NSFOCUS Web Application Firewall (WAF)(BYOL)

Maintenance Tools > Set IP&Route. d. Configure the IP address, subnet mask, and gateway address for the management interface. e. Press Enter to save the settings and close the current window. Step 7 View the IP address, subnet mask, and gateway address of WAF. a. Connect to the console. console vmwaf # Connects to the console of the WAF VM. b. Type the user name and password (both are conadmin) to access the console of the WAF VM. c. Choose English > Maintenance Tools > Set IP&Route. d. View the IP address, subnet mask, and gateway address of the management interface. e. Press Enter to save the settings and close the current window. ----End 2.3 Uninstallation Procedure To delete the WAF VM from the host, follow these steps: Step 1 Open the terminal on the host. Step 2 Start the virsh interactive terminal. virsh # Start the virsh interactive terminal. Step 3 Shut down the WAF VM. virsh shutdown vmwaf # Shut down the WAF VM. Step 4 Undefine the WAF VM. virsh undefine vmwaf # Nullify vmwaf.xml. Step 5 Destroy the WAF VM. Copyright © NSFOCUS 8 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide virsh destroy vmwaf # Shut down the WAF VM ungracefully. This will completely delete the WAF VM from the data storage. ----End 2.4 In-Path Deployment 2.4.1 Usage Scenario In the network environment shown in Figure 2-1, WAF connects to the switch in in-path mode. The management interface of WAF connects to physical NIC 1 of the host via a network bridge. Figure 2-1 Deployment of the WAF VM on the KVM host in in-path mode Customer''s server External user V1 V2006 Switch 172.16.128.207 V1 V2006 GW: 172.16.128.1 Virtual platform Physical Mgmt inf Physical br0 Virtual LAN br1 NIC 1 Virtual WAN NIC 2 WAN: 172.16.127.1 LAN: 172.16.128.1 2.4.2 Configuration Preparations  Configure an IP address, for example, 172.16.127.1, for the WAN interface of the WAF VM.  Configure an IP address, for example, 172.16.128.1, for the LAN interface of the WAF VM.  Connect the management interface of the WAF VM to br0. 2.4.3 Configuration Roadmap 1. Install the WAF VM, which requires addition of two bridges to a physical NIC of the host. 2. Log in to the web-based manager of the WAF VM to configure necessary interfaces. Copyright © NSFOCUS 9 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide 2.4.4 Configuration Procedure To configure the WAF VM, follow these steps: Step 1 Open the terminal on the host. Step 2 Add two network bridges to a physical NIC. Step 3 Perform steps 3 to 5 in section 2.2. You should configure at least three interfaces, that is, one management interface and two working interfaces. Step 4 Configure the WAF VM as follows: virsh qemu-agent-command vmwaf ''{"execute":"guest-login-set-user","arguments":{"username":"admin","passwd":"12345" }}'' # Configure the password for admin. virsh qemu-agent-command vmwaf''{"execute":"guest-network-set-gateway","arguments":{"ip-address":"10.67.255.2 54"}}'' # Configure the gateway. virsh qemu-agent-command vmwaf ''{ "execute": "guest-network-set-interfaces", "arguments":{"name":"eth0" ,"hardware-address" :"72:74:70:75:4f:7e" ,"ip-addresses" :[{"ip-address":"172.16.127.160","ip-address-type":"ipv4","prefix":16}]}}'' # Configure the management interface. The MAC address configured here must be consistent with that in vmwaf.xml. virsh qemu-agent-command vmwaf''{"execute":"guest-set-uuid","arguments":{"uuid":"de56b644-159a-43c3-9ada-0a3e bffbf6bb"}}'' # Configure the UUID, which must be consistent with that in vmwaf.xml. virsh qemu-agent-command vmwaf''{"execute":"guest-set-espc","arguments":{"host":"1.1.1.1","inuse":"yes"}}'' # Configure ESPC. virsh qemu-agent-command vmwaf ''{"execute":"guest-set-sc","arguments":{"url":"www.SC.com"}}’ # Configure the console. Step 5 Configure working interfaces. a. Type https://IP address of the management interface in the address bar to access the web-based manager of the WAF VM. Figure 2-2 shows the login page. Copyright © NSFOCUS 10 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 2-2 Login page of the web-based manager b. Type the default user name and password (both are admin) and then click Login. During the first login, you will be prompted to change the default password. You can continue to use the system only after configuring a new password. c. Choose System Management> Network Configuration. d. Create a work group, add a WAN interface and LAN interface to this group, and bind the next-hop MAC address to the LAN interface. For details, refer to NSFOCUS WAF User Guide (V6.0). Copyright © NSFOCUS 11 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 2-3 Editing interface settings ----End Copyright © NSFOCUS 12 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide 3 Remote Installation This chapter describes how to install the WAF VM on a remote host via VMware vSphere Client, from which you must log in to ESXi or vCenter Server system. It contains the following sections: Section Description Preparations Describes preparations to be made before installing the WAF VM remotely. Installation Procedure Describes how to install the WAF VM on the ESXi host remotely. Uninstallation Procedure Describes how to delete the WAF VM from the ESXi host. In-Path Deployment Describes how to deploy the WAF VM in in-path mode. 3.1 Preparations Before installing the WAF VM remotely, you must make preparations listed in Table 3-1. Table 3-1 Preparations to be made for remote installation Item Description Host IP address Check network connectivity. Account Obtain administrative privileges. VMware vSphere Install vSphere ESXi on the host. Client VMware vSphere Install vSphere Client on the client machine. vmwaf Image file Create an image file, vmwaf.ova. IP address Configure IP addresses for working interfaces of the WAF VM. 3.2 Installation Procedure To install the WAF VM remotely on the ESXi host, follow these steps: Step 1 Log in to the ESXi host from vSphere Client. a. On the client machine, start vSphere Client. Copyright © NSFOCUS 13 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-1 VMware vSphere Client login page b. Type the IP address of the ESXi host as well as the user name and password. c. Click Login. Copyright © NSFOCUS 14 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-2 ESXi host Step 2 On the ESXI host, deploy the WAF VM. a. Choose File > Deploy OVF Template. On the Source page shown in Figure 3-3, click Browse and select the image file of the WAF VM. Copyright © NSFOCUS 15 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-3 Source page b. Click Next to open the OVF Template Details page. c. After confirming that the selected image file is correct, click Next. On the Name and Location page, type the name of the WAF VM. d. Click Next. On the Resource Pool page, select a path to store the WAF VM. e. Click Next. On the Disk Format page, click Thick Provision Eager Zeroed. The differences between the three disk formats are as follows for the WAF VM: − Thin Provision: To deploy the WAF VM, 80 GB of space needs to be allocated for this type of virtual disk. With the increase of data stored, more space will be required. Therefore, the virtual disk can grow to the maximum capacity (500 GB) allocated to it. − Thick Provision Lazy Zeroed: To deploy the WAF VM, 500 GB of disk space needs to be allocated for this type of virtual disk. Specifically, the required space is allocated when the virtual disk is created. However, at the time of creation, only 80 GB of blocks on the physical storage device are formatted. Then data remaining on the physical storage device is zeroed out on demand at a later time on first write from the WAF VM. − Thick Provision Eager Zeroed (recommended for the WAF VM): To deploy the WAF VM, 500 GB of disk space needs to be allocated for this type of virtual disk. Specifically, the required space (500 GB) is allocated and formatted when the virtual Copyright © NSFOCUS 16 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide disk is created. Creating a virtual disk in this format may take a longer time than creating other types of disks. Figure 3-4 Disk Format page f. Click Next. On the Network Mapping page, select a network that the WAF VM must use. g. Click Next to open the Ready to Complete page. On the Ready to Complete page, do not select the Power on after deployment check box. h. Click Finish and wait for the WAF VM to complete deployment. A dialog box appears, as shown in Figure 3-5, indicating the status and time pending for the deployment to complete. Copyright © NSFOCUS 17 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-5 Deployment progress bar Step 3 Set hardware parameters. a. Select the WAF VM from the navigation tree in the left pane. Then you can perform operations regarding this VM in the right pane, as shown in Figure 3-6. Figure 3-6 WAF VM operation page b. Click Edit virtual machine settings. The Virtual Machine Properties dialog box appears, as shown in Figure 3-7. Copyright © NSFOCUS 18 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-7 VM properties c. Configure hardware settings as required in Table 1-2. Copyright © NSFOCUS 19 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-8 Example of hardware configuration d. Click OK to save the settings. Step 4 Start the WAF VM. a. Select the WAF VM from the navigation tree in the left pane. b. In the right pane, click Power on the virtual machine to start the WAF VM. This process takes several minutes. After the WAF VM is started, the DHCP function is enabled and the related IP address is obtained (if a DHCP server is available) automatically. If no IP address is obtained or no DHCP server is available, proceed to step 5. Step 5 (Optional) Configure the WAF VM. If the IP address fails to be obtained, perform this step. a. Click the Console tab. After a while, the console login window of the WAF VM appears, as shown in Figure 3-9. Copyright © NSFOCUS 20 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-9 Console login window b. Type the user name and password (both are conadmin) to access the console of the WAF VM. c. Choose English > Maintenance Tools > Set IP&Route. d. Configure the IP address, subnet mask, and gateway address for the management interface. Step 6 View settings of the WAF VM. a. Click the Console tab. b. In the console login window, type the user name and password (both are conadmin). c. Choose English > Maintenance Tools > Set IP&Route. d. View the IP address, subnet mask, and gateway address of the management interface. ----End 3.3 Uninstallation Procedure To delete the WAF VM from the ESXi host, follow these steps: Step 1 Select the WAF VM from the navigation tree in the left pane. Step 2 Choose Inventory > Virtual Machine > Power > Power Off to shut down the WAF VM. Step 3 Choose Inventory > Virtual Machine > Delete from Disk to delete the WAF VM. This will completely delete the WAF VM from the data storage. Copyright © NSFOCUS 21 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide ----End 3.4 In-Path Deployment 3.4.1 Usage Scenario In the network environment shown in Figure 3-10, WAF connects to the virtual switch in in-path mode. Figure 3-10 Deployment of the WAF VM on the ESXi host in in-path mode Control IP: 10.67.203.113 Client IP: 172.16.205.113 172.16.205.1 Client V2003 V2003 Virtual WAN Virtual switch Virtual LAN V2004 V2004 172.16.206.1 Server Management interface Control IP: 10.67.203.114 Server IP: 172.16.206.114 3.4.2 Configuration Preparations  Configure an IP address, for example, 172.16.205.1 for the WAN interface of the WAF VM.  Configure an IP address, for example, 172.16.206.1, for the LAN interface of the WAF VM.  Connect the management interface of the WAF VM to the virtual switch. 3.4.3 Configuration Roadmap 1. Create two VM port groups on the virtual switch. 2. Install the WAF VM, which requires editing of network adapters for two working interfaces. 3. Log in to the web-based manager of the WAF VM to configure working interfaces. 3.4.4 Configuration Procedure To configure the WAF VM, follow these steps: Copyright © NSFOCUS 22 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Step 1 Perform step 1 in section 3.2 Installation Procedure to access the ESXi host from vSphere Client. Step 2 Configure the virtual switch. a. Click the Configuration tab and, in the Hardware section, click Networking. Figure 3-11 Networking configuration b. Click the Add Networking link. Copyright © NSFOCUS 23 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-12 Wizard for adding a network c. Select Virtual Machine as the connection type and click Next. d. Select a virtual switch according to the connection to the trunk port of the physical switch. Here vSwitch0 and vmnic0 are selected, as shown in Figure 3-13. e. Click Next to open the Connection Settings page. Copyright © NSFOCUS 24 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-13 Virtual switch selection f. Set the network label to V2003 and VLAN ID to 2003. Click Next to open the Summary page. g. Click Finish to complete the operation. h. Repeat step 2e and create another VM port group with the network label of V2004 and VLAN ID of 2004. Step 3 Perform step 2 in section 3.2 Installation Procedure to deploy the WAF VM. Step 4 Set hardware parameters for the WAF VM. a. Select the WAF VM from the navigation tree in the left pane. b. Click Edit virtual machine settings. c. In the left navigation bar, click Network adapter 2/3 and, in the right pane, set the network label to V2003/V2004. Copyright © NSFOCUS 25 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 3-14 Network adapter configuration d. Click OK to complete the configuration of network adapters. Step 5 Perform step 4 in section 3.2 Installation Procedure to start the WAF VM. Step 6 Perform step 6 in section 3.2 Installation Procedure to view the configuration of the WAF VM. ----End Copyright © NSFOCUS 26 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide 4 License License management includes the following:  Importing the License  Exporting the License 4.1 Importing the License The WAF VM can work properly only upon an authorization in the form of a license. You can import a license for the WAF VM using either of the following methods:  Cloud authorization If this mode of authorization is adopted, the WAF VM will regularly instruct the cloud center to verify the validity of the license.  Centralized authorization This mode of authorization applies to devices managed by NSFOCUS ESPC V6.1R05F01 SP03. 4.1.1 Cloud Authorization To put the WAF VM under cloud authorization, follow these steps: Step 1 Log in to the web-based manager of the WAF VM by typing https://IP address of the management interface in the address bar. Step 2 Open the License page.  For initial login: After you log in and change the password, a dialog box appears, as shown in Figure 4-1. Clicking OK in the dialog box displays the License page, as shown in Figure 4-2. Copyright © NSFOCUS 27 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-1 Message prompting you to configure the authorization mode Figure 4-2 License page  For subsequent login: Choose System Management > System Tools > License. The License page appears, as shown in Figure 4-2. Step 3 (Optional) Configure the local IP address of the WAF VM. This step is required after the IP address of the management interface is changed. a. Choose Security Management > ESPC. The ESPC page appears, as shown in Figure 4-3. Copyright © NSFOCUS 28 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-3 Basic settings of ESPC b. In the Basic Settings area, set Local IP to the IP address of the management interface. c. Click OK. Step 4 In the Authorization Control area, set Authorized by to Cloud. Figure 4-4 Authorization Control area Step 5 Browse to the license file and then click OK. The system automatically authenticates the WAF VM. Step 6 Wait for about 1 minute and refresh the page. If the authentication succeeds, Authorization Status is displayed as Authorized. Copyright © NSFOCUS 29 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-5 Cloud authorization success Step 7 (Optional) Configure the protection mode. This step is required if is displayed to the right of the authorization status. a. Choose System Management > System Deployment > Running Mode. Figure 4-6 Running Mode page b. Set Mode Configuration to Protection Mode and click OK. The engine status is displayed in green, indicating that the WAF VM can work properly. ----End 4.1.2 Centralized Authorization To put the WAF VM under centralized authorization, follow these steps: Step 1 Log in to the web-based manager of the WAF VM by typing https://IP address of the management interface in the address bar. Step 2 Open the License page.  For initial login: After you log in and change the password, a dialog box appears, as shown in Figure 4-1. Clicking OK in the dialog box displays the License page, as shown in Figure 4-2. Copyright © NSFOCUS 30 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide  For subsequent login: Choose System Management > System Tools > License. The License page appears, as shown in Figure 4-2. Step 3 (Optional) Configure the local IP address of the WAF VM. This step is required after the IP address of the management interface is changed. a. Choose Security Management > ESPC. The ESPC page appears, as shown in Figure 4-3. b. In the Basic Settings area, set Local IP to the IP address of the management interface. c. Click OK. Step 4 In the Authorization Control area, set Authorized by to Centralized mgmt.platform. Figure 4-7 Centralized authorization Step 5 Set Address of Authorization Center and click OK. Authorization Status is displayed as No license. Step 6 Authorize the WAF VM on ESPC. Only this step is performed on ESPC. For a detailed configuration procedure, refer to NSFOCUS ESPC User Guide – Centralized Authorization. a. Add the WAF VM and then restart the service. b. Open the page for centralized authorization and issue a license to the WAF VM. Step 7 After a successful authorization, manually refresh the page. Authorization Status is displayed as Authorized. Copyright © NSFOCUS 31 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-8 Centralized authorization success Step 8 (Optional) Configure the protection mode. This step is required if is displayed to the right of the authorization status. a. Choose System Management > System Deployment > Running Mode. The Running Mode page appears, as shown in Figure 4-6. b. Set Mode Configuration to Protection Mode and click OK. The engine status is displayed in green, indicating that the WAF VM can work properly. ----End 4.2 Exporting the License In Figure 4-8, click in the Export column to export the license to a local disk drive with the name of VMWAF_license HASH.lic. 4.3 Device Getting Offline The WAF VM is offline after it disconnects from the cloud or centralized authorization platform. 4.3.1 Device Under Cloud Authorization Getting Offline If Authorization Status is displayed as Authorized, the WAF VM will be periodically authenticated by the cloud. After a successful authentication, the device is available. Otherwise, Authorization Status is displayed as Offline Status-1 or Offline Status-2. 4.3.1.1 Offline Status-1 If the device fails to be authenticated within 2 to 7x24 hours, Authorization Status is displayed as Offline Status-1 and the system prompts a message in the lower-right corner of the page, as shown in Figure 4-9. In this case, websites, website groups, and policies cannot be configured on the web-based manager, but the engine can still provide protection. Copyright © NSFOCUS 32 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-9 Offline Status-1 of the device under cloud authorization To troubleshoot the WAF VM''s disconnection from the cloud, do as follows:  Network environment: Incorrect network configuration leads to an authentication timeout. Solution: Check and make sure that the network configuration is correct.  Local IP address: The local IP address is not updated after the IP address of the management interface is changed, which leads to an authentication timeout. Solution: Choose System Management > ESPC. In the Basic Settings area, set Local IP and then click OK. After the WAF VM reconnects to the cloud, Authorization Status is displayed as Authorized. 4.3.1.2 Offline Status-2 If the device authentication exceeds 7x24 hours or authentication fails, Authorization Status is displayed as Offline Status-2 and the system prompts a message in the lower-right corner of the page, as shown in Figure 4-10. If Authorization Status is displayed as Offline Status-2, the device engine no longer provides protection and its status is displayed in red. Copyright © NSFOCUS 33 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-10 Offline Status-2 of the device under cloud authorization In this case, you can choose Logs & Reports > System Running Logs to view the corresponding running log for troubleshooting. Solutions are as follows:  If the cloud authentication has exceeded 7x24 hours, restore the connection to the cloud and reupload the license.  If the cloud authentication fails, check the cause and try reuploading the license, so that Authorization Status will be restored to Authorized. 4.3.2 Device Under Centralized Authorization Getting Offline If Authorization Status is displayed as Authorized, the WAF VM will by periodically authenticated by the centralized authorization client. After a successful authentication, the device is available. Otherwise, Authorization Status is displayed as Offline Status-1 or Offline Status-2. 4.3.2.1 Offline Status-1 If the device authentication fails to be authenticated within 2 to 7x24 hours, Authorization Status is displayed as Offline Status-1 and the system prompts a message in the lower-right corner of the page, as shown in Figure 4-11. In this case, websites, website groups, and policies cannot be configured on the web-based manager, but the engine still can provide protection. Copyright © NSFOCUS 34 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-11 Offline Status-1 of device under authorization To troubleshoot WAF VM''s disconnection from the centralized authorization client, do as follows:  Network environment: Incorrect network configuration causes an authentication timeout. Solution: Check and make sure that the network configuration is correct.  Local IP address: The local IP address is not updated after the IP address of the management interface is changed, which leads to an authentication timeout. Solution: Choose System Management > ESPC. In the Basic Settings area, set Local IP and then click OK. After the WAF VM reconnects to the centralized authorization client, Authorization Status is displayed as Authorized. 4.3.2.2 Offline Status-2 If the device authentication exceeds 7x24 hours or authentication fails, Authorization Status is displayed as Offline Status-2 and the system prompts a message in the lower-right corner of the page, as shown in Figure 4-12. If Authorization Status is displayed as Offline Status-2, the device engine no longer provides protection and its status is displayed in red. Copyright © NSFOCUS 35 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 4-12 Offline Status-2 for centralized authorization In this case, you can choose Logs & Reports > System Running Logs to view the corresponding running log for troubleshooting. Solutions are as follows:  If the authentication timeout has exceeded 7x24 hours, do as follows: − Cancel the device authorization on the centralized authorization platform. − Restore the connection between the device and the centralized authorization platform. − Reissue the license to the device from the centralized authorization platform for authorization.  If the authentication fails, do as follows: − Cancel the device authentication on the centralized authorization platform. − Check the reason why the device authentication fails. − Reissue the license to the device from the centralized authorization platform for authorization, so that Authorization Status will be restored to Authorized. Copyright © NSFOCUS 36 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide 5 Functional Differences This chapter describes functional differences between the WAF VM and hardware editions of WAF, including the deleted and modified functions and how to perform related operations. For other functions same as the hardware editions of WAF, refer to NSFOCUS WAF User Guide (V6.0). 5.1 Deleted Functions Table 5-1 describes the functions deleted from the WAF VM. Table 5-1 Deleted functions Function Description Out-of-path and mirroring The WAF VM can be deployed only in in-path or reverse proxy mode. modes For the functions in out-of-path and mirroring modes, refer to NSFOCUS WAF User Guide (V6.0). Built-in and external bypass The WAF VM does not support built-in and external bypass functions. functions 5.2 Modified Functions Table 5-2 describes the functions modified in the WAF VM. Table 5-2 Modified functions Function Description Console port On the console-based manager of the WAF VM, such functions as the bypass, product model configuration, and firmware restoration are unavailable. Other functions are the same as those in the hardware WAF. Work group management After initialization, the number of default work groups is as follows:  In in-path mode, no default work group is available.  In reverse proxy mode, there is one work group by default. You can manage work groups as required. For how to manage work Copyright © NSFOCUS 37 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Function Description groups, refer to NSFOCUS WAF User Guide (V6.0). License You can import a license for the WAF VM using either of the following methods:  Cloud authorization: If this mode of authorization is adopted, the WAF VM will regularly instruct the cloud center to verify the validity of the license. The hash value of the device is changed to that of the license imported.  Centralized authorization: The license is provided by the centralized authorization platform. The hash value of the device is changed to that of the A interface for communication. For how to import a license, see section 4.1 Importing the License. The WAF VM supports export of the license. For how to export the license, see section 4.2 Exporting the License. Prompt message indicating After the license is successfully imported for the first time, Authorization mode configuration Status is displayed as Authorized, followed by a question mark ( ). Pointing to displays "Currently, Mode Configuration is Forwarding Mode, which should be changed to Protection Mode". Login to the console For details, see section 5.3 Login to the Console. 5.3 Login to the Console To log in to the WAF VM via the console, you must first install the VMware vSphere Client software (for how to install this software, refer to the related VMware user guide). Step 1 Double-click the icon of VMware vSphere Client. Copyright © NSFOCUS 38 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-1 VMware vSphere Client Step 2 Configure login parameters in the VMware vSphere Client dialog box. Table 5-3 Login parameters of the WAF VM host Parameter Description IP address / Name Specifies the IP address or name of the WAF VM host. User name Specifies the user name of the WAF VM host, which is root by default. Password Specifies the password of the WAF VM host, which is nsfocus by default. Step 3 Click Login. A security warning appears, as shown in Figure 5-2. Copyright © NSFOCUS 39 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-2 Security warning Step 4 Click Ignore. Figure 5-3 Home page of the host Step 5 Click Inventory. Copyright © NSFOCUS 40 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-4 Inventory Step 6 In the left pane, click next to the host IP address and then next to WAF, and then select a WAF VM. Here, VMWAF-10.67.214.106 is taken as an example. Copyright © NSFOCUS 41 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-5 Selecting a WAF VM Step 7 Click the Console tab. Copyright © NSFOCUS 42 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-6 Console tab page Step 8 Press Enter. Copyright © NSFOCUS 43 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-7 Login to the console-based manager Step 9 Type the user name and password (both are conadmin by default) and then press Enter. Copyright © NSFOCUS 44 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide Figure 5-8 Console-based manager ----End Copyright © NSFOCUS 45 V6.0R05F01 (2016-03-30)NSFOCUS WAF (VM) User Guide A Default Parameters A.1 Management Interface IP Address eth0/M: 192.168.0.1 Subnet Mask 255.255.255.0 A.2 Default Administrator Accounts A.2.1 Web-based Manager Administrator User Name admin Password admin A.2.2 Default Web Auditor Account User Name auditor Password auditor A.2.3 Default Account of the Console Administrator User Name conadmin Password conadmin Copyright © NSFOCUS 46 V6.0R05F01 (2016-03-30)">