Table Of Contents
Installing the PIX Firewall
Setup Wizard
PIX Firewall Setup Wizard Requirements
Installing PIX Firewall Setup Wizard
Installing the PIX Firewall
Setup Wizard
The PIX Firewall Setup Wizard provides an easy-to-use interface for building the initial PIX Firewall configuration. Once configured, the PIX Firewall enables hosts on local networks to initiate connections to the Internet or to another "outside" network, while protecting local hosts from connections originating from an outside network. Alternately, you can follow the configuration instructions in Chapter 2, "." To assist you in planning your installation, refer to Appendix A, "."
Note The PIX Firewall can have two or more network interfaces. For any pair of interfaces, one of the interfaces is the local, or internal interface, and one is the outside interface. The relative security level of the interface defines whether it is the local or outside interface; that is, the interface with the higher security level is the local interface, while the interface with the lower security level is the outside interface. For example, a perimeter interface with a security level of 70 is the local interface relative to another perimeter interface with a security level of 40.
Along with the initial configuration settings, the PIX Firewall Setup Wizard allows you to configure several optional features:
•PIX Firewall for Private Link, a secure communication interface between two PIX Firewall units.
•PIX Firewall Manager, a graphical user interface for administering the PIX Firewall and for graphing system activity from log messages.
•Failover, a mechanism for a PIX Firewall to be redundant by allowing two identical units to serve the same functionality.
The Private Link and failover features require optional hardware.
Following the initial configuration, refer to Chapter 2, "" for detailed configuration options. Before continuing with the configuration, familiarize yourself with the Internet Protocol (IP) addresses and network mask values used at your site.
PIX Firewall Setup Wizard Requirements
The PIX Firewall Setup Wizard has the following PIX Firewall installation requirements:
•PIX Firewall unit installed and cabled as described in the Quick Installation Guide for the PIX Firewall.
•Serial cable connection from the PIX Firewall to the Windows-based computer running the Setup Wizard.
•Network cable connections for all PIX Firewall interfaces.
•Windows 95 Workstation or Windows NT Server version 3.51 or later.
•PIX Firewall and the PIX Firewall Setup Wizard software must be version 4.2 or later. To check the version of the PIX Firewall software, look at the label on the PIX Firewall and PIX Firewall Setup Wizard diskettes.
•IP addresses for each PIX Firewall interface.
•IP addresses to use for address translation (optional).
•IP addresses for network routers.
•PIX Firewall privileged mode password. Once set, the password cannot be viewed and must be obtained from its creator. You can select the default password if you do not want to set a specific password.
Optional features require the following information and hardware for configuration:
•PIX Firewall Manager configuration: requires the IP address of the Windows NT computer running the application.
•Private Link configuration: requires an additional PIX Firewall somewhere on the network and an encryption card in each PIX Firewall.
•Failover configuration: requires an additional PIX Firewall and a failover cable to connect the two units. Failover also requires IP addresses for the network interfaces on the PIX Firewall unit that operates as the Standby unit. The IP addresses for the Standby unit must be on the same networks as the Active unit's (the PIX Firewall connected to the Standby unit) network interfaces.
The diskette for installing PIX Firewall Setup Wizard is provided in the PIX Firewall accessory kit.
Installing PIX Firewall Setup Wizard
To install PIX Firewall Setup Wizard:
Note If the PIX Firewall currently has a console connection (HyperTerminal) from the Windows-based computer, you must disconnect from the terminal emulator before running the Setup Wizard. The Setup Wizard cannot share the same serial cable connection with the console.
Step 1 From the Windows NT system, insert the first PIX Firewall Setup Wizard diskette in the diskette drive. You can install the software:
•From My Computer by double-clicking the diskette icon and then double-clicking the miniature computer Setup icon.
•By choosing the Run item from the Start menu and entering the starting filename as a:\setup.exe.
Once the installation program starts, you are prompted with a series of dialog boxes.
Step 2 Follow the instructions in the dialog boxes. In many cases you can simply click Next to accept the default values, and the installation will proceed without interruption. Alternately, you can enter values appropriate for your site and PIX Firewall installation.
During the installation you are prompted to choose Private Link installation and failover installation. Both the Private Link and failover features are optional, requiring additional hardware.
Step 3 At the last dialog box, click Finish.
The PIX Firewall is now configured with the basic operating parameters, allowing connections from hosts on internal interfaces of the PIX Firewall to hosts on the outside interfaces. For detailed feature and configuration information, refer to Chapter 2, "." If you plan to manage the PIX Firewall using the PIX Firewall Manager, refer to the PIX Firewall Manager Version 4.2 Release Notes for installation instructions.