.
  • Page 31 Security Gateway Manual SG-3100 6.5.4 Serial Output Stops After the BIOS If serial output is shown for the BIOS but stops afterward, check the following items: • Ensure the terminal program is configured for the correct speed for the installed operating system. (See “No Serial Output”...
  • Page 32 1. Please open a support ticket General Problem and then select Netgate SG-3100 for the platform. Make sure to include the serial number in the ticket to expedite access. Once the ticket is processed, the latest stable version of the firmware will be attached to the ticket, with a name such as: pfSense-netgate-SG-3100-recover-2.4.4-RELEASE-p3-armv6.img.gz...
  • Page 33 Security Gateway Manual SG-3100 © Copyright 2020 Rubicon Communications LLC...
  • Page 34 Security Gateway Manual SG-3100 © Copyright 2020 Rubicon Communications LLC...
  • Page 35 CHAPTER EIGHT M.2 SATA INSTALLATION The SG-3100 has built-in onboard eMMC storage. Optionally, a M.2 SATA drive could be installed as an upgrade or to bypass the onboard eMMC flash memory. Note: The SG-3100 does not support NVMe drives. Warning: Before proceeding: 1.
  • Page 36 Security Gateway Manual SG-3100 Fig. 1: SG-3100 M.2 SATA Locations © Copyright 2020 Rubicon Communications LLC...
  • Page 37 4. Gently push down the M.2 SATA card and replace the screw into the standoff. 5. Place the cover back on and turn the SG-3100 over. Replace the four T10 Torx case screws. Be careful not to crossthread the screws.
  • Page 38 Security Gateway Manual SG-3100 Fig. 3: M.2 SATA Location and Screw Fig. 4: M.2 SATA Location and Screw Close-up © Copyright 2020 Rubicon Communications LLC...
  • Page 39 Security Gateway Manual SG-3100 Fig. 5: Insert the M.2 SATA Drive at about a 30° Angle Fig. 6: The M.2 SATA Drive Installed © Copyright 2020 Rubicon Communications LLC...
  • Page 40 This optional guide shows the steps required to configure the 4 switched Ethernet ports as discrete ports. The following attributes are used in this configuration guide but can be changed to suit your particular requirements: • SG-3100 Ethernet Port: LAN4 • IP Address Assignment: 192.168.100.1/24 •...
  • Page 41 Security Gateway Manual SG-3100 4. In the lower right-hand corner of the screen, click + Add. 5. Choose mvneta1 (MAC Address) - lan from the Parent Interface drop-down menu. 6. Set the VLAN Tag to 4084. Type Lan port 4 as the Description. Click Save.
  • Page 42 Security Gateway Manual SG-3100 7. Go to the Interface Assignments sub-menu. 8. Ensure Available network ports: is correct. It is VLAN 4084 on mvneta1 - lan (Lan port 4) in this example. Click on + Add. 9. Click on OPT2. This is the Interface that matches the new VLAN being created.
  • Page 43 Security Gateway Manual SG-3100 12. Scroll down and make the IPv4 Address 192.168.100.1/24 (in this example). 13. Click Save. 14. Click Apply Changes. 15. Go to Interfaces -> Switches. 16. Go to the VLANs sub-menu. Click in the Enable 802.1q VLAN mode check-box and click Save.
  • Page 44 Security Gateway Manual SG-3100 18. Type 4084 for the VLAN Tag and 4 for Member(s). This represents LAN4 (port 4) and tagged should be unchecked. 19. Click + Add Member to add the LAN Uplink, 5. This member should be tagged as shown.
  • Page 45 25. Click on Port VID 1 beside LAN4. Backspace through 1 and insert 4084, the new VLAN ID. 26. Click Save. This completes the configuration of a discrete port on the SG-3100. because by default, all traffic is blocked. Go to Firewall > Rules You will need to create the appropriate firewall rules...
  • Page 46 ADDITIONAL RESOURCES 10.1 Netgate Training Netgate training offers training courses for increasing your knowledge of pfSense® products and services. Whether you need to maintain or improve the security skills of your staff or offer highly specialized support and improve your customer satisfaction;...
  • Page 47 CHAPTER ELEVEN WARRANTY AND SUPPORT • One year manufacturer’s warranty. • Please contact Netgate for warranty information or view our Product Lifecycle page. • All Specifications subject to change without notice For support information, view our support plans. See also: For more information on how to use pfSense®...

Table of Contents