Configuration Wizard

This section describes the necessary operations to set up the 4i Edge X after the first boot. After the wizard has been successfully completed, the 4i Edge X will be registered to Endian Network and fully operational. After each step, click on the Continue > button to proceed to the next step or on < Back to go back to the previous step.

Welcome

Only one option is present here.

Language

Choose from the drop-down menu the language used in the GUI among those supported: English, German, and Italian.

Service and Licence Agreement

In this screen, read carefully the SLA, before proceeding to the next page. No option is present here, but by clicking on the Continue > Button in this screen, the SLA is implicitly accepted.

Configuration Mode

This page is the actual starting point for the configuration of the 4i Edge X' functionalities. Three options are present in this page. Select the preferred one by clicking on it, then click on the Continue > button to start the setup.

Plug & Connect

With this option, the Plug & Connect wizard starts. Use this procedure to set up a VPN connection to am existing Switchboard instance. Full documentation for this wizard can be found in section plug-and-connect.

Note

To access this procedure, the 4i Edge X must be able to access a Switchboard instance.


Restore a backup

Selecting this option allows to upload to the 4i Edge X an existent backup and restore a previous configuration.

The following option is available.

Choose File

Click on this button to open a pop-up window from which to select the backup file from the local file system.

An additional option appears when clicking on Advanced settings.

Import Registration to Endian Network

By ticking the checkbox, the registration information to Endian Network will be imported with the rest of the configuration, and the 4i Edge X will be automatically registered.


Setup assistant

By choosing this option, a manual, guided configuration will be started, which is described in the remainder of this section.

Device access

In this page, a few basic settings can configured.

Root & admin password

In this section, the password for the root and admin users can be set.

Password, confirm password

Choose a strong password (which should be at least 8 characters long) to be used for both the two default users.

Hint

Passwords can be changed independently at a later time in sections SSH password for the root user and Users for the admin user.

Device name

In this section, the name of the computer can be set, by configuring the following options.

Hostname

The hostname of the 4i Edge X.

Domain name

The name of the local domain of which the 4i Edge X will be part.

Time Zone

This page is used to configure the timezone of the 4i Edge X. Two alternative methods are available:

Timezone

Select from the drop-down menu the timezone.

Map

Select with the mouse the country in which the 4i Edge X is located.

Network Mode

In this page, the network configuration starts, by selecting the operating mode of the Uplink (i.e., the Internet connection) used by the 4i Edge X, among three mutually exclusive choices:

Routed

This choice corresponds to the classical uplinks available in 4i Edge X, which act as the default gateway of the network(s) that lay behind it. This mode requires that devices within the network have DHCP enabled or appropriate network setting (IP address, netmask, and gateway at least) to be able to communicate with other devices.

Bridged

In bridged mode, the 4i Edge X acts transparently within an existing infrastructure. No change in the local device’s setup is required.

No uplink

This choice corresponds to the mode previously known as Gateway mode and is similar to the bridged mode, but it allows remote devices to connect to the 4i Edge X and the local network.

Note

When operating in no uplink mode, it suffices to have one NIC, because only one zone is required, otherwise it is necessary to have two network cards.

Depending on the choice made, the subsequent steps of the wizard will change. The description of the routed mode follows, while the bridged and no uplink modes can be found further on.

Internet Connection

Choose how the 4i Edge X receives its IP Address for the uplink (RED zone).

Ethernet DHCP

The RED interface receives its network configuration via (dynamic) DHCP from a local server, router, or modem, i.e., the RED interface is connected to a simple router but without the need to have a fixed address.

Ethernet Static

The RED interface is in a LAN and has fixed IP address and netmask, for example when connecting the RED interface to a simple router but with the convenience that the 4i Edge X be always reachable at the same IP address.

Broadband (PPPoE)

The RED interface is directly connected to an ADSL modem. This option is only needed when the modem uses bridging mode and requires to use PPPoE to connect to the provider.

Hint

This option should not be confused with the Ethernet Static or Ethernet DHCP options, used to connect to ADSL routers that handle the PPPoE themselves.

Wi-Fi

The RED interface is connected to a wireless network. No cable is needed, but a username, a password, or both might be required to access the network.

New in version 6.0.

IPv4 and CIDR notation.

An IPv4 address is a network address whose length is 32 bits, divided in four, 8-bits long octets. In decimal, each octet can assume any value between 0 and 255 (28= 256).

When specifying a network range, the IP address of the first host on the network along with the subnet mask, or netmask for short, is given, which defines the number of hosts available in that network. The subnet is defined as the length of the network prefix, i.e., that part of the address shared by all the hosts in a network.

There are two possibilities to denote the network/netmask pair:

  • explicitly, i.e., both are given in quad dotted notation. For example:

    network 192.168.0.0
    netmask 255.255.255.0
    

    This is a network starting at the address 192.168.0.0 with 256 host available, i.e., the network range from 192.168.0.0 to 192.168.0.255. The first three octet in the netmask are 255, showing that there are no free host (or that this part of the address is the network prefix), while the fourth is 0, meaning that all hosts (256 - 0 = 0) are available.

  • in CIDR notation, a more compact way to show the network range, in which the free bits instead of the free hosts are given. The same network range as above is expressed as:

    192.168.0.0/24
    

    This notation shows the length in bits of the shared part of the IP address. 24 means that the first three octets (each consisting of 8 bits) are shared, while the fourth octet is free, giving a number of free hosts that is equivalent to 32 - 24 = 8 bits, i.e., 256 hosts.

    The same line of reasoning can apply to an IPv6 address, with the only difference that IPv6 addresses are 128 bits long.

Internet Connection: DHCP

Configure more settings for the DHCP connection. Click on one of the available ETH ports the one assigned to the uplink, then click on the + symbol to open additional panels.

Manual DNS

This panel allows to specify custom DNS servers, that override those sent by the upstream DHCP server.

Primary DNS

Write in the textfield the IP address of the primay DNS server

Secondary DNS

Optionally write in the textfield the IP address of the secondary DNS server, used when the primary is not available.

Proxy support

This panel allows to define the option to connect to the Internet through an upstream proxy server.

If the uplink connection passes through a proxy server, configure it in this page.

Address

The hostname or IP address of the upstream server.

Port

The port on which the proxy is listening.

Proxy server requires authentication

Tick the checkbox if it is necessary to authenticate to access the proxy server. The next two options appear.

Username

Write the username to authenticate to the proxy.

Password

Write the password to authenticate to the proxy.

Warning

The password will be visible, so make sure no one is peeping!

Advanced settings

The following settings are available in this panel.

MAC Address

A custom MAC address, different from the uplink’s physical one.

MTU

Choose a suitable value for the MTU size, if it is necessary to change it from its default value (1500)

Warning

An incorrect value of the MTU size can result in the communication with the uplink to stop working, so be careful.

The MTU size.

While the vast majority of the ISPs uses a standard value of 1500 bytes, in some circumstances the standard MTU size results too high. If that happens, some strange network behaviours will noticed, like e.g., downloads which always stop after a while or connections which will not work at all.

If the ISP does not use a standard MTU size, it is easy to discover the correct one, by sending special ICMP packets with a specific value, that can be lowered until no errors are encountered: At theist point, the MTU size is correct and this value should be entered in the configuration options.

In order to send the icmp packets do the following:

Log in to the EFW and choose a host which can be actually reached (e.g., the ISP’s DNS, which should always be reachable) and ping that host with the following command:

ping -c1 -M do -s 1460 <host> (please refer to the ping(8) manpage for more info).

If the MTU size 1460 is correct, ping replies like the following one are received:

PING 10.10.10.10 (10.10.10.10) 1460(1488) bytes of data.
1468 bytes from 10.10.10.10: icmp_seq=1 ttl=49 time=75.2 ms

If however the current MTU size is still too big for packets of the size 1460, an error message like this will appear:

PING 10.10.10.10 (62.116.64.82) 1461(1489) bytes of data.
ping: sendmsg: Message too long

Retry with different packet sizes (i.e., the value after the -s option), until the correct size has found and no error is displayed. The value shown within brackets in the ping command’s output is the MTU size. In this example the output is 1460(1488), therefore 1488 is the value to select for the MTU size.

An MTU value lower than 1500 may cause problems also in the OpenVPN setup and require to adjust some setting there.

The configuration wizard continues with the set up of a Backup Connection.

Internet Connection: Static

In this section it is possible to configure a static IP setup for the internet connection. Click on one of the available ETH ports the one assigned to the uplink, then provide suitable values for the following available options.

IP Address

Write the IP address that the 4i Edge X receives in the network.

Subnet

Choose a suitable subnet for the zone.

Remove

Click on this button to remove the IP Address/ Subnet pair from the configuration.

Note

This button appears only if more than one IP Address has been configured on the same NIC.

Add more

Click on this button to add another IP Address/Subnet to the network interface.

Gateway

Write the IP address of the Gateway used by the 4i Edge X to access the Internet.

Primary DNS

Write in the textfield the IP address of the primay DNS server

Secondary DNS

Optionally write in the textfield the IP address of the secondary DNS server, used when the primary is not available.

Proxy support

If the uplink connection passes through a proxy server, configure it in this page.

Address

The hostname or IP address of the upstream server.

Port

The port on which the proxy is listening.

Proxy server requires authentication

Tick the checkbox if it is necessary to authenticate to access the proxy server. The next two options appear.

Username

Write the username to authenticate to the proxy.

Password

Write the password to authenticate to the proxy.

Warning

The password will be visible, so make sure no one is peeping!

Advanced settings

The following settings are available in this panel.

MAC Address

A custom MAC address, different from the uplink’s physical one.

MTU

Choose a suitable value for the MTU size, if it is necessary to change it from its default value (1500)

Warning

An incorrect value of the MTU size can result in the communication with the uplink to stop working, so be careful.

The MTU size is explained in the previous section, along with a few suggestions for troubleshooting.

The configuration wizard continues with the set up of a Backup Connection.

Internet Connection: PPPoE

Configure the PPPoE connection. Click on one of the available ETH ports to assign it to the uplink, then fill in the other option, if necessary.

Username

The username needed to authenticate.

Password

The password that corresponds to the username.

Authentication

Select from the drop down menu whether to use PAP, CHAP, or both methods should be used to authenticate.

Hint

If unsure whether to select PAP or CHAP authentication, keep the default option.

Manual DNS

This panel allows to specify custom DNS servers, that override those sent by the upstream DHCP server.

Primary DNS

Write in the textfield the IP address of the primay DNS server

Secondary DNS

Optionally write in the textfield the IP address of the secondary DNS server, used when the primary is not available.

Advanced settings

These settings are usually not necessary and need to be filled in only if the ISP supplies them.

Concentrator name

The concentrator name.

Service name

The service name.

MAC Address

A custom MAC address, different from the uplink’s physical one.

MTU

The MTU size, if different from the default value of 1500 bits.

The configuration wizard continues with the set up of a Backup Connection.

Internet Connection: Wi-Fi (client)

The uplink connects to a Wireless Network.

Right after the choice of the Wi-Fi uplink, a number of buttons will populate the page, each containing the name of a wireless connection that hass been detected by the 4i Edge X and its security level (i.e., WPA2, OPEN or if it is a HIDDEN network. To select and configure a wireless network, click on it. The list of networks will be replaced by a couple of options to configure the selected network.

Note

When a Wi-Fi uplink is configured, it is not possible to use the 4i Edge X as a Wireless Access Point (see Network ‣ Wireless): The two features are mutually exclusive.

Back to network selection

Click on this link to go back to the list of networks.

Password

Write in the textfield the password needed to access the network.

Stations

This informative box shows several information about the access point to which the 4i Edge X is connected.

DNS configuration

This box allows to manually configure the DNS servers and override any DNS setting sent by the Wi-Fi device.

Primary DNS

Write in the textfield the IP address of the primay DNS server

Secondary DNS

Optionally write in the textfield the IP address of the secondary DNS server, used when the primary is not available.

Static IP

Configure a static IP address if needed.

IP Address

The static IP address assigned to the 4i Edge X.

Subnet

The subnet of the assigned IP.

Add more

Click on this button to add another static IP address.

Gateway

The gateway used by the 4i Edge X, needed to access external networks.

Below the list of networks, two other buttons appear:

Add hidden network

If the desired network is hidden, it does not appear on the list. By clicking on this button it is possible to configure it, by providing the SSID name and the Security.

Rescan

Click on this button to update the list of networks.

Backup Connection

Three options are available to set up a secondary connection to the Internet.

No backup

No additional connection will be configured.

Ethernet DHCP

Choose this option to set up an additional Internet connection with dynamically assigned IP address.

Ethernet Static

Choose this option to set up an additional Internet connection with a static IP address.

Backup Internet Connection: DHCP

The options available here are the same as in section Internet Connection: DHCP.

Backup Internet Connection: Static

The options available here are the same as in section Internet Connection: Static.

The wizard continues with the Zones Setup.


Internet Connection: Bridged

In this page it is possible to manually configure the 4i Edge X's Internet connection, because it will not directly access the Internet. Click on one free network interface device to configure the 4i Edge X's network.

IP Address

Write the IP address that the 4i Edge X receives in the network.

Subnet

Choose a suitable subnet for the zone.

Remove

Click on this button to remove the IP Address/ Subnet pair from the configuration.

Note

This button appears only if more than one IP Address has been configured on the same NIC.

Add more

Click on this button to add another IP Address/Subnet to the network interface.

Gateway

Write the IP address of the Gateway used by the 4i Edge X to access the Internet.

Primary DNS

Write in the textfield the IP address of the primay DNS server

Secondary DNS

Optionally write in the textfield the IP address of the secondary DNS server, used when the primary is not available.

Proxy support

If the uplink connection passes through a proxy server, configure it in this page.

Address

The hostname or IP address of the upstream server.

Port

The port on which the proxy is listening.

Proxy server requires authentication

Tick the checkbox if it is necessary to authenticate to access the proxy server. The next two options appear.

Username

Write the username to authenticate to the proxy.

Password

Write the password to authenticate to the proxy.

Warning

The password will be visible, so make sure no one is peeping!

The wizard continues with the Zones Setup.

Zones Setup

This page allows to configure additional zones beside the default RED and GREEN, if enough Ethernet devices are present on the system. This is always the case on Endian hardware devices, but might not be the case when setting up a software or virtual appliance.

Click on one free network interface device and a drop-down menu will appear.

Zone

Select the zone to which the Ethernet device will be assigned, among the available choices: Not assigned (The interface will remain disabled), Device/LAN (the GREEN zone), DMZ (the ORANGE zone), and Wi-Fi (the BLUE zone, used by the Hotspot).

Note

Select multiple interface to assign all of them to one zone at once, and deselect those that are already assigned.

Once done, it will be possible to configure the zone one by one in the next page.

See also

The zones are detailed in section The zones.

Zones configuration

On top of this page will appear one button for each active zone, including those selected in the previous step. By clicking on each of them, the following options can be configured.

IP Address

Write the IP address that the 4i Edge X has in the local network.

Subnet

Choose a suitable netmask for the zone.

Add more

Click on this button to add another subnet to the zone.

DHCP server

This panel is used to configure the DHCP server within the zone.

Enable DHCP Server

Tick the checkbox to show configuration options for the DHCP server.

Range from

The starting IP address that the 4i Edge X will assign to the clients.

Range to

The end of the interval from which the 4i Edge X will assign IP addresses to the clients.

Warning

The range assigned to the DHCP server must fall within the zone’s network.

Outgoing Mail Server

In this section it is possible to define a default outgoing SMTP server that will be used to deliver all emails that originate from the 4i Edge X. These options can be modified or even configured at a later point from Outgoing mail server under System ‣ Settings.

Email sender address

The address that will appear as the sender of the e-mail.

Email recipient address for notifications

The address to which the e-mail will be sent.

SMTP address

The IP address or domain name of the SMTP server.

SMTP port

The port on which the SMTP server runs.

Connection security

Choose from the drop-down menu which type of security is required by the connection, either STARTTLS or SSL/TLS.

SMTP server required authentication

Tick the checkbox if authentication is required on the server side. The next three options appear


Username

The username needed to authenticate on the SMTP server.

Password

The password needed to authenticate on the SMTP server.

Authentication method

The authentication methods required by the SMTP server: PLAIN, LOGIN, CRAM-MD5, and DIGEST-MD5 are supported. Multiple methods can be chosen by ticking the checkboxes in the multiselect drop-down menu.


Setup Completed

Click on the Finish button to complete the setup. The configuration will be saved and applied to the 4i Edge X. Wait for a few seconds, then it will be possible to register the 4i Edge X to Endian Network.

Register to Endian Network

In this page it is possible to decide to register immediately the 4i Edge X to Endian Network or defer the registration. In the latter case, click on the Register later button. These options are available.

Do you already have an Endian Network account?

Select Yes if you already have an account, No if you never registered a Endian device to Endian Network.

See also

The necessary steps required to register the 4i Edge X, including the creation of a new account, are described in this article https://help.endian.com/hc/en-us/articles/218144848 on Endian's help portal.