Swivel Install Information Notes for Engineers
Swivel Installation and configuration
A copy of the Swivel Installation and Configuration document in Word format can be downloaded from here Swivel Installation and Configuration document
Version 2.0
Customer Install Details
| Primary Site | Secondary (DR?) site | |
| Customer Company Name | ||
| Install Contact Name | ||
| Phone | ||
| Address of Install | ||
| Date and Time of Install | ||
| Secondary Contact Name | ||
| Secondary Phone | ||
| Secondary Email | ||
| Distributor Contact | ||
| Reseller Contact | ||
| License Key with customer? | ||
| Number of licensed Users? | ||
| Option A). Hardware Appliance Install
Appliance Received? 3 plug socket or UPS socket for power? Rack Mount kit Required? 1 U Rack Space per appliance | ||
| Option B).
Virtual Machine image required? | ||
| Option C).
Software Install – OS/Java/Tomcat Ready? | ||
| Has a network diagram been provided Y/N |
What are the goal/objectives of the install
what needs to be done for the install to be signed off as complete):
Key questions:
What are the user data sources (e.g. AD, LDAP, SQL):
List all devices requiring authentication and versions (e.g. Juniper 7.1, OWA 2010, IIS 7, ISA, IAG, etc) (Evaluations are usually one device):
Where is the Swivel data to be stored (e.g. Swivel internal, MySQL on appliance, Customer Database):
How are the PIN numbers to be delivered to users (e.g. Email, SMS):
How are security strings to be delivered to users (e.g. TURing and SMS, Swivlet):
Software or Appliance install (e.g. Appliance, software, VMware):
Standalone or HA Active/Passive or Active/Active (Evaluations are usually standalone):
System Configuration
| Primary Server | Secondary Server | Slave Server | |
| Appliance Version | |||
| Hostname | |||
| IP Default | 192.168.0.36 | 192.168.0.37 | IP Required |
| Netmask | |||
| Gateway
(Must be Pingable for HA VIP) | |||
| DNS 1 | |||
| DNS 2 | |||
| DNS Search Path
e.g. swivelsecure.com | |||
| HA Cluster VIP | Default 192.168.0.38 | ||
| HA VIP Netmask | 255.255.255.0 | As Primary Server | NA |
| HA Heartbeat IP | 172.16.0.1 | 172.16.0.2 | NA |
| HA Heartbeat Netmask | 255.255.255.0 | 255.255.255.0 | NA |
| user | swivel | swivel | |
| Password \* | lockbox | lockbox | |
| Super user | root | root | |
| Password \* | lockbox | lockbox | |
| Appliance Webmin address | https://Primary_IP:10000 | https://Secondary_IP:10000 | |
| Command line and Webmin username | admin | admin | |
| Command line Webmin password \* | lockbox | lockbox | |
| Swivel Management address | https://<IP>:8080/pinsafe | ||
| Swivel Management username | admin | admin | |
| Swivel Management PIN \* | 1234 | 1234 | |
| Swivel Management lockdown address ranges | 17.1.x..x | ||
| transfer password | lockbox | lockbox | |
| NTP Server | |||
| Timezone | |||
| FTP Backup IP | |||
| FTP Username | |||
| FTP Password | |||
| SMTP server for error logs | |||
| SSL Certificates |
\* It is recommended to change these.
Swivel Configuration
| Swivel install version | |||
| Install context | pinsafe | ||
| SMTP server hostname/IP | |||
| SMTP Server authentication details if enabled | |||
| Email address; For locked Mail accounts | For system messages and errors | ||
| Agents required ChangePIN/Reset | changepin | ||
| Agent IP | 127.0.0.1 | ||
| Agent Secret | secret | ||
| ChangePIN Access URL Address | |||
| ChangePIN redirect URL | (default http://www.google.com) | ||
| XML Authentication Agents | (for non RADIUS authentication) | ||
| Agent IP | |||
| Agent Secret | |||
| RADIUS Server IP | |||
| RADIUS Auth Port (default 1812) | |||
| RADIUS Acc Port (default 1813) | |||
| Syslog Server IP | |||
| Single Channel details | (Single channel configuration details) | Public IP address? | Public IP/NAT address for Turing Image: |
| Swivel TURing address | https://<IP>:8443/pinsafe | ||
| Dual Channel details
(SMS gateway login details) |
Authentication Devices
| Authentication device Name | |
| Authentication device IP/hostname | |
| Authentication device secret |
| Authentication device Name | |
| Authentication device IP/hostname | |
| Authentication device secret |
SMS Configuration
| SMS Gateway Address | |
| Username | |
| Password | |
| Other |
AD or LDAP Data Source Information
| AD Server IP | ||
| AD service account Username | ||
| AD password | ||
| AD LDAP authentication port
(default 389) | ||
| Administrators LDAP pathname | ||
| Helpdesk LDAP pathname | ||
| Single Channel LDAP pathname | (i.e. Turing) | |
| Dual Channel LDAP pathname | (i.e. SMS) | |
| Swivlet LDAP pathname | ||
| PINless LDAP pathname | ||
AD groups should be populated with at least 1 user for test purposes
Port information for configuring Firewalls
See Ports
Other relevant install information:
