HOW TO: Use the PGP Universal 2.x Setup Assistant

Article:HOWTO42008  |  Created: 2008-01-18  |  Updated: 2012-02-02  |  Article URL http://www.symantec.com/docs/HOWTO42008
Article Type
How To




This article provides step-by-step instructions to aid administrators through the initial configuration of a primary PGP Universal Server using its Web-based Setup Assistant.


 

HOW TO: Use the PGP Universal 2.x Setup Assistant

The Setup Assistant only appears the first time you access the PGP Universal Server from your web browser. The Setup Assistant displays a series of screens that ask you questions about your network and about how you want your PGP Universal Server to work; the Setup Assistant uses the answers to those questions to finish configuring your PGP Universal Server.

In many cases, the Setup Assistant will do the majority of the configuration for your PGP Universal Server. You can change any settings you establish with the Setup Assistant anytime after you run it using the administrative interface of the PGP Universal Server; you can also use the administrative interface to configure those features not covered in the Setup Assistant.

The Setup Assistant supports four types of setups:
 

  • Primary. You are configuring a PGP Universal Server that will be your only PGP Universal Server or the Primary server in a cluster.

     
  • Secondary. You are configuring a PGP Universal Server that will be a Secondary server in a cluster. You must have already set up the Primary server in the cluster or this setup will not work.

     
  • Restore. You are restoring backed-up data from another PGP Universal Server onto a new PGP Universal Server. You will need the backed-up data file and the Organization Key used to encrypt the backup file.

     
  • Keyserver. You are migrating the keys and data from a PGP Keyserver to a PGP Universal Server.
Note: Some parameters that you will be setting (dependent upon install options) with the Setup Assistant include: network setup (including DNS), licensing information, mail server name and address, ignition key information, etc. It is a good idea to have this information ready before going through the actual Setup Assistant.



 

Initial Configuration with Setup Assistant

After the software installs and the server restarts, you can connect to the PGP Universal Server via a Web browser at the configured IP address and finish running the Setup Assistant.

 

  1. Open a Web browser and connect to the PGP Universal Server:

    Enter https://<hostname>:9000 (for customnet, standard, and expert software installations)

    or

    Enter https://192.168.1.100:9000 (for noautopart and pgp software installations). The Welcome Screen of the Setup Assistant appears.

     
  2. Read the text, then click the Forward arrow to continue.

    The End User License Agreement screen appears.

     
  3. Read the text of the License Agreement, then click the I Agree button at the end of the agreement. The Setup Type screen appears.

     
  4. Click the Radio Button next to the Setup Type your installation requires.

     
  5. Click the Forward arrow to continue.

    The Date & Time screen appears.

     
  6. Pull down the Time Zone drop-down list and select your location.

     
  7. Choose Time Format and Date Format settings.

     
  8. Set the correct Time and Date.

    Note: Your server preforms many time-based operations, so it is important to set up the correct time.

     
  9. Optionally, specify an NTP Time Server in the NTP Server field.

     
  10. Click the Forward arrow to continue. The Network Setup screen appears.

     
  11. Enter the Network Information that is not already present.

     
  12. The next window will prompt for proxy information if applicable and click the Forward arrow, otherwise, click Skip if no proxy server will be used.
  13. Note: In the Hostname field, enter a name for this PGP Universal Server. This must be a fully-qualified domain name of the external, untrusted interface.

    PGP Corporation strongly recommends you name your externally visible PGP Universal Server according to the keys.<domain> convention, which allows other PGP Universal Servers to easily find email recipient's valid public keys in your domain.

     
  14. The Confirmation screen appears.

    All information about the network that has been entered now appears for review.

     
  15. Make sure the information is correct, then click Done.

    Click the Back arrow if you need to go back and make any changes.

    The Network Configuration Changed dialog appears while the server restarts automatically.

    Note: If you chose the pgp or noautopart installation, you will need to reconnect to your PGP Universal Server. At this point, your PGP Universal Server has accepted the new network settings you entered, so it will disconnect the temporary setup.


 

Primary or Secondary Configuration

If you selected a Primary or Secondary configuration for the PGP Universal Server you are configuring with the Setup Assistant, the Licensing screen appears automatically.

 

Note:If the license number being entered into PGP Universal Server does not have mail processing enabled, the setup pages do not include configuration of a mail server. If email enrollment is used during the installation of the PGP Desktop client, in order to receive any enrollment emails, a mail route may need to be entered manually under the Mail/Mail Routes tab on the PGP Universal Server. See the PGP Universal Server Administrators guide for information on how to enter a mail route. 


 

  1. Enter your PGP Universal Server license information, then click the Forward arrow.

    Click Skip if you want to license your PGP Universal Server at a later time.

     
  2. If your PGP Universal Server has an active connection to the Internet, the PGP Universal Server license will be authorized.

     
  3. If your PGP Universal Server does not have an active connection to the Internet, for example because it is behind a proxy server, a manual license authorization is needed.

     
  4. Enter the appropriate license information, paste your license authorization information in the License Authorization box (appears when the Manual button is clicked), then click the Forward arrow.

     
  5. If your PGP Universal Server license supports the Symantec AntiVirus option, the AntiVirus screen appears. Typically this feature is not included.

     
  6. Enter your Symantec AntiVirus serial number in the Serial Number field.

    Click Skip to continue with the Setup Assistant without licensing the AntiVirus feature.

     
  7. In the License File field, locate your Symantec license file using the Choose File button or paste the contents of your Symantec license file into the License Contents box.

     
  8. Click the Forward arrow to continue.

    The Administrator Name & Passphrase screen appears.

     
  9. Enter in the Login Name and Passphrase for the administrator and an optional Email Address.

     
  10. Click the Forward arrow to continue.

    The Mail Processing screen appears.

     
  11. Specify the placement of this PGP Universal Server in your network.

    Select Gateway Placement if your PGP Universal Server is logically located between your mail server and the Internet.

    Select Internal Placement if your PGP Universal Server is logically located between your email users and your mail server, or if your PGP Universal Server is out of the mailstream.

     
  12. Click the Forward arrow to continue.

    The Mail Server Selection screen appears.

     
  13. In the Mail Server field, enter the hostname or IP address of the mail server that this PGP Universal Server will be interacting with.

     
  14. In the Proxy Server field, enter an optional additional mail server to which all outbound mail will be sent.

     
  15. In the Primary Domain field, enter the email domain that the PGP Universal Server is going to be managing.

     
  16. Click the Forward arrow to continue.

    The Directory Server screen appears.

     
  17. In the Directory Server field, enter the hostname or IP address of your corporate LDAP directory so that PGP Universal can synchronize user information with that LDAP directory.

    Using a directory server is optional. If you do not have one on your network or do not wish to use one, leave the Directory Server field empty and continue with the Setup Assistant.

     
  18. Click the Forward arrow to continue.

    The Ignition Keys screen appears.

     
  19. Select the type of Ignition Key you would like to use, then click the Forward arrow.

    Click Skip to proceed with the Setup Assistant without configuring an Ignition Key.

    Note: Ignition Keys protect the data on your PGP Universal Server if an unauthorized person gets control of it. If you want to use a hardware Ignition Key, you will need to prepare the token before you add it to the system here.

    The Ignition Key screen is displayed.

     
  20. Enter a name for the Ignition Key, a passphrase, confirm the passphrase, then click the Forward arrow. The Backup Organization Key screen appears.

     
  21. If desired, enter the passphrase that will protect the Organization Key (this is optional, but highly recommended ), then click Backup Key to back up the key. Be aware that without a backup of your Organization Key, you will not be able to restore your PGP Universal Server from backed-up data.

    To skip backing up your Organization Key (not recommended), click Forward without backing up the key.

    Note: The PGP Universal Server generates an Organization Key for you. If you want to generate an S/MIME Organization Certificate, you should do so immediately after finishing setup.

     
  22. Click the Forward arrow to continue. The Confirmation screen appears.

     
  23. Click Done to finish setup.

    The Configuration Changed screen appears, and the server restarts automatically.

    You will be redirected to the administrative interface of the PGP Universal Server you just configured.


 


Legacy ID



883


Article URL http://www.symantec.com/docs/HOWTO42008


Terms of use for this information are found in Legal Notices