4.1.5. Procedure – Configuring Zorp Management Server (ZMS)

Purpose: 

To configure Zorp Management Server, complete the following steps.

Steps: 

  1. Configure the site name.

    The hosts managed by ZMS are organized into sites. Use a descriptive name for the site, for example, the name of the company. This will help the administrator distinguish ZMSs from each other. Enter the site name.

    Configuring the site name

    Figure 4.19. Configuring the site name

  2. Configure the hostname of the ZMS Engine.

    It is recommended to enter the normal hostname, but do not use FQDN. The default value is ZMS-Host.

    Warning

    Make sure to enter the correct hostname, because it is stored in the ZMS database and is complicated to modify later.

    Configuring the hostname of the ZMS Engine supervising the Zorp host

    Figure 4.20. Configuring the hostname of the ZMS Engine supervising the Zorp host

  3. Configure the initial password of the administrator user on ZMS.

    Enter the ZMS administrator password. This password is used to login to ZMS from the Zorp Management Console as an administrator, and configure the Zorp firewalls. The username of the administrator by default is admin, which can be modified later. The password can be changed later at any time.

    Note

    Make sure to create a password that conforms to the secure password generation standards of your organization.

    Store the password in a secure way.

    Configuring the initial password of the administrator user on ZMS

    Figure 4.21. Configuring the initial password of the administrator user on ZMS

  4. Configure the Certificate Authority of ZMS.

    Enter a secure password for the Certificate Authority (CA) of ZMS. This password will be used as the passphrase of the initial CA certificate.

    Note

    Make sure to create a password that conforms to the secure password generation standards of your organization.

    Store the password in a secure way.

    Warning

    Make sure to enter the correct CA password. It is difficult to change the CA password later and requires regenerating the whole CA chain.

    Specifying the CA password of ZMS

    Figure 4.22. Specifying the CA password of ZMS

  5. Create the root Certificate Authority.

    ZMS includes public key infrastructure (PKI) management to ensure that each element of the firewall system (ZMS module, VPNs, users) can be authenticated with X.509 certificates. During this stage of the installation the root CA is created and configured. Provide the following parameters.

    Creating the root Certificate Authority

    Figure 4.23. Creating the root Certificate Authority

    Warning

    Do not use accented characters. They are not supported in the X400/X500 standard.

    • Country ID: two characters only. For example, US, DE, HU.

    • State: Optional. United States (US) only. For example, Nevada.

    • City: Optional. For example, Las Vegas.

    • Company name: Optional. For example, Example Ltd..

    • Department name: Optional. For example, IT department.

Previous Up Next
 Home