Deploying an On-Premises Gateway

Upon successful installation, you can log on to the web console to deploy the on-premises gateway by using the Deployment Wizard. The Deployment Wizard is a web console-based wizard that contains all basic settings to deploy an on-premises gateway. It provides a step-by-step method to facilitate the deployment process. You can also use the Deployment Wizard to modify deployment-related settings.

This task requires the following resources:

Requirement

Details

Administrator account

Set the password for the administrator account during on-premises gateway installation. The password cannot be changed on the web console. The user name is fixed to root.

Web console URL

The web console URL is https://<your-on-premises-gateway-ip-address>.

Browser

Open the web console from one of the following supported browsers:

  • Apple Safari 8.x or later

  • Google Chrome 55.x or later

  • Microsoft Internet Explorer 11

  • Mozilla Firefox 50.0.1 or later

  • Microsoft Edge 83.x or later

  1. Open a browser and type the web console URL in the address bar.
  2. Type your user name and password in the Username and Password text boxes on the logon page, and then click Log On. The user name is fixed to root, and the password is set during on-premises gateway installation.

    The main page of the web console appears.

  3. Under Deployment Wizard, view the brief description of the deployment wizard in the Welcome section, and click Next.
    Note:

    The Deployment Wizard appears automatically when the administrator logs on to the web console for the first time after installation.

  4. Configure the Working Mode Settings section.

    Item

    Setting

    HTTP listening port

    Specify a listening port number of a given HTTP handler so the traffic will go through. The default value is 8080 for HTTP proxy.

    Enable upstream proxy

    (Optional) Select the Enable upstream proxy check box if you want to configure an upstream proxy for the on-premises gateway. Users' web traffic from the on-premises gateway will be transmitted to the Internet through the upstream proxy server.

    Proxy server

    Specify an IP address or host name that can identify the proxy server.

    Port number

    Specify the port number of the proxy server.

    Note:

    The proxy server configured here will also act as the proxy server for communication between the on-premises gateway and Trend Micro servers. To use a different proxy server for Trend Micro services, go to System > Proxy.

    Anonymous FTP over HTTP email address

    Type an email address for anonymous FTP over HTTP traffic forwarding, for example, anonymous@yourdomain.com.

    FTP over HTTP enables users to access hyperlinks to ftp:// URLs in web pages and enter a URL starting with ftp:// in the address bar of their browser. If the user omits the user name when accessing this type of URL, anonymous login is used, and the user's email address is conventionally used as a password string that is passed to the FTP server.

  5. Click Next, and then configure the Network section.

    Item

    Setting

    Host name

    Specify the host name of the on-premises gateway.

    Do not start the host name with ScannerDy- or ScannerDy4v20-. It may conflict with an TMWS cloud proxy server name, which will cause user authentication failure.

    Data interface

    Select a network interface card (NIC) from the drop-down list to use as the interface for data transmission. All installed and available NICs for the on-premises gateway are listed.

    Note:
    • By default, the data interface configured during gateway installation is selected here.

    • TMWS supports configuring up to two NICs for data transmission.

    • The configurations of the other NIC will be cleared after the deployment wizard process is completed. To re-configure the NIC, go to Network > Interfaces.

      If the IPv4 gateway address is modified, the last-modified IPv4 gateway address always takes effect.

    Mode

    Select an IP address allocation mode for the data interface from the drop-down list. Options include:

    • Static

    • DHCP

      In this case, the IP addresses, gateways, and DNS servers are allocated automatically through DHCP without any user intervention.

    IPv4 address

    Specify an IPv4 address for the data interface.

    Note:

    By default, the IPv4 address configured during gateway installation is displayed here.

    IPv4 netmask

    Specify an IPv4 netmask for the data interface.

    Note:

    By default, the IPv4 netmask configured during gateway installation is displayed here.

    Default IPv4 gateway

    (Optional) Specify a default IPv4 gateway for the data interface.

    IPv6 address/prefix length

    (Optional) Specify an IPv6 address and prefix length for the data interface.

    Note:

    In this version, only IPv4 is supported.

    Default IPv6 gateway

    (Optional) Specify a default IPv6 gateway for the data interface.

    Note:

    In this version, only IPv4 is supported.

    Primary DNS server

    (Optional) Specify the IP address of the primary DNS server for the data interface.

    Secondary DNS server

    (Optional) Specify the IP address of the secondary DNS server for the data interface.

  6. Click Next, and then configure the Time section.

    Item

    Setting

    NTP server

    Specify a time server for time synchronization.

    Important:

    Make sure that the NTP server is reachable by your on-premises gateway and the server time is accurate, which otherwise would cause certain features, such as logging and reporting, not to work properly.

    System time zone

    Select the time zone for the on-premises gateway.

  7. Click Next.

    The configuration summary appears, showing the configurations set in each section of the Deployment Wizard.

  8. Click Done.

    A window appears, indicating that the system needs reboot to apply the configuration. To reboot the system, click OK. To go back to the Deployment Wizard screen, click Cancel.