HP Firewall Installation Manual
HP A-F1000-A-EI/A-F1000-S-EI VPN Firewall
Installation Guide
Part number: 5998-1415
Document version: 6PW100-20110909
Legal and notice information
© Copyright 2011 Hewlett-Packard Development Company, L.P.
No part of this documentation may be reproduced or transmitted in any form or by any means without
prior written consent of Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice.
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS
MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained
herein or for incidental or consequential damages in connection with the furnishing, performance, or use
of this material.
The only warranties for HP products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an
additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Contents
Product overview·························································································································································· 1
Front panel view································································································································································1
Rear panel view ································································································································································1
Preparing for installation ············································································································································· 3
Safety recommendations ··················································································································································3
Safety symbols ··························································································································································3
General safety recommendations ···························································································································3
Safety with electricity ···············································································································································3
Safety with laser ·······················································································································································4
Examining the installation site ·········································································································································4
Temperature and humidity·······································································································································4
Altitude ······································································································································································5
Cleanness··································································································································································5
Cooling system ·························································································································································5
ESD prevention ·························································································································································6
EMI·············································································································································································7
Lightning protection··················································································································································7
Rack-mounting···························································································································································7
Installation tools·································································································································································7
Accessories supplied by the firewall ·······························································································································8
Checklist before installation ·············································································································································8
Installing the firewall··················································································································································10
Installation flow ······························································································································································10
Installing the firewall in a 19-inch rack························································································································ 10
Grounding the firewall ·················································································································································· 12
Installing an interface module······································································································································· 13
Connecting Ethernet cables··········································································································································· 14
Connecting a copper Ethernet cable··················································································································· 14
Connecting an optical fiber ································································································································· 14
Installing the power supply and connecting the power cord ···················································································· 16
Installing a power supply ·····································································································································16
Connecting an AC power cord ··························································································································· 16
Connecting the DC power cable ························································································································· 17
Logging in to the firewall and configuring basic settings ·······················································································18
Logging in to the firewall through the console port···································································································· 18
Connecting the firewall to a configuration terminal through a console cable················································ 18
Setting terminal parameters·································································································································· 19
Powering on the firewall ···············································································································································21
Checking before power-on··································································································································· 21
Checking after power-on ······································································································································ 21
Logging in to the firewall through Telnet ····················································································································· 22
Logging to the firewall through a web browser·········································································································· 22
Performing basic settings for the firewall····················································································································· 23
Launching the basic configuration wizard·········································································································· 23
Configuring the system name and user password····························································································· 24
Configuring service management························································································································ 25
Configuring the IP address for an interface········································································································ 26
i
Configuring NAT··················································································································································· 27
Completing the configuration wizard ·················································································································29
Hardware management and maintenance ··············································································································30
Displaying detailed information about the firewall ···································································································· 30
Displaying software and hardware version information of the firewall··································································· 31
Displaying the electrical label information of the firewall ·························································································31
Displaying the CPU usage of the firewall···················································································································· 32
Displaying the memory usage of the firewall·············································································································· 32
Displaying the operational status of the fans ·············································································································· 32
Displaying the operational status of a power supply································································································· 32
Displaying the temperature information of the firewall ······························································································ 33
Displaying operational statistics of the firewall ·········································································································· 33
Saving the running configuration of the firewall ········································································································ 34
Rebooting the firewall···················································································································································· 34
Troubleshooting··························································································································································36
Power supply system failure·········································································································································· 36
Fan failure······································································································································································· 36
Configuration terminal problems·································································································································· 37
No terminal display ·············································································································································· 37
Garbled terminal display······································································································································ 37
Password loss ································································································································································· 37
User password loss ··············································································································································· 37
Super password loss ············································································································································· 38
Cooling system failure ··················································································································································· 39
Interface module failure················································································································································· 39
Appendix A Technical specifications ······················································································································40
Dimensions and weight ················································································································································· 40
Storages ·········································································································································································· 40
Power consumption range············································································································································· 40
Power input ···························································································································································· 41
Console port ··································································································································································· 41
Combo interfaces··························································································································································· 41
Appendix B LEDs·······················································································································································43
Front panel LEDs····························································································································································· 43
Appendix C Interface module··································································································································45
NSQ1XS2U0·································································································································································· 45
Appendix D AC power cables used in different countries or regions··································································47
10A AC power cables used in different countries or regions··················································································· 47
16A AC power cables used in different countries or regions··················································································· 50
Support and other resources ·····································································································································53
Contacting HP ································································································································································ 53
Subscription service ·············································································································································· 53
Related information························································································································································ 53
Documents······························································································································································ 53
Websites································································································································································· 53
Conventions ···································································································································································· 54
Index ···········································································································································································56
ii
Product overview
This chapter includes these sections:
• Front panel view
• Rear panel view
NOTE:
The A-F1000-S-EI and A-F1000-A-EI share the same appearance. The following section uses the
A-F1000-A-EI as an example.
Front panel view
Figure 1 Front panel view
(1) Copper Ethernet port of the combo interface (2) Fiber SFP port of the combo interface
(3) Console port (4) USB interface
Rear panel view
Figure 2 Rear panel view
(1) Power supply slot 1 (PWR1) (2) Power supply slot 2 (PWR2)
(3) Interface module slot 2 (SLOT2) (4) ”OPEN BOOK” mark
(5) Grounding screw and mark (6) Interface module slot 1 (SLOT1)
The “OPEN BOOK” mark prompts you to see the related chapters when you perform the following
operations.
1
Table 1 Description of the “OPEN BOOK” mark
Operation Reference
Grounding the firewall Grounding the firewall
Connecting the firewall to the power source
Installing the power supply and connecting the power
cord
2
Preparing for installation
This chapter includes these sections:
• Safety recommendations
• Examining the installation site
• Installation tools
• Accessories supplied by the firewall
• Checklist before installation
Safety recommendations
To avoid possible bodily injury and equipment damage, read the safety recommendations in this chapter
carefully before installing an A-F1000-A-EI/A-F1000-S-EI firewall. The recommendations do not cover
every possible hazardous condition.
This section includes these topics:
• Safety symbols
• General safety recommendations
• Safety with electricity
• Safety with laser
Safety symbols
When reading this document, note the following symbols:
WARNING means an alert that calls attention to important information that if not understood or
followed can result in personal injury.
CAUTION means an alert that calls attention to important information that if not understood or
followed can result in data loss, data corruption, or damage to hardware or software.
General safety recommendations
• Keep the chassis and installation tools away from walk areas.
• Make sure that the ground is dry and flat and anti-slip measures are in place.
• Unplug all the external cables (including power cables) before moving the chassis.
Safety with electricity
• Locate the emergency power-off switch in the room before installation. Shut the power off at once in
case accident occurs.
• Make sure that the firewall has been correctly grounded.
• Connect the interface cables for the firewall correctly.
• Use an uninterruptible power supply (UPS).
3
• If there are two power inputs, disconnect the two power inputs to power off the firewall.
• Do not work alone when the firewall has power.
• Always check that the power has been disconnected.
Safety with laser
• Do not stare into the optical port or fiber connector because the laser light emitted from the optical
fiber may hurt your eyes.
• Install a dust plug on the transceiver module to avoid damage to the transceiver module.
Examining the installation site
The HP A-F1000-A-EI/A-F1000-S-EI firewall can only be used indoors. To ensure that the firewall works
properly and to prolong its service lifetime, the installation site must meet the following requirements:
• Temperature and humidity
• Altitude
• Cleanness
• Cooling system
• ESD prevention
• EMI
• Lightning protection
• Rack-mounting
Temperature and humidity
You must maintain a proper temperature and humidity in the equipment room. Long-term high humidity
may lead to bad insulation, electricity leakage, mechanical property changes, and metal corrosion.
However, if the humidity is too low, captive screws may become loose as the result of contraction of
insulation washers and static electricity may be produced in a dry environment to jeopardize the circuits
on the device. A high temperature is the most undesirable condition, because it accelerates the aging of
insulation materials and significantly lowers reliability and service life of the firewall.
Table 2 Temperature requirements
Item Temperature
Operating temperature 0°C to 45°C (32°F to 113°F)
Storage temperature –40°C to 70°C(–40°F to 158°F)
Table 3 Humidity requirements
Item Humidity
Operating humidity 5% to 95%
Storage humidity 5% to 95%
4
Altitude
Table 4 Altitude requirements
Item Altitude
Operating altitude –60 m (–196.85 ft) to 3 km (1.86 miles)
Storage altitude –60 m (–196.85 ft) to 4.5km(2.8 miles)
Cleanness
Dust buildup on the chassis may result in electrostatic adsorption, which causes poor contact of metal
components and contact points, especially when indoor relative humidity is low. In the worst case,
electrostatic adsorption can cause communication failure.
Table 5 Dust concentration limit in the equipment room
Substance Concentration limit (particles/cu m)
Dust particles
NOTE:
Dust particle diameter 5 m
The equipment room must also meet strict limits on salts, acids, and sulfides to eliminate corrosion and
premature aging of components, as shown in Table 6.
Table 6 Harmful gas li
Gas Max. (mg/m
SO2 0.2
H2S 0.006
NH
3
Cl
2
Cooling system
The A-F1000-A-EI/A-F1000-S-EI firewall adopts left to right airflow for heat dissipation.
3 x 104
(No visible dust on desk in three days)
mits in an equipment room
0.05
0.01
3
)
Figure 3 A-F1000-A-EI/A-F1000-S-EI airflow
5
• Make sure there is enough space (greater than 10 cm (3.94 in)) around the air intake and outlet
vents on the firewall for good ventilation.
• Make sure the installation site has a good cooling system.
ESD prevention
To prevent electrostatic discharge (ESD), note the following guidelines:
• Make sure that the firewall and the floor are well grounded.
• Take dust-proof measures for the equipment room.
• Maintain the humidity and temperature at a proper level.
• Always wear an ESD-preventive wrist strap when touching a circuit board or transceiver module.
• Place the removed interface module on an antistatic workbench, with the face upward, or put it into
an antistatic bag.
• Touch only the edges, instead of electronic components when observing or moving a removed
interface module.
To use the ESD-preventive wrist strap, perform the following steps:
Step1 Wear the wrist strap on your wrist.
Step2 Lock the wrist strap tight around your wrist to keep good contact with the skin.
Step3 Attach the ESD-preventive wrist strap to the rack with the alligator clips.
Step4 Make sure that the rack is well grounded.
Figure 4 Use an ESD-preventive wrist strap
(1) ESD-preventive wrist strap (2) Lock
(3) Alligator clip
6
g
EMI
NOTE:
CAUTION:
• Check the resistance of the ESD-preventive wrist strap for safety. The resistance readin
range of 1 to 10 megohm (Mohm) between human body and the ground.
• No ESD-preventive wrist strap is provided with the A-F1000-A-EI/A-F1000-S-EI firewall. Prepare it
yourself.
To prevent electromagnetic interference (EMI) when you use the firewall, note the following guidelines:
• Take measures against interference from the power grid.
• Do not use the firewall together with the grounding equipment or light-prevention equipment of
power equipment, and keep the firewall far away from them.
• Keep the firewall far away from high-power radio launchers, radars, and equipment with high
frequency or high current.
Use electromagnetic shielding when necessary.
should be in the
Lightning protection
To protect the firewall from lightning better, do as follows:
• Make sure the grounding cable of the chassis is well grounded.
• Make sure the grounding terminal of the AC power receptacle is well grounded.
• Install a lightning arrester at the input end of the power supply to enhance the lightning protection
capability of the power supply.
Rack-mounting
Before mounting the firewall in a standard 19-inch rack, adhere to the following requirements:
• The rack is sturdy enough to support the firewall and installation accessories.
• Make sure that the size of the rack is appropriate for the firewall, and that there is enough clearance
around the left and right sides of the firewall for heat dissipation.
• For heat dissipation and device maintenance, make sure the front and rear of the rack should be at
least 0.8 m (2.62 ft) away from walls or other devices, and that the headroom in the equipment
room should be no less than 3 m (9.84 ft).
Installation tools
Flat-blade
screwdriver
Phillips screwdriver
Needle-nose pliers
7
Wire-stripping
pliers
Diagonal pliers
RJ45 crimping
pliers
Multimeter
Network cable
tester
Mark pen
NOTE:
No installation tool or ESD-preventive wrist strap is provided with the firewall. Prepare them yourself.
Accessories supplied by the firewall
Console cable Grounding cable Feet Mounting bracket
Checklist before installation
Table 7 Checklist before installation
ESD-preventive
wrist strap
Item Requirements Result
• There is a minimum clearance of 10 cm (3.9 in) around
Installation site
Ventilation
the inlet and exhaust vents for heat dissipation of the
firewall chassis.
• A ventilation system is available at the installation site.
Operating
temperature
Operating
humidity
Cleanness Dust concentration 3 × 104 particles/m3
0°C to 45°C (32°F to 113°F)
5% to 95%
• The equipment and floor are well grounded.
• The equipment room is dust-proof.
• The humidity and temperature are at a proper level,
respectively.
• Wear an ESD-preventive wrist strap and uniform when
ESD prevention
touching a circuit board.
• Place the removed interface module on an antistatic
workbench, with the face upward, or put it into an
antistatic bag.
• Touch only the edges, instead of electronic components
when observing or moving a removed interface module.
8
Item Requirements Result
• Take effective measures to protect the power system from
the power grid system.
• Separate the protection ground of the firewall from the
EMI prevention
grounding device or lightning protection grounding
device as far as possible.
• Keep the firewall far away from radio stations, radar
and high-frequency devices working in high current.
• Use electromagnetic shielding when necessary.
Lightning
protection
• The grounding cable of the chassis is well grounded.
• The grounding terminal of the AC power receptacle is
well grounded.
• Equip an uninterruptible power supply (UPS).
Electricity safety
• In case of emergency during operation, switch off the
external power switch.
• The rack is sturdy enough to support the weight of the
firewall and installation accessories.
• The size of the cabinet is appropriate for the firewall.
• The front and rear of the cabinet are at least 0.8 m
(31.50 in) away from walls or other devices.
Safety
precautions
Tools
Reference
Rack-mounting
requirements
• The firewall is far away from any moist area and heat source.
• The emergency power switch in the equipment room is located.
• Installation accessories supplied with the firewall
• User supplied tools
• Documents shipped with the firewall
• Online documents
9
Installing the firewall
This chapter includes these sections:
• Installation flow
• Installing the firewall in a 19-inch rack
• Grounding the firewall
• Installing an interface module
• Connecting Ethernet cables
• Installing the power supply and connecting the power cord
Installation flow
Figure 5 HP firewall installation flow
Start
Install the firewall to a 19' rack
Ground the firewall
Install an interface module
Connecting Ethernet cables
Connect the power cord
End
Installing the firewall in a 19-inch rack
Step1 As shown in Figure 6, install the cage nuts to proper positions on the rack posts.
10
Figure 6 Install cage nuts
Step2 Install the mounting brackets to both sides of the front panel, as shown in Figure 7.
Figure 7 Install the mounting brackets to both sides of the front panel
Step3 Supporting the firewall bottom with one hand, push the firewall into the rack horizontally.
Step4 Fix the firewall horizontally by fastening the front mounting brackets at both sides to the rack with
appropriate pan head screws. The specifications of pan head screws must satisfy the installation
requirements, and rustproof treatment has been made to their surfaces.
11
Figure 8 Fix the firewall to the rack
Grounding the firewall
WARNING!
Correctly connecting the firewall grounding cable is crucial to lightning protection and EMI protection.
Follow these steps to connect the grounding cable:
Step1 Remove the grounding screw from the rear panel of the firewall chassis.
Step2 Attach the grounding screw to the OT terminal of the grounding cable.
Step3 Use a screwdriver to fasten the grounding screw into the grounding screw hole.
Step4 Ground the other end of the grounding cable, as shown in Figure 9, by connecting the grounding cable
to the grounding terminal of the rack.
12
Figure 9 Connect the grounding cable
1
(1) OT terminal
Installing an interface module
CAUTION:
A NSQ1XS2U0 interface module can be installed only to slot 1.
Follow these steps to install an interface module:
Step1 Remove the filler panel on slot 1. Use a Phillips screwdriver to loosen the fastening screws on the filler
panel, and then remove the filler panel.
Step2 Push the interface module slowly along the guide rails into the slot until it touches the slot bottom.
Figure 10 Install an interface module
Step3 Use a screwdriver to fasten the captive screws on the interface module.
Step4 Check the status LED of slot 1 on the front panel when you power on the firewall. On means the interface
module is installed correctly and running properly. Off means the interface module has failed the
power-on self-test (POST).
13
g
A
Connecting Ethernet cables
Connecting a copper Ethernet cable
Follow these steps to connect a copper Ethernet cable:
Step1 Plug one end of an Ethernet twisted pair cable into the copper Ethernet port (RJ-45 port) to be connected
on the firewall.
Step2 Plug the other end of the cable into the RJ-45 port of the peer device.
Step3 After the firewall is powered on, check the status LED of the port. If the LED is solid green, you can be sure
that the link is connected. For more information about the LED status, see the chapter “Appendix B
LEDs.”
Connecting an optical fiber
Before connecting the firewall to the network, you must install a transceiver module to the firewall, and
then insert the fiber connector to the transceiver module. The A-F1000-A-EI/A-F1000-S-EI firewall
supports LC connectors only.
WARNING!
When connecting an optical fiber, note the following guidelines:
• Never bend or curve a fiber when connectin
not less than 10 cm (3.94 in).
• Keep the fiber end clean.
• Make sure that the fiber connector matches the transceiver module.
• Before connecting a fiber, make sure that the optical power at the receiving end does not exceed the
upper threshold of the optical receive power of the transceiver module. Otherwise, the transceiver
module may be damaged. For the optical power of a transceiver module, see the chapter “Appendix
Technical specifications.”
Follow these steps to connect optical fibers:
Step1 Remove the dust plug of the SFP port.
Figure 11 Remove the dust plug
it. After a fiber is installed well, the bend radius must be
14
Loading...