From UntangleWiki

Untangle Server User's Guide

Contents 1 Logging On To Untangle Server 2 Restarting Untangle Server 3 Powering Off Untangle Server 4 Turning On and Off Software Products 5 Resetting Untangle Server To Factory Defaults 6 Removing Software Products 7 Accessing Event Logs 8 About Administrator Accounts 9 Creating an Administrator's Account 10 Deleting an Administrator's Account 11 Changing a Password for an Administrator's Account 12 Resetting the Password for Administrator's Account 13 About Digital Certificates 14 Preventing Web Browser Errors (Unknown Authority) 15 Generating a Self-Signed Certificate 16 Using an SSL Certificate 16.1 Create a Certificate Signature Request 16.2 Purchase a Pubic Key Certificate 16.3 Import a Public Key Certificate 17 Related Topics 18 Administration FAQs

Logging On To Untangle Server

Once you set up and configure the Untangle Server using the Installation Wizard, you can administer the Untangle Server from the Untangle Client. You can log on to the Untangle Server using one of two methods:

• Connect directly using a monitor, keyboard, and mouse.
• Connect remotely using a browser.

Before You Begin: Ensure that the Untangle Server is turned on.

1. Connect a monitor, keyboard, and mouse to the Untangle Server. Your monitor displays the Untangle logo and navigation bar.
2. In the Navigation bar, click the Untangle Client button. The Untangle Client launches. If you have an Untangle Gateway Lite, go to Launching Untangle Client from Untangle Gateway Lite to determine how to launch the client.
3. Type your username and password, and click the Login button. During initial installation of your Untangle Server, you set the username and password through the Installation Wizard. The Untangle Client launches.

Unless you have remote access enabled, you cannot log on from outside the protected network. You must first log on from within the protected network, then enable remote access.

Before You Begin: Ensure that the Untangle Server is turned on.

1. Do one of the following:

Figure 1, Logging on Remotely
• (Remote Logon) In your browser, type https:// followed by the External IP address of the Untangle Server, port number (default is 443), then /webstart, as shown in Figure 1, Logging on Remotely, and press Enter.
• (Local Logon) In your browser, type http:// followed by the Internal IP address of your Untangle Server, then /webstart, as shown in Figure 2, Logging on Locally, and press Enter.

Figure 2, Logging on Locally

Note: You might receive a warning from your web browser regarding certificates.

2. If you receive a warning, dismiss it as you are safe connecting to the Untangle Server.
3. If prompted, install Java Web Start utility. Java Web Start is browser technology that the Untangle Client requires.

Figure 3, Renaming Java Web Start Utility Icon

Tip: On your desktop, rename the Java Web Start utility icon Untangle. Each time you want to connect to the Untangle Server, simply double-click on this icon. This shortcut saves you from having to remember the IP address of the Untangle Server, and speeds up the logon process.


Figure 4, Logging on Locally
4. If this is your first time launching the Untangle Client, wait a few moments to download the required files.
5. When prompted, provide a username and password to log on. During initial installation of your Untangle Server, you set the username and password through the Installation Wizard. The Untangle Client launches.

Next Step: If you want to enable remote access so that you can log on to Untangle Server from outside the protected network, go to Enabling Remote Access To Untangle Server.

Top

Restarting Untangle Server

If you have an Untangle Gateway Lite, go to Shutting Down/Rebooting Untangle Gateway Lite.

You can restart or reboot the Untangle Server without physical access to the system.

1. From the Navigation Pane, click the Config tab > Remote Admin. The Remote Admin Config windows launches.
2. Click the Manual Reboot tab, and click the Reboot Untangle Server button.

Top

Powering Off Untangle Server

If you have an Untangle Gateway Lite, go to Shutting Down/Rebooting Untangle Gateway Lite.

Figure 5, Front and Back View of Untangle Server

Do not use the power button on the front of the Untangle Server or the emergency power switch on the back of the Untangle Server to power off the Untangle Server.

These methods do not provide the Untangle Server a graceful shutdown. Instead, use the Untangle Server's direct-connect interface. For security, you cannot shut down the Untangle Server remotely.

1. Connect a monitor, keyboard, and mouse to the Untangle Server. Your monitor displays the Untangle logo and Navigation bar.
2. In the Navigation bar, click the Shutdown button. The Untangle Server shuts down.

Top

Turning On and Off Software Products

Figure 6, Turn On and Off Indicators

When you first install a Software Product, it is turned off.

1. Click the toggle button to either the ON state or OFF state as shown:
2. Verify the Software Product's status using the following indicators
1. Status indicator light. This indicator has four possible colors.
   • Gray indicates a Product is off and ready to be turned on.
   • Yellow means a product is changing from off to on (or vice versa).
   • Green shows a Product is on and behaving normally, while
   • Red warns a product is on but an abnormal condition has occurred.
2. Activity Meter. Each Software Product has one or more Activity Meter. Activity meters provide a quick view into the activity of a Software Product, and change in real time as a given Software Product processes network traffic. If the Activity meter indicates activity, the Software Product is turned on. You can obtain more detailed activity data from the Event Logs.

Top

Resetting Untangle Server To Factory Defaults

You might want to reset the Untangle Server to factory defaults if you experience problems with your configuration, or if you want to experiment with a different configurations. If you forgot your admin password, you can change that password without resetting the Untangle Server to factory defaults. Go to Resetting the Password for Administrator's Account.

Warning: This procedure erases all configuration information from the Untangle Server.

Before You Begin: Back up your configuration just in case you'd like to return to this configuration: Backing Up Untangle Server's Configuration.

1. Using a keyboard, video and mouse, connect directly to the Untangle Server. When connected directly to the Untangle Server, a window with Untangle's logo appears.
2. Click Recover Utilities. A confirmation window appears.
3. Click Yes to continue with the reset. The next screen offers a few options.
4. Select the Return To Factory Defaults menu option. The Return To Factory Defaults window appears.
5. Select Yes to return to factory defaults. When you log on to the Untangle Server, you are prompted to use the Setup Wizard to configure your Untangle Server, just as you did when you installed the Untangle Server the first time using the Untangle Server Quick Start Guide.

Top

Removing Software Products

If you want to remove a Software Product in order to troubleshoot, turn off the Software Product instead. Removing a Software Product from a rack does not unsubscribe you from that Software Product.

Remove the Software Product from the required virtual rack(s) by doing one of the following:

Note:

• If you want to remove a Services Software Product, remove the Software Product from any rack that contains the Software Product.
• If you want to remove a Non-Services Software Product, remove the Software Product from all virtual racks.

• From the Software Product's faceplace, Shift-click on the power toggle. The Software Product disappears from the virtual rack, and now appears in your My Apps.
• From the Software Product's faceplace, click the Show Settings button, and click Remove button. The Software Product disappears from the virtual rack, and now appears in your My Apps.

Figure 7, Removing Software Product (SpamBlocker) From Virtual Rack

Top

Accessing Event Logs

Most Software Products have an Event Log as part of their controls. Event logs present a table of significant events that the Untangle Server observed.

Event logs contain the underlying data from which the Untangle Server generates Untangle Reports. However, there are a few differences. Event logs provide real-time information whereas Untangle Reports provide next-day and weekly information. Moreover, the event logs show activity by IP address; Untangle Reports are more user-friendly because they show activity by user.

• Sometimes the events provide a dialog of which traffic was filtered:

... examined this web request from 1.2.3.4 and found no viruses ...

• Other times, the events indicate malicious content which was stopped by the Software Product:

... blocked email with subject Urgent Business Request as it was found to be a phishing email ...

1. From the Software Product, click the Show Settings button.
2. Click the Event Log tab.
3. In the drop-down list, select the types of events that you want to view, and click the Refresh button. To view all events, select All Events.

Top

About Administrator Accounts

Administrators are users who are able to launch the Untangle Server's interface, the Untangle Client, to administer the Untangle Server. End-users, individuals who browse the web and receive email, do not need to log on to the Untangle Server.

• Creating an Administrator's Account
• Deleting an Administrator's Account
• Changing a Password for an Administrator's Account

Top

Creating an Administrator's Account

1. From the Navigation Pane, click the Config tab > Remote Admin.
2. On the Admin Accounts tab, click the add (plus) button to the left of the table, adding a new (blank) row to the table.

   The name column is a descriptive name, such as Emma Scott or Jun Wang. The login column is a login name, such as escott or jwang.

3. Populate the next two columns, set new password and confirm new password, with the new Administrator's password.

   Both fields require the same password. The next field is the original user's password. When adding a new user, this field is automatically populated. Do not change the default value. The past field is for the new Administrator's email address, and can be left blank.

4. Click the Save Settings button. The new account is now active.

Top

Deleting an Administrator's Account

1. From the Navigation Pane, click the Config tab > Remote Admin.
2. Under the Admin Accounts tab, highlight the account (row) to be deleted, and click the remove (minus) button to the left.
3. In the original user's password, type the password for the associated with the account that you want to delete.
4. Click the Save Settings button.

Top

Changing a Password for an Administrator's Account

1. From the Navigation Pane, click the Config tab > Remote Admin.
2. Under the Admin Accounts tab, highlight the account (row) of the account to change, and enter the new password into the set new password field and confirm new password field.
3. Click the Save Settings button.

Top

Resetting the Password for Administrator's Account

If you forgot the password for admin, you must reset the password. If you created any additional administrator accounts, when you reset the default administrator's account, the Untangle Server deletes all the administrator accounts that you created. After you reset the password, the Untangle Server informs you of the newly-assigned password.

1. Ensure that the Untangle Server is turned on.
2. Connect a monitor, keyboard, and mouse to the Untangle Server. The monitor displays the Untangle Client.
3. In the Navigation bar, click the Recovery Utilities button.
4. When the Recovery window appears, click the Yes button. A terminal window appears.
5. Scroll to Reset Administrative Accounts, and hit Enter. The following question appears: Reset administrative accounts to factory defaults (admin/passwd)?.
6. Select Yes. The Untangle Server resets the password and informs you of the newly-assigned password. Once you log in to the Untangle Server using that newly-assigned password, the Untangle Client forces you to assign a new password.

Top

About Digital Certificates

Your Untangle Server uses digital certificates when using SSL. Without a properly installed and signed certificate, users who browse to the Untangle Server receive warning messages from their browser as shown in Figure, Browser Error: Unknown Certificate Authority. To prevent this annoyance, install a certificate. Go to Preventing Web Browser Errors (Unknown Authority). The Administrative Console, as well as the Quarantine features use SSL for user interaction.

Digital Certificates are used by a web server to identify itself as demonstrated in the following example:

If you visit amazon.com to purchase a book, the checkout procedure performs the following actions associated with the transaction: You are redirected to a secure web site which uses SSL. The transaction page (checkout) is painted on your screen, including product information and any cookie/session-based information pertaining to the purchase. You enter in the remaining information necessary to complete the transaction. SSL encrypts your web session to prevent any malicious parties from intercepting your personal information. Your browser requested Amazon.com's Digital Certificate to make sure you were in fact visiting amazon.com. Your browser is asking Amazon for proof of identity. You can think of the digital certificate as a driver license or a passport. The web server authenticates. Your browser knows that you typed www.amazon.com, and expects the web server to return a certificate which declares this is www.amazon.com. Since a Digital Certificate is easy to create, your browser verifies that the certificate is authentic. This is done by examining the digital signature on the digital certificate against a list of known certificate authorities.

All browsers come with a list of certificate authorities, along with information to validate when those authorities sign web server certificates. The digital certificate for www.amazon.com is signed by a Certificate Authority named Verisign. When Amazon presented its certificate to your browser, your browser went through the following steps:

1. Visited a web site with the address www.amazon.com and requested its digital certificate.
2. Examined the returned certificate and found that it claimed to be for a site called www.amazon.com. If the address you entered into your browser did not match the name of the certificate, the browser would have issued a warning that the name of the certificate does not match the visited site.
3. Found that this certificate was signed by an authority named Verisign. The browser then went through its list of pre-installed Certificate Authorities and found an entry for Verisign. Otherwise, the browser would have issued a warning that the certificate was signed by an unknown authority.
4. Verified the signature on Amazon's certificate was in fact the signature of Verisign. Otherwise, the browser would have issued a warning that the signature was invalid.

Unlike with Amazon, a new Untangle Server installation causes the browser to issue warnings because the Digital Certificate that the Untangle Server uses is not signed by a known Certificate Authority. The initial (default) certificate is a self-signed certificate, which is equivalent to not signed by anyone known to the browser. Again, to prevent this annoyance, install a certificate. Go to Preventing Web Browser Errors (Unknown Authority).

Top

Preventing Web Browser Errors (Unknown Authority)

Figure 8, Browser Error: Unknown Certificate Authority

To prevent the annoying web browser errors as outlined in About Digital Certificates, do one of the following:

• When you receive the error message, select the Accept this certificate permanently radio button.
• Generate a self-signed certificate.
• (Recommended) Use an SSL certificate from a CA.

Obtain a digital certificate by doing one of the following:

Generating a Self-Signed Certificate

A self-signed certificate isn't ideal.

To generate a self-signed certificate:

Before You Begin: Ensure that your Untangle Server's hostname is known to the Internet. Go to Specifying Untangle Server's Public (Internet) Address.

1. From the Navigation Pane, click the Config tab > Remote Admin. The Remote Admin Config window appears.
2. Click the Certificates tab, and click the Generation tab.
3. Click the Generate a Self-Signed Certificate button. The Generate Self-Signed Certificate window appears.
4. Specify the company's name and location information, and click the Proceed button. You do not need to provide the hostname because the Untangle Server provides this information automatically.

Using an SSL Certificate

Create a Certificate Signature Request

A Certificate Signature Request (CSR) is a standard digital document accepted by all certificate authorities as the initial step in the process of obtaining a digital certificate.

To create a CSR:

Before You Begin: Ensure that your Untangle Server's hostname is known to the Internet. Go to Specifying Untangle Server's Public (Internet) Address.

1. From the Navigation Pane, click the Config tab > Remote Admin. The Remote Admin Config window appears.
2. Click the Certificates tab, and click the Generation tab.
3. Click the Generate a Certificate Signature Request button. The Certificate Signature Request window appears.
4. From the Certificate Signature Request window, click the Proceed button. The Untangle Client populates the window with several lines of text starting with -----BEGIN NEW CERTIFICATE REQUEST-----. This text is your CSR.
5. Save the CSR by selecting the text in the Certificate Signature Request window and by saving the text to a text file. You will need this information

Purchase a Pubic Key Certificate

Purchase a digital certificate from a well-known certificate authority (CA). Examples of CAs include Verisign and Thawte. Some Untanglers use GeoTrust. Many CAs charge varying fees for a digital certificate.

To purchase an SSL certificate:

1. Go to the website of a certificate authority, and purchase an SSL certificate.
2. Cut and paste the CSR that you created in Create a Signature Request into the form that your certificate authority provides.
• The certificate authority might also request additional information to verify that you are the "owner" of the website for which you are requesting the certificate.
• Afterward, the certificate authority returns a signed digital certificate for your Untangle Server.

Import a Public Key Certificate

To import a digital certificate from a CA:

Figure 9, Importing a Signed Certificate
1. Click the Import a Signed Certificate button, install the certificate into the Untangle Server by copying and pasting the certificate into the Import Signed Certificate window, and click the Proceed button. The certificate was either emailed or received in a web browser.
2. If your CA provided a second, intermediate certificate, paste it into the bottom window.

Note: Some free or open-source CAs provide such certificates. To learn about intermediate ("chained root") certificates, go to SSL Certificates: Chained Root vs. Single Root.

Top

Related Topics

• Swapping Network Interfaces
• Adding Network Cards
• Removing Network Cards
• Changing Untangle Server's Timezone
• Updating Registration Information
• Modifying Data Transfer Mode
• Verifying if a Network Computer is Accessible
• Policy Management

Top

Administration FAQs