The console port is the most secure and available administration interface in a CacheGuard appliance. Note that after the installation, the only available administration interface is the console port. To give remote administration access to an administrator for the first, you must use the console port (access admin command).
An administrator must be authenticated before connecting to the system. The "admin" user is the main administrator with the highest administration level. Other administrator users with less privileges can be added to the system using the command admin user. You must login as the "admin" user for the first to connect to the appliance. The password to use is the password that you setup during the installation (the default password for pre installed CacheGuard appliances is "admin"). Please refer to the Administrator Users section of this documentation for further information on administrator users.
The administration/configuration process via a character interface (console port or SSH) is made using the CLI (Command Line Interface). To see the list of all available commands, use the help command without any arguments. To get help on how to use a command, use the help command followed by that command name. If you forget the syntax of a command, a completion facility can help you to find its right syntax to use. The completion is available by using the <TAB> keyboard key.
When using a character interface, the administrator has the ability to create mini-programs using a light-weight "bash" (an open source scripting language). Finally, you can use the history command to get an history of previously typed commands. To disconnect from the console port, use the exit command. The connection is also automatically closed if no command is typed for a certain period of time.
Web Administration GUI
For those who are not familiar with a CLI (Command Line Interface) or simply prefer a GUI (Graphical User Interface), a Web administration GUI is available. To connect to the Web administration GUI you need a Web browser. CacheGuard supports almost all modern Wen browsers in the market such as, but not limited to, Firefox, Chrome, Safari, Opera and Edge. Before being able to connect to a CacheGuard appliance via a Web browser, the Web administration GUI should be activated on the appliance and the remote administrator IP must be allowed to connect.
To activate the Web administration GUI on the appliance and allow remote administrators in the network "10.20.0.0 255.255.255.0" to connect to the appliance via its internal network interface, use the following commands:
When the running (active) configuration is different from a newly built configuration, a blinking down arrow button appears in the title bar inviting you to press on it. Pressing on that icon forwards you to the Apply New Configuration page where you can proceed with the apply operation by pressing the SUBMIT button (or on the green check icon in the title bar) ; it’s that simple. The Web administration GUI is not detailed in the User’s Guide as we hope that its usage is as friendly as straightforward to do not require a detailed documentation.
Secure Shell (SSH)
The appliance can also be remotely administrated using an SSH client. When logged in via an SSH client, the administrator can use the CLI to administrate and configure the appliance. To use the SSH administration interface you should use an SSH client installed on your workstation (Linux ssh command or the Putty application).
To use the SSH administration interface, remote administrators should be allowed to access the appliance and the SSH service should be activated on the appliance. To activate the SSH service on the appliance and allow remote administrators in the network 10.20.0.0 255.255.255.0 to connect to the appliance via its internal network interface, use the following commands:
The process of generating SSH keys depends on the used remote workstation. For instance, to generate an SSH key pair (public and private) on a Linux system you can use the "ssh-keygen" command. To import a public SSH key into a CacheGuard appliance, you should first copy it on a file server supporting TFTP, FTP or SFTP protocols and then load it into your CacheGuard appliance from that file server (you can also run that file server on your workstation). Only trusted file servers are allowed to exchange files with a CacheGuard appliance. To add the file server having the 10.20.0.1 IP address to the list of trusted file servers and allow it to exchange files via the internal network interface of a CacheGuard appliance, use the following commands:
To disconnect an SSH session use the exit command. The SSH session is also automatically closed if no command is typed for a certain period of time.