H3C SecPath F100-C-EI Quick start guide

  • Hello! I am an AI chatbot trained to assist you with the H3C SecPath F100-C-EI Quick start guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
H3C SecPath F100-C-EI Firewall
Quick Start
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Manual Version: 5PW100-20080729
Copyright © 2008, Hangzhou H3C Technologies Co., Ltd.
and its licensors
All Rights Reserved
No part of this manual may be reproduced or transmitted in any form
or by any means without prior written consent of Hangzhou H3C
Technologies Co., Ltd.
Trademarks
H3C, , Aolynk, , H
3
Care,
, TOP G, , IRF,
NetPilot, Neocean, NeoVTL, SecPro, SecPoint, SecEngine, SecPath,
Comware, Secware, Storware, NQA, VVG, V
2
G, V
n
G, PSPT, XGbus,
N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou
H3C Technologies Co., Ltd.
All other trademarks that may be mentioned in this manual are the
property of their respective owners.
Notice
The information in this document is subject to change without notice.
Every effort has been made in the preparation of this document to
ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of
any kind, express or implied.
Technical Support
customer_service@h3c.com
http://www.h3c.com
About This Manual
Organization
H3C SecPath F100-C-EI Firewall Quick Start is organized as
follows:
Chapter Contents
1 Firewall Overview
Briefly introduces the product
specifications, as well as the features and
applications of the H3C SecPath F100-C-EI
Firewall.
2 Connecting Cables
Guides you through how to connect PGND
wires, power cord, and console cables for
the H3C SecPath F100-C-EI Firewall.
Appendix
Compliance and
Safety Manual
Briefly introduces the product Regulatory
Compliance Information and Safety
Information of the H3C SecPath F100-C-EI
Firewall.
Conventions
The manual uses the following conventions:
I. GUI conventions
Convention Description
Boldface
Window names, button names, field names,
and menu items are in Boldface. For example,
the New User window appears; click OK.
>
Multi-level menus are separated by angle
brackets. For example, File > Create >
Folder.
II.
Symbols
Convention Description
Warning
Means reader be extremely careful. Improper
operation may cause bodily injury.
Caution
Means reader be careful. Improper operation
may cause data loss or damage to equipment.
Note
Means a complementary description.
Related Documentation
In addition to this manual, each H3C SecPath Series Security
Products documentation set includes the following:
Manual Content
H3C SecPath
F100-C-EI Firewall
Installation Manual
Describes the installation preparations,
installation procedure, software
maintenance, and troubleshooting for the
H3C SecPath F100-C-EI Firewall.
Manual Content
H3C SecPath Series
Security Products
Operation Manual
Describes the features and specifications,
working principles of the H3C SecPath
series gateways/firewalls, and how to
configure the manipulate them.
H3C SecPath Series
Security Products
Command Manual
Describes the configuration commands for
the H3C SecPath series
gateways/firewalls, including syntax,
complete command line, parameters,
operation views, description and examples.
H3C SecPath Series
Security Products
Web Configuration
Manual
Guides you through configuring the H3C
SecPath series firewalls through Web
interfaces.
Obtaining Documentation
You can access the most up-to-date H3C product documentation
on the World Wide Web at this URL: http://www.h3c.com.
The following are the columns from which you can obtain different
categories of product documentation:
[Products & Solutions]: Provides information about products and
technologies, as well as solutions.
[Technical Support & Document > Technical Documents]:
Provides several categories of product documentation, such as
installation, operation, and maintenance.
[Technical Support & Document > Product Support > Software]:
Provides the documentation released with the software version.
Documentation Feedback
You can e-mail your comments about product documentation to
We appreciate your comments.
Environmental Protection
This product has been designed to comply with the requirements
on environmental protection. For the proper storage, use and disposal
of this product, national laws and regulations must be observed.
Quick Start
H3C SecPath F100-C-EI Firewall
Table of Contents
i
Table of Contents
Chapter 1 Firewall Overview.........................................................1-1
1.1 Introduction ........................................................................1-1
1.2 Technical Specifications ....................................................1-3
Chapter 2 Connecting Cables ......................................................2-1
2.1 Connecting the PGND Wire...............................................2-1
2.2 Connecting the Power Cord...............................................2-3
2.3 Connecting the Console Cable..........................................2-4
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 1 Firewall Overvie
w
1-1
Chapter 1 Firewall Overview
1.1 Introduction
The H3C SecPath F100-C-EI Firewall (hereinafter referred to as
the F100-C-EI) is a new-generation firewall intended for small office
home office (SOHO) use.
The F100-C-EI has the following features:
z Provides uplink WAN interface compliant to international
standard, ensuring the interoperability with the products of
other vendors.
z Provides five 10/100 Mbps auto-sensing Ethernet interfaces
that can be assigned to different security zones, such as
Trust, DMZ, Untrust and management security zones.
z Supports internal temperature detection, network
management, and Web-based management, satisfying
carrier-class reliability requirements.
z Supports such features as external attack defense, TCP
proxy, internal network security, traffic policing, web filtering,
and email filtering, to effectively safeguard your network.
z Adopts the application specific packet filtering (ASPF)
technology to monitor connection process and unauthorized
operations, and works together with access control lists
(ACLs) to implement dynamic packet filtering.
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 1 Firewall Overvie
w
1-2
z Provides various intelligent analysis and management
methods, supports email alert and multiple types of logs,
and provides network management monitoring to help
network administrators perform network security
management.
z Supports authentication, authorization and accounting
(AAA), and network address translation (NAT) to ensure
security and guaranteed services to the private networks
constructed on the open Internet.
z Supports multiple virtual private network (VPN) services,
such as Layer 2 tunneling protocol (L2TP) VPN, IP security
(IPSec) VPN, generic routing encapsulation (GRE) VPN,
and dynamic VPN. It allows users to build various VPNs, like
Internet, Intranet, and remote access VPNs using
customized remote-user access approaches, such as
dial-up, leased line, virtual LAN (VLAN), and tunneling.
z Supports basic routing features, including routing
information protocol (RIP), open shortest path first (OSPF),
routing policy and policy routing, and also provides
abundant QoS (quality of service) features, such as traffic
policing, traffic shaping and queue scheduling.
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 1 Firewall Overvie
w
1-3
1.2 Technical Specifications
Table 1-1 Technical specifications of the F100-C-EI
Specifications Item
Interface
1 console port
1 × 10/100 Mbps Ethernet interface
4 × 10/100 Mbps Ethernet ports (LAN
and WAN)
SDRAM
Default: 64 MB
Max: 64 MB
Flash memory
8 MB
Rated voltage range
100 VAC to 240 VAC, 50 Hz or 60 Hz
Maximum input current
0.4 A
Power consumption
6 W to 8 W
Dimensions (W x H x D)
230 × 43.6 × 200 mm (9.06 × 1.82 ×
7.87 in., excluding foot pads)
Weight
2 kg
Operating temperature
0°C to 45°C (32°F to 113°F)
Relative humidity 10% to 95% (noncondensing)
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 2 Connecting Cables
2-1
Chapter 2 Connecting Cables
Note:
This manual is used after the F100-C-EI has been installed. For
installation details, refer to H3C SecPath F100-C-EI Firewall
Installation Manual.
2.1 Connecting the PGND Wire
Warning:
The correct connection of protection ground (PGND) wire is essential
for safeguarding the firewall against lightning shocks and interference.
Therefore, first correctly connect the PGND wire before installing and
using the firewall.
The AC input end of the F100-C-EI is connected to a noise filter
whose ground point is connected to the chassis directly. This ground is
called PGND or chassis ground. The PGND must be properly
connected to the earth to channel induced currents and creepage
currents safely to the earth, improve the device’s electromagnetic
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 2 Connecting Cables
2-2
compatibility (EMC) performance, and protect the device against
lightning voltages introduced by external network cables.
The grounding screw resides on the rear panel of the firewall, as
shown in
Figure 2-1.
(1) Grounding hole (2) OT terminal
(3) Grounding screw (4) PGND wire
(5) Grounding mark
Figure 2-1 Connect the grounding terminal to the firewall
To connect the PGNG wire, follow the steps:
1) Remove the grounding screw from the chassis.
2) Insert the grounding screw into the OT terminal of the PGND
wire.
3) Fix the grounding screw with the OT terminal to the
grounding hole in the chassis, and fasten it with a screw
driver.
4) Connect the other end of the PGND wire to the earth ground.
Generally, the equipment room has a grounding strip, to
which you can connect the PGND wire of the firewall. To
connect the PGND wire to the grounding strip, peel 15 mm
of insulation sheath using a wire stripper, and wrap the bare
metal wire clockwise around the ground post. Then fix the
PGND wire to the ground post using a hex nut. If a
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 2 Connecting Cables
2-3
grounding strip is not available, connect the metal wire core
directly to the earth ground.
Note:
The resistance reading between the firewall chassis and the ground
must be less than 5 ohm.
2.2 Connecting the Power Cord
I. AC power supply
AC power input range: 100 to 240 VAC, 50/60Hz
II. AC power source socket
z You are recommended to use a three-wire single-phase
power socket with a neutral point.
z The neutral point of the socket must be grounded reliably.
Normally, the neutral point of the power source in a building
was buried in the earth during construction and cabling.
z Make sure that the power source in the building is properly
grounded before connecting the AC power cord.
III. Connect the AC power cord
1) Make sure the PGND is properly connected to earth ground.
2) Connect one end of the AC power cord shipped with the
device to the AC input socket on the chassis and the other
end to the AC mains supply.
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 2 Connecting Cables
2-4
3) Check the status of the PWR LED on the front panel.
z Off: means that the power supply fails or the firewall is not
powered on.
z On: means that the power supply is normal.
2.3 Connecting the Console Cable
Follow these steps to connect the console cable:
1) Select a console terminal
The console terminal can be a standard ASCII terminal
possessing an RS-232 serial port, or, more often, a common PC.
2) Connect the console cable
Disconnect the firewall from the power source. Plug the RJ-45
connector of the console cable into the console port of the firewall, and
the DB-9 (female) connector into the serial port of the console
terminal.
3) Verify the connection and power on the firewall
The console terminal should display the startup information of
the firewall.
Quick Start
H3C SecPath F100-C-EI Firewall
Chapter 2 Connecting Cables
2-5
Figure 2-2 Connect the console cable
Quick Start
H3C SecPath F100-C-EI Firewall
Table of Contents
i
Table of Contents
Appendix A Regulatory Compliance Information .....................A-1
A.1 Regulatory compliance standards....................................A-1
A.2 European Directives compliance...................................... A-2
A.2.1 LVD/EMC Directive................................................ A-2
A.2.2 WEEE Directive–2002/96/EC ................................ A-2
A.3 USA regulatory compliance.............................................. A-3
A.3.1 FCC Part 15...........................................................A-3
A.4 Canada regulatory compliance......................................... A-4
A.4.1 ICES-003................................................................ A-4
A.5 Japan regulatory compliance............................................ A-4
A.5.1 VCCI....................................................................... A-4
A.6 CISPR 22 compliance ...................................................... A-5
Appendix B Safety Information Sicherheits informationen安全信
....................................................................................................
B-1
B.1 Overview Überblick 概述 .................................................. B-1
B.1.1 Conventions Used Symbole Erläuterung应用惯例 ..... B-4
B.1.2 General Requirements Allgemeine Anforderungen
用要求..............................................................................
B-5
B.2 Electricity Safety Elektrische Sicherheit 用电安全............ B-8
B.2.1 High Voltage Hochspannung高电压 ...................... B-8
B.2.2 Power Cable Zuleitung电缆 ................................. B-11
B.2.3 Thunderstorm Gewitter 防雷击 ............................ B-13
B.3 Fuse Sicherung保险丝.................................................... B-14
Quick Start
H3C SecPath F100-C-EI Firewall
Appendix A Regulatory Compliance
Information
A-1
Appendix A Regulatory Compliance
Information
A.1 Regulatory compliance standards
Table A-1 Regulatory compliance standards
Discipline Standards
EMC
FCC Part 15 (CFR 47) CLASS A
ICES-003 CLASS A
VCCI-3 CLASS A
VCCI-4 CLASS A
CISPR 22 CLASS A
EN 55022 CLASS A
AS/NZS CISPR22 CLASS A
CISPR 24
EN 55024
EN 61000-3-2
EN 61000-3-3
EN 61000-6-1
ETSI EN 300 386
GB 9254
GB 17625.1
Quick Start
H3C SecPath F100-C-EI Firewall
Appendix A Regulatory Compliance
Information
A-2
Discipline Standards
Safety
UL 60950-1
CAN/CSA C22.2 No 60950-1
IEC 60950-1
EN 60950-1/A11
AS/NZS 60950
A.2 European Directives compliance
A.2.1 LVD/EMC Directive
H3C SecPath F100-C-EI product complies with the European
Low Voltage Directive 2006/95/EC and EMC Directive 2004/108/EC.
A copy of the signed Declaration of Conformity can be
downloaded from:
http://www.h3c.com/portal/Technical_Documents
A.2.2 WEEE Directive–2002/96/EC
Quick Start
H3C SecPath F100-C-EI Firewall
Appendix A Regulatory Compliance
Information
A-3
The product this manual refers to are covered by the Waste
Electrical & Electronic Equipment (WEEE) Directive and must be
disposed of in a responsible manner.
A.3 USA regulatory compliance
A.3.1 FCC Part 15
H3C SecPath F100-C-EI complies with Part 15 of the FCC Rules.
Operation is subject to the following two conditions:
z This device may not cause harmful interference.
z This device must accept any interference received, including
interference that may cause undesired operation.
If the customer modifies the equipment without the authorization
of H3C, which directly or indirectly contribute to the equipment
incompliance with FCC requirements for Class A digital devices, H3C
is not liable for such interference problem and the expenses incurred
therefrom shall be covered by the customers.
Quick Start
H3C SecPath F100-C-EI Firewall
Appendix A Regulatory Compliance
Information
A-4
Note:
This equipment has been tested and found to comply with the limits for
a Class A digital device, pursuant to Part 15 of the FCC Rules. These
limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial
environment. This equipment generates, uses, and can radiate radio
frequency energy and, if not installed and used in accordance with the
instruction anual, may cause harmful interference to radio
communications. Operation of this equipment in a residential area is
likely to cause harmful interference in which case the user will be
required to correct the interference at his own expense.
A.4 Canada regulatory compliance
A.4.1 ICES-003
This Class [A] digital apparatus complies with Canadian
ICES-003.
Cet appareil numérique de la classe [A] est conforme à la norme
NMB-003 du Canada.
A.5 Japan regulatory compliance
A.5.1 VCCI
H3C SecPath F100-C-EI complies with the requirements of VCCI
Class AInformation Technology Equipment (ITE).
/