Skip to main content
Deploy UserGate VE on a cloud server
Last update:

Deploy UserGate VE on a cloud server

  1. Save the firewall image.
  2. Upload the image to the image repository.
  3. Create a cloud server from the image.
  4. Assign an IP address to access the firewall.
  5. Initialize the firewall.
  6. Specify the DNS and NTP servers.
  7. Activate the license.

1. Save the firewall image

  1. Go to the ticket that was created when you ordered the firewall.
  2. Save the firewall image to the device from which you will configure it.

2. Upload the image to the image repository

  1. In the Dashboard, on the top menu, click Products and select Cloud Servers.
  2. Go to the Images section.
  3. Click Create Image.
  4. Enter a name for the image.
  5. Select the pool segment in which you want to deploy the firewall for the image.
  6. In the Operating System field, select — Other.
  7. In the Source field, select — File.
  8. Click Download and select the firewall image file on your device.
  9. Select the image format and container format. If you do not know which formats to specify, specify raw image format and bare container format.
  10. Click Create.

3. Create a cloud server from an image

  1. In the dashboard, on the top menu, click Products and select Cloud Servers.

  2. In the Servers section, click Create Server.

  3. Enter the name of the cloud server — it will only appear in the control panel.

  4. Select the pool segment to which you loaded the firewall image.

  5. In the Source block, click the name of the image.

  6. Open the My Images tab and select the firewall image.

  7. Press Select.

  8. Select a cloud server configuration. The configuration must match the requirements for the selected firewall model.

  9. Select or create a subnet to which the server will connect. You need at least one public address to access the firewall from the Internet:

    • public subnet — all IP addresses in the subnet will be accessible from the Internet;
    • private subnet with public IP address — a private subnet and one static public IP address.
  10. Select the rest of the server settings — see the Create Cloud Server instructions for details.

  11. Click Create.

4. Assign an IP address to access the firewall

  1. Open the CLI.

  2. Connect to the firewall:

    • Admin;
    • the password is utm.
  3. Switch the Internet port to static mode:

    iface config -name port0 -mode static
  4. Assign an IP address to the port:

    iface config -name port0 -ipv4 <ip-address>/<mask>

    Specify:

    • <ip_address> — The IP address of the server's Internet port. Can be copied from the control panel in the top menu click ProductsCloud Servers → Server page → tab Ports → in the port card, click next to the IP address. The address is specified without mask;
    • <mask> — subnet mask.
  5. Create a default route to the Internet:

    gateway add -ipv4 <ip_address> -weight 1 -enabled true -default true

    Specify <ip_address> — the gateway of the server subnet in which the Internet port is located. You can view it in the control panel: in the top menu, click ProductsCloud ServersServers → Server → Server page → Ports tab → Subnet name → Subnets tab → Subnet card → Subnet Gateway field.

5. Initialize the firewall

  1. Open the page in your browser:

    https://<ip_address>:8001

    Specify <ip_address> is the IP address of the firewall.You can copy in the control panel in the top menu click ProductsCloud Servers → Server page → Ports tab → in the port card click next to the public IP address.

  2. Select the language of the system.

  3. Select the time zone.

  4. Accept the license agreement.

  5. Optional: change the administrator login.

  6. Change your password.

  7. Press Start.

  8. Wait for the installation procedure to complete.

6. Specify DNS and NTP servers

  1. Open the page in your browser:

    https://<ip_address>:8001

    Specify <ip_address> is the IP address of the firewall.You can copy in the control panel in the top menu click ProductsCloud Servers → Server page → Server page → Ports tab → in the port card click next to the IP address.

  2. Enter your username and password.

  3. Go to SettingsNetworkDNS.

  4. Click Add.

  5. Enter the IP addresses of the DNS servers. We recommend using Selectel recursive DNS servers, but you can specify any available DNS servers.

  6. Click Save.

  7. Optional: Go to Settings and in the Server Time Settings block, change the value in  the Primary NTP Server field . We recommend using Selectel NTP servers, but you can specify any available NTP servers.

7. Activate the license

  1. Open the page in your browser:

    https://<ip_address>:8001

    Specify <ip_address> is the IP address of the firewall.You can copy in the control panel in the top menu click ProductsCloud Servers → Server page → Ports tab → in the port card click next to the public IP address.

  2. Enter your username and password.

  3. At the top, click on Unregistered Version.

  4. Enter the pin code you received on the ticket when ordering the firewall.

  5. Press Next.

  6. Fill out the registration form. We recommend that you provide the same information as in your Selectel account.

  7. Press Next.

  8. Wait for the firewall to register. Information about the license composition and expiration dates of the components will be displayed in the Dashboard section in the License block.