Standard Installation

From Secure Web Gateway
Share/Save/Bookmark
Revision as of 16:43, 22 April 2019 by Samidha12 (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Language Selection

English is the default selected language. Change it only, if you are not very comfortable with English.

Language Selection.png

Country Selection 

Select your country as the location.This selection is related to ensure correct time settings of the system.

Country selection.png

Keyboard layout Selection 

Select the keyboard layout that matches the origin of the keyboard attached to the system.

Keyboard selection.png

Network interface selection

All network interfaces detected in your system are displayed. Select the interface that has Internet connectivity as the primary.

Ethernet.png


Assign IP address to the primary interface

IP address.PNG


Setting up the Netmask

10.png

Gateway Setting

Set the IP address of your network gateway, usually your router.

Gateway.png

 

 

 

 

Specify DNS

Specify the IP of your preferred DNS. If you have an Active Directory Service, set this to the IP address of the Directory Server (AD). This DNS is used only during the installation. The SAB sets up a caching name server that uses the Root DNS for serving your users.

 

Dns setup.png

Note:If you want to Integrate a Linux Host with a Windows AD for Kerberos SSO authentication in future you must have to specify Name Server Addresses as your Active Directory Server.

If you miss to specifyName Server Addresses as your Active Directory Server , you have another option to change the Name Server Addresses as your Active Directory Server.

  • When you will be entering successfully into the SafeSquid SWG which is last step of Standard Installation edit the file path using below command on console

 vim /etc/network/interfaces

This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

The loopback network interface
auto lo
iface lo inet loopback

The primary network interface
auto eth0
iface eth0 inet static
        address 192.168.25.25
        netmask 255.255.0.0
        network 192.168.0.0
        broadcast 192.168.255.255
        gateway 192.168.1.10
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 192.168.221.1
        dns-search safesquid.test

 

  • Edit yourdns-nameservers 192.168.221.1  as your IP address of Active Directory Server and restart networking service using below command.

/etc/init.d/networking restart

Setup DNSSlide1.PNG

 

Hostname of Your Server

Integration with your Active Directory Service, requires proper assignment of the Fully Qualified Domain Name.
It is therefore strongly recommend to carefully select the the desired hostname for your secure web gateway. The default host name is SWG. You can give any hostname as per your choice other than safesquid.That means hostname never be safesquid.
Slide1.PNG

Domain name Setting 

The domain name setting is also very important, if you plan to integrate it with your active directory.

Domain name.png

 

NTP server Configuration

By default, ntp server has been set to pool.ntp.org . If you have your own ntp server, then you may set to that address for clock synchronization between computer systems to some time reference.

Ntp.png

Note : If you want to Integrate a Linux Host with a Windows AD for Kerberos SSO authentication in future it is advisable to specify Time Synchronisation Server as your IP address of Active Directory server space pool.net.org (There should be a single space in between AD IP address and pool.ntp.org ) 192.168.221.1 pool.ntp.org

Dns and time synchSlide1 (2).PNG

 

Choose a mirror of the Ubuntu archive

Select the country for ubuntu archive to download required packages

Choose a mirror of the ubuntu archive.png

 

Mirror2.png

HTTP proxy Setup

This field should be blank

Http proxy.png

 

Loading Additional components 

It will load additional components automatically.

Load additional components.png

Note:

If you face any error while installing SafeSquid Appliance Builder (SAB-ISO), you should get debugging logs information by pressing ALT+F4 and ALT+F1 to return on previous screen.

Configure the Clock 

Using Yes or No you can configure the clock.You need to scroll down and search your continent and time zone nearby location.

Clock.png

Setting Up partitions

Here it will process the partitioning required for SafeSquid.

Setting partition.png

Installation of base system 

It will automatically install the base system. It takes little bit of time to install completely.

Installation of base system .png

Configuring the apt 

It will configure apt packages one after the other in this process.

Configuring the apt.png

Select and install software

 Here it install the OS.

Select and install software.png

 

Finishing installation

Finishing the installation is the last step in installation.

Finishing installation.png

At last, the system reboots and goes through system initialization. Afterward, a welcome screen appears with SafeSquid(Secure Web Gateway) screen.

Note:

If you face any error while installing SafeSquid Appliance Builder (SAB-ISO), you should get debugging logs information by pressing ALT+F4 and ALT+F1 to return on previous screen.

SafeSquid(Secure Web Gateway) screen..png

Login to the Server

If you observe the screen by default it will give you username along with the password.You need to enter the same username and password for first login.

  • User name: administrator
  • Password : safesquid
    Name and password.png

You need to reset the password on the first login.

Resetpassword.png

You will be entering successfully into the SafeSquid SWG.

Admin1.PNG

 

Note1:

If you are doing standard installation on Physical machine using USB bootable pendive Link

After installation has been completed with USB bootable pendive and initial login with administrator ( sudo -i )

Run grub command to install grub MBR on first disk /dev/sda

Commands:

grub-install /dev/sda
update-grub
reboot
(Remove the USB bootable pendive)

As soon as you remove the USB bootable pendrive it should display prompt for login.

(Above commands only required to run if it is displaying the blank screen after removing USB bootable pendrive)

Note2: To set up two network cards for static addressing.

First you need to find the name of the card using below command

root@sabproxy:~# dmesg | grep -i network

You can also search for "eth" instead of "network"

In this case we have to set two network cards eth0 and eth1 respectively:

[ 1.165623] e1000 0000:00:03.0: eth0: Intel(R) PRO/1000 Network Connection
[ 1.645478] e1000 0000:00:08.0: eth1: Intel(R) PRO/1000 Network Connection


Command to find network interfaces available on your system:

root@sabproxy:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:8c:12:c2
          inet addr:192.168.221.222  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::20c:29ff:fe8c:12c2/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:39383 errors:0 dropped:1844 overruns:0 frame:0
          TX packets:20605 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:41922443 (41.9 MB)  TX bytes:1584156 (1.5 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:396 errors:0 dropped:0 overruns:0 frame:0
          TX packets:396 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:47092 (47.0 KB)  TX bytes:47092 (47.0 KB)

In above case eth0 is already configured while installation of SafeSquid Appliance Builder(SAB).

It's time to enable eth1
Edit the file path using below command on console

vim /etc/network/interfaces

This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

The loopback network interface
auto lo
iface lo inet loopback

The primary network interface
auto eth0
iface eth0 inet static
        address 192.168.223.101
        netmask 255.255.0.0
        network 192.168.0.0
        broadcast 192.168.255.255
        gateway 192.168.1.10


auto eth1
iface eth1 inet static
        address 10.1.0.101
        netmask 255.255.0.0
        network 10.1.0.0
        broadcast 10.1.255.255
        gateway 10.1.0.100

To restart network interface eth1 up

root@sabproxy:~# service network-interface restart INTERFACE=eth1

 

Troubleshooting

  1. ISO installation issues