Deploy UserGate VE on a cloud server

Upload the image to the image repository⁠

В control panels go to Cloud platform → Images.
Click Create an image.
Enter a name for the image.
Select pool segmentThe image that will be loaded is the one in which you want to deploy the firewall.
Select a file as the image source — format file qcow2obtained in the ticket at order of the firewall.
Click Download.
Select the image format and container format. If you do not know which formats to specify, specify raw image format and bare container format.
Select the operating system — Другая.
Click Create.

В control panels go to Cloud platform → Servers.
Click Create a server.
Enter the name of the cloud server — it will only appear in the control panel.
Select pool segmentwhere you downloaded the image.
In the block Source click Choose another source.
Open the tab My images and select the firewall image.
Click Select.
Select the cloud server configuration. The configuration must match demands for the selected firewall model.
Select or create a subnet to which the server will connect. You need at least one public address to access the firewall from the Internet:
- public subnet — all addresses in the subnet will be accessible from the Internet;
- private subnet with public IP address — a private subnet and one static public IP address.
Select the rest of the server settings — more details in the instructions Create a cloud server.
Click Create.

Open the CLI.
Connect to the firewall:
- login — Admin;
- the password is. utm.
Switch the Internet port to the static:
```
iface config -name port0 -mode static
```
Assign an IP address to the port:
```
iface config -name port0 -ipv4 <ip/mask>
```
Specify <ip/mask> - the server's Internet port address with a subnet mask. You can view the address in control panels under Cloud platform → Servers → server page → tab Ports → field IP address. The address is unmasked.
Create a default route to the Internet:
```
gateway add -ipv4 <ip_address> -weight 1 -enabled true -default true
```
Specify <ip_address> — gateway of the server subnet in which the Internet port is located. You can view the gateway address in control panels under Cloud platform → Servers → server page → tab Ports → click on the subnet name and copy the value from the field Gateway.

Open the CLI.
Select the mode UGOS NGFW (serial console).
Connect to the firewall:
- login — Admin;
- password — leave the field blank.
Enter the configuration mode:
```
configure
```
Assign an IP address to the port:
```
set network interface adapter port0 ip-addresses [ <ip/mask> ]
```
Specify <ip/mask> - the server's Internet port address with subnet mask. Square brackets [ ] must be separated by spaces on both sides. You can view the address in control panels under Cloud platform → Servers → server page → tab Ports → field IP address.
Create a gateway:
```
create network gateway interface port0 enabled on ip <ip_address> weight 1 default on
```
Specify <ip_address> — gateway of the server subnet in which the Internet port is located. You can view the gateway address in control panels under Cloud platform → Servers → server page → tab Ports → click on the subnet name and copy the value from the field Gateway.

Open the page in your browser:
```
https://<ip_address>:8001
```
Specify <ip_address> — The IP address of the firewall. You can view the IP address in control panels under Cloud platform → Servers → server page → tab Ports → field Public IP or IP address.
Select the language of the system.
Select the time zone.
Accept the license agreement.
Optional: change the administrator login.
Change your password.
Click Start.
Wait for the installation procedure to complete.

Open the page in your browser:
```
https://<ip_address>:8001
```
Specify <ip_address> — The IP address of the firewall. You can view the IP address in control panels under Cloud platform → Servers → server page → tab Ports → field IP address or Public IP.
Enter your username and password.
Go to the section Settings → Network → DNS.
Click Add.
Enter the IP addresses of the DNS servers. We recommend using Selectel recursive DNS serversBut you can specify any available DNS servers.
Click Save.
Optional: go to the section Settings and in the block Configuring the server time change the value in the field Primary NTP server. We recommend using Selectel NTP serversBut you can specify any available NTP servers.

Open the page in your browser:
```
https://<ip_address>:8001
```
Specify <ip_address> — The IP address of the firewall. You can view the IP address in control panels under Cloud platform → Servers → server page → tab Ports → field IP address or Public IP.
Enter your username and password.
At the top, click on the button Unregistered version.
Enter the pin code received at ticket when ordering a firewall.
Click Further.
Fill out the registration form. We recommend that you provide the same information as in your Selectel account.
Click Further.
Wait for the firewall to register. Information about the license composition and component expiration dates will be displayed in the section Dashboard en bloc License.

Open the page in your browser:
```
https://<ip_address>:8001
```
Specify <ip_address> — The IP address of the firewall. You can view the IP address in control panels under Cloud platform → Servers → server page → tab Ports → field Public IP or IP address.
Enter your username and password.
Go to the section License information → Registered version.
Enter the pin code received at ticket when ordering a firewall.
Click Further.
Wait for the firewall to register. Information about the license composition and component expiration dates will be displayed in the section License information.