How it Works
SONICWALL
Loading...
TELE2, SOHO2/10, SOHO2/50, XPRS2, PRO, PRO-VX, GX250, GX650
User guide
194 pgs3.26 Mb0

SONICWALL TELE2, SOHO2/10, SOHO2/50, XPRS2, PRO, PRO-VX, GX250, GX650 User guide

SONICWALL
Internet Security Appliances
Contents
Copyright Notice .......................... ............................ ...................... 5
About this Guide ..... ............................ ............................ ............... 7
SonicWALL Technical Support ..................... ............................ ........ 8
1 Introduction
Your SonicWALL Internet Security Appliance ................................... 9
SonicWALL Internet Security Appliance Functi on al Diagram .............10
SonicWALL Internet Security Applian ce Feat u res . ............................11
2 SonicWALL Installation
Inspecting the Package .. ............................ ............................ .......1 5
Overview .....................................................................................15
Connecting the SonicWALL to the Network .....................................1 6
Performing the Initial Configuration ........................................ .......1 8
3 Managing Your SonicWALL
Log into the SonicWALL using a Web Browser ................................28
Status .................... ..................... .............. .............. .....................2 9
CLI Support and Remote Management ............... ............................30
4 General and Network Setting s
Network ................. ....... .............. ....... ....... .............. ....... ....... .......32
Network Settings .............................................. ............................33
Standard Configuration ............................................ .....................35
NAT with DHCP Client Configuration .............................................. 37
NAT with PPPoE Configuration ...... ............................ .....................39
Setting the Time and Date ..................................................... .......4 1
Setting the Administrator Password ...............................................42
Setting the Administrator Inactivity Timeout ...................................43
5 Logging a n d Al erts
View Log .................................................. ............................ .......44
SonicWALL Log Messages ................................. ............................45
Log Settings ....................................... ..........................................46
Log Categories ..................... ............................ ............................48
Alert Categories ...... ......................................................................49
Reports ........... ............................ ............................ .....................49
6 Content Filtering and Blocking
Categories ...................................................................................51
Time of Day .................................................................................53
List Update .......................... ............................ ............................53
Contents Page 1
Customize .......... ..................... .............. .............. ..................... ....55
Keywords .................. .............. ....... ....... .............. ....... .............. ....5 7
Consent .................... ................................... ................................ 57
7 Web Management Tools
Restarting the SonicWALL .............................................................6 1
Preferences ........ ....... ....... .............. ....... ....... .............. ....... ....... ....62
Exporting the Settings File ................................... .........................63
Importing the Settings File ............................................................64
Restoring Factory Default Settings .................................................65
Upgrade Features ........................... ............................ ..................68
Diagnostic Tools ........................................... ............................ ....6 9
DNS Name Lookup .......................................................................69
Ping ............................................................................................70
Packet Trace .................... ............................ ............................ ....72
Tech Support Report ......................................................... ...........73
8 Network Access Rules
Services .................... ..................... ............................ ..................7 5
Windows Networking (NetBIO S) Broad c ast Pa ss Th rou g h ................76
Detection Prevention ............... ............................ .........................76
Network Connection Inactivity Timeout ..........................................77
Add Service ........ ............................ ............................ ..................77
Rules ................. ..................... ..................... ............................ .... 78
Understanding the Access Rule Hierarchy ................................... ....84
SonicWALL TELE2 and SOHO2 IP Address Man age ment ..................87
Users ................. ....... .............. ....... .............. ....... ....... .............. ....8 8
Management ................... ............................................................90
Management Method ............... .....................................................9 1
9 Advanced Features
Proxy Relay ............................. ............................ .........................94
Intranet ............. .......................................... ................................ 96
Routes ............... .............. .............. ..................... .............. ........... 9 8
DMZ Addresses (SonicWALL XPRS2, PRO, and PRO-VX Only) ...........9 9
Delete a DMZ Address Range ......................................................101
One-to-One NAT .............. ............................ ............................ ..101
The Ethernet Tab ......................................... ..............................104
10 DHCP Server
Setup ........................................................................................106
Enable DHCP Server ......... ............................ ............................ ..107
Page 2 SonicWALL Int er n et Security A ppl i an c e User ’ s G ui d e
Deleting Dynamic Ranges and Static Entries ............................ .....108
DHCP Status ... ............................ ............................ ...................108
SonicWALL TELE2 and SOHO2 IP Address Ma n agemen t ................109
11 SonicWALL VPN
VPN Applications ........................................................................111
The VPN Interface .............................. ............................ ............112
SonicWALL VPN Client for Remote Access and Management ..........113
The Configure Tab ....................... ...............................................114
VPN Advanced Settings ...............................................................115
Advanced Settings for VPN Configurations ............................... .....117
Enabling Group VPN on the SonicWALL ............................ ............118
Group VPN Client Configuration ...................................................120
Manual Key Configuration between the SonicWALL and VPN Client .123
Installing the VPN Client Software ................................................125
VPN between Two SonicWALLs ....................................................130
Example of Manual Key Configuration between Two SonicWALLs ...133
IKE Configuration between Two SonicWALLs ................................136
Example: Linking Two SonicWALLs ..............................................139
Testing a VPN Tunnel Connection Using PING ..............................142
Configuring Windows Networking ................................................143
Adding, Modifying and Deleting De st inat ion Networks ...................146
RADIUS and XAUTH Authentication ...... ............................ ............147
SonicWALL Enhanced VPN Logging .................................. ............149
Disabling Security Associations ....................................................150
Basic VPN Terms and Concepts ........... ............................ ............151
12 SonicWALL Options and Upgrades
SonicWALL VPN Upgrade ............. ...............................................154
SonicWALL VPN Client for Windows .......................... ...................154
SonicWALL Network Anti-Virus ..... ............................ ...................155
Content Filter List Subscriptio n .......................... ..........................155
SonicWALL High Availability Upgrade ... ........................................155
Vulnerability Scanning Service ............. ............................ ............156
SonicWALL Authentication Service ...............................................15 6
SonicWALL ViewPoint Reporting ..................................................156
SonicWALL Per Incident Support ........................ ..........................157
SonicWALL Premium Support .......................................... ............157
SonicWALL Extended Warranty ............ ............................ ............157
SonicWALL Global Management Syste m .................................. .....157
Contents Page 3
13 Hardware Description
SonicWALL PRO and PRO-VX Front Panel .....................................158
SonicWALL PRO and PRO-VX Back Panel ......................................159
SonicWALL XPRS2 Front Panel .............................. .......................160
SonicWALL XPRS2 Front Panel Description ...................................160
SonicWALL XPRS2 Back Panel ............................................ .........161
The SonicWALL XPRS2 Back Panel Description ..............................161
SonicWALL SOHO2 and TELE2 Front Panel ............ .......................16 2
SonicWALL SOHO2 and SonicWALL TELE2 Front Panel Description .162
SonicWALL SOHO2 and TELE2 Back Panel ....................................163
The SonicWALL SOHO2 and TELE2 Back Panel Description ... .........163
14 Troubleshooting Guide
The Link LED is off. ....................................................................165
A computer on the LAN cannot access the Intern et . ...... ................165
The SonicWALL does not establish authenticated session s. ............165
The SonicWALL does not save changes that you have made. .........166
Duplicate IP address errors occur when the SonicWALL is installed 166
Machines on the WAN are not reachable. .....................................166
15 Appendices
Appendix A - Technical Specifications ........................... ................167
Appendix B - Introduction to Networking .................................... ..170
Overview ................................................................................... 170
Network Hardware Components ..................................................170
Network Types ...........................................................................170
Firewalls .................................................................................... 170
Gateways ........... ........................................................................17 1
Network Protocols ..... ............................ ............................ .........171
IP Addressing .......................... ............................ .......................17 2
Appendix C - IP Port Numbers .. ............................ .......................17 5
Appendix D - Configuring TCP/IP Settings ...... ............................ ..176
Appendix E - Erasing the Firmware .. ............................................178
Appendix F - Securing the SonicWALL ..........................................180
Mounting the SonicWALL PRO and SonicWALL PRO -VX .................180
Appendix G - Electromagnetic Compatibil ity ..................................181
SonicWALL PRO and SonicWALL PRO-VX .................................... ..181
SonicWALL XPRS2, SonicWALL SOHO2 and SonicWALL TELE 2 .......182
Notes ........................................................................................183
Page 4 SonicWALL Int er n et Security A ppl i an c e User ’ s G ui d e
Copyright Notice
©
2001 SonicWALL, Inc. All rights reserved.
Under the copyright laws, this manual or the s oftware described within, can not be c opied, in whole or part, without the written consent of the manufacturer, except in the normal use of the software to make a backup copy. The same proprietary and copyright notices must be affixed to any permitted copies as were affixed to the original. This exception does not allow copies to be made for others, whether or not sold, but all of the m a terial purchased (with all backup copies) can be sold, given, or loaned to another person. Under the law, copying includes translating into another language or format.
SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein can be trademarks and/or registered
trademarks of their respective companies. Specifications and descriptions subject to change without notice.
LIMITED WARRANTY
SonicWALL, Inc. warrants the SonicWALL Internet Security Appliance (the Product) for one (1) year from the date of purchase against defects in materials and workmanship. If there is a defect in the hardware, SonicWALL will replace the product at no charge, provided that it is returned to SonicWALL with transportation charges prepaid. A Return Materials Authorization (RMA) number must be displayed on the outside of the package for the product being returned for replacement or the product will be refused. The RMA number can be obtained by call ing SonicWALL Customer Service bet ween the hours of 8:30 AM and 5:30 PM Pacific Standard Time, Monday through Friday.
Phone:(408) 752-7819 Fax:(408) 745-9300 Web: <http://www.sonicwall.com/support> This warranty does not apply if the Product has been damaged by accident, abuse, misuse,
or misapplication or has been modified without the written permission of SonicWALL. In no event shall SonicWALL, Inc. or its suppliers be liable for any damages whatsoever
(including, without limitation, damages for loss of profits, business interruption, loss of inform ation, or othe r pecuniary l oss) arisin g out of the us e of or inabili ty to use the P roduct.
Some states do not allow the exclusion or limitation of implied warranties or liability for incidental or consequential damages, so the above limitation or exclusion can not apply to you. Where liability can not be limited under applicable law, the SonicWALL liability shall be limited to the amount you paid for the Product. This warranty gives you specific legal rights, and you can have other rights which vary from state to state.
By using this Product, you agree to these limitations of liability.
Preface Page 5
THIS WARRANTY AND THE REMEDIES SET FORTH ABOVE ARE EXCLUSIVE AND IN LIEU OF ALL OTHER WARRANTIES, ORAL OR WRITTEN, EXPRESS OR IMPLIED.
No dealer, agent, or employee of SonicWALL is authorized to make any extension or addition to this warranty.
Page 6 SonicWALL Internet Security Appliance User’s Guide
About this Guide
Thank you for purchasing the SonicWALL Internet Security Appliance. The SonicWALL protect s your Local Area Networ k (LAN ) fr om att acks an d in trusio ns, filte rs ob jecti onal Web sites, provides private VPN connections to business partners and remote offices, and offers a centrally-managed defense against software viruses.
This guide covers the installation and configuration of the SonicWALL SOHO2, SonicWALL TELE2, SonicWALL XPRS2, SonicWALL PRO and SonicWALL PRO-VX. The instructions are the same for every hardware model except where specifically noted.
Organization of This Guide
Chapter 1, Introduction, describes the features and applications of the SonicWALL. Chapter 2, SonicWALL QuickStart Installation, demonstrates how to connect the
SonicWALL to your network a nd pe rform the initial configuration. Chapter 3, Managing Your SonicWAL L, provides a brief overvi ew of the SonicWALL Web
Management Interface. Chapter 4, Network Settings, describes the configuration of the SonicWALL IP settings,
time and password. Chapter 5, Logging and Alerting, illustrates the SonicWALL logging, alerting and
reporting features. Chapter 6, Content Filt erin g and Blo cking , describes So nicWALL Web content filte ring,
including subscription updates and customized Web blocking. Chapter 7, Web Management Tools, provides directions to restart the SonicWALL,
import and export settings, upload new firmware, and perform diagnostic tests. Chapter 8, Network Access Rules, explains how to permit and block traffic through the
SonicWALL, set up servers, and en able re mote management. Chapter 9, Advanced Feat ures, desc ribes ad vanced SonicW ALL setting s, such as One-t o-
One NAT, Automatic Web Proxying and DMZ addresses. Chapter 10, DHCP Server, describes the configuration and setup of the SonicWALL DHCP
server. Chapter 11, SonicWALL VPN, explains how to create a VPN tunnel between two
SonicWALLs and from the VPN client to the SonicWALL. Chapter 12, SonicWALL Options and Upgrades, presents a brief summary of the
SonicWALL's subscription services, firmware upgrades and other options. Chapter 13, Hardware Description , illustrates and describes the SonicWALL front and
back panel displays. This chapter is divided into three sections for the SonicWALL SOHO2 and SonicWALL TELE2, the Son icWALL XPRS2, and the SonicWALL PRO and SonicWA LL PRO-VX.
Preface Page 7
Chapter 14, Troubleshooting Guide, shows solutions to commonly encountered problems.
Appendix A, Technical Specifications, lists the SonicWALL specifications. Appendix B, Introduction to Networking, provides an overview of the Internet, TCP/IP
settings, IP security, and other general netw orki ng topics. Appendix C, IP Port Numbers, offers information about IP port numbering. Appendix D, Config uring T CP/IP Settin gs, provides instructi ons for configuring your
Management Station's IP address. Appendix E, Erasing the Firmware, describes the firmware erase procedure. Appendix F, Securing the So nicWAL L, details the steps necessary to safely mount the
SonicWALL on a mounti ng rack. Appendix G, El ectrom agnetic Comp atibil ity, presents important emissions standards
approvals and EMC information.
SonicWALL Technical Support
For fast resolution of technical questions, please visit the SonicWALL Tech Su pport Web site at <http://www.sonicwall.com/support>. There, you will find resources to resolve most technical issues and a Web request form to contact one of the SonicWALL Technical Support engineers.
Page 8 SonicWALL Internet Security Appliance User’s Guide
1 Introduction
Your SonicWALL Internet Security Appliance
The SonicWALL Internet security appliance provides a complete security solution that protects your network from attacks, intrusions, and malicious tampering. In addition, the SonicWALL filters objectionable Web content and logs security threats. SonicWALL VPN provides secure, encrypted communications to business partners and branch offices. SonicWALL VPN is included with the SonicWALL TELE2, the SonicWALL PRO, the SonicWALL PRO-VX, and the GX series of appliances. It is also available as an upgrade.
The SonicWALL Internet security appliance uses s tateful packet inspection to ensure secure firewall filtering. Stateful packet inspection is widely considered to be the most effective method of filtering IP traffic. MD5 authentication is used to encrypt communications between your Manageme nt Station and the SonicWALL Web Management Interface. MD5 Authentication prevents unauthorized users from detecting and stealing the So nicWALL password as it is sent over your netwo rk.
The SonicWALL family of Internet security appliances include eight SonicWALL models customized to the requirements of different networks.
SonicWALL Feature Chart
SonicWALL
Model
TELE2 5 Included SOHO2/10 10 Optional SOHO2/50 50 Optional XPRS2 Unlimited Optional Included PRO Unlimited Included Included Optional Optional PRO-VX Unlimited Included Included Included Optional GX250 Unlimited Included I ncluded Included Optional GX650 Unlimited Included I ncluded Included Optional
Nodes VPN DMZ Port
High
Availability
Anti-Virus
Introduction Page 9
SonicWALL Internet Security Appliance Functional Diagram
The following figure illustrates the SonicWALL's security functions.
By default, the SonicWALL allows outbound access from the LAN to the Internet and blocks inbound access from the Internet to the LAN. Users on the Internet are restricted from accessing resources on the LAN unless they are authorized remote users or Network Access Rules were created to allow inbound access.
If the SonicWALL includes a DMZ port, users on the LAN and on the Internet have full access to the devices on the DMZ.
Page 10 Soni cW A L L In t ern et Security A pp li an ce Us e r ’s Gu id e
SonicWALL Internet Security Appliance Features
Internet Security
ICSA-Certified Firewall After undergoing a rigorous suite of tests to expose security vulnerabilities, SonicWALL
Internet security appliances have received Firewall Certification from ICSA, the internationally-accepted auth ority on network security. The SonicWALL uses stateful packet inspection, the most effective method of packet filtering, to protect your LAN from hackers and vandals on the Internet.
Hacker Attack Prevention The SonicWALL automatically detects and thwarts Denial of Service (DoS) attacks such
as Ping of Death, SYN Flood, LAND A ttac k, and IP Spoofing.
Network Address Translation (NAT) Network Address Translation (NAT) translates the IP addresses used on your private
LAN to a single, public IP address that is used on the Internet. NAT allows multiple computers to access the Internet, even if only one IP address has been provided by your ISP.
Network Access Rules The default Network Access Rules allow traffic from the LAN to the Internet and block
traffic from the Internet to the LAN. You can create additional Network Access Rules that allow inbound traffic to network servers, such as Web and mail servers, or that restrict outbound traffic to certain destinations on the Internet.
AutoUpdate The SonicWALL maintains the highest level of security by automatically notifying you
when new firmware is released. When new firmware is available, the SonicWALL Web Manageme nt Inter face displays a link to download and install the latest fir mware. The SonicWALL also sends an e-mail with firmware release notes.
DMZ Port SonicWALL XPRS2, SonicWALL PRO and SonicWALL PRO-VX include a DMZ port
allowing users to access public servers, such as Web and FTP servers. While Internet users have unlimited access to the DMZ, the servers located on the DMZ are still protected against DoS attacks.
SNMP Support SNMP (Simp le N e two rk Ma n ag e men t Protoco l) is a network protocol used over
User Datagram Protocol (UDP) that allows network administrators to monitor the status of the SonicWALL Internet Sec urity appliances and receive n otification of any critical events as they occur on the network.
Introduction Page 11
Content Filtering
SonicWALL Content Filtering Overview You can use the SonicWALL Web content filtering to enforce your company's Internet
access policies. The SonicWALL blocks specified categories, such as violence or nudity, using an optional Content Filter List. Users on your network can bypass the Content Filter List by authenticating with a unique user name and password.
Content Filter List Updates (optional) Since content on the Internet is constantly changing, the SonicWALL automatically
updates the optional Content Filter List every week to ensure that access restrictions to new and relocated websites and newsgroups are properly enforced.
Log and Block or Log Only You can configure the SonicWALL to log and block access to objectional Web sites, or
to log inappropriate usage without blocking Web access.
Filter Protocols In addition to filtering acces s to Web sites, the SonicWALL can also block Newsgroups,
ActiveX, Java, Cookies, and Web Proxies.
Logging and Reporting
Log Categories You can select the information you wish to display in the SonicWALL event log. You can
view the event log from the SonicWALL Web Management Interface or receive the log as an e-mail file.
Syslog Server Support In addition to the standard screen log, the SonicWALL can write extremely detailed
event log information to an external Syslog server. Syslog is the industry-standard method to capture information about network activity.
ViewPoint Reporting Monitoring critical network events and activity, such as security threats, inappropriate
Web use, and bandwidth levels, is an essential component of network security. SonicWALL ViewPoint compliments the SonicWALL security features by providing detailed and comprehensive reports of network activity. SonicWALL ViewPoint is a software application that creates dynamic, Web-based network reports. ViewPoint reporting generates both real-time and historical reports to offer a complete view of all activity through your SonicWALL Internet security appliance.
E-mail Alerts The SonicWALL can be configured to send alerts of high-priority events, such as
attacks, system errors , and blo cked Web s ite s. When these ev en ts occ ur, al erts c an be immediately sent to an e-mail address or e-mail pager.
Dynamic Host Configuration Protocol (DHCP)
Page 12 Soni cW A L L In t ern et Security A pp li an ce Us e r ’s Gu id e
DHCP Server The DHCP Server offers centralized management of TCP/IP client configurations,
including IP addresses, gateway addresses, and DNS addresses. Upon startup, each network client receives its TCP/IP settings automatically from the SonicWALL DHCP Server.
DHCP Client DHCP Client allows the SonicWALL to acquire TCP/IP settings (such a s IP address,
gateway address, DNS address) from your ISP. This is necessary if your ISP assigns you a dynamic IP address.
Installation and Configuration
Installation Wizard The SonicW ALL I n stal lat i on Wiz ar d he lps quickly install and co nfi gu re t he Sonic WALL.
Online help SonicWALL help documentation is built into the SonicWALL Web Management Interface
for easy access during installation and management.
IPSec VPN
SonicWALL VPN SonicWALL VPN provides a simple, secure tool that enables corporate offices and
business partners to connect securely over the Internet. By encrypting data, SonicWALL VPN provides private communications between two or mo re sites witho ut the expense of leased site-to-site lines. SonicWALL VPN comes standard with the SonicWALL TELE2, the SonicWALL PRO and the SonicWALL PRO-VX, and can also be purchased as an upgrade.
VPN Client Software for Windows Mobile users with dial-up Internet accounts can securely access remote network
resources with the SonicWALL VP N Client. The SonicWALL VPN Client establi shes a private, encrypted VPN tunnel to the SonicWALL, allowing users to transparently access network servers from any location. The SonicWALL PRO includes a single VPN client for secure remote managemen t. The Sonic WALL PRO-VX includes 50 VP N client licenses for remote management and remote access. Single, 10, 50 and 100 VPN client license packs can be purchased separately.
Introduction Page 13
Contact SonicWALL, Inc. for information about the Content Fi lter List , Netwo rk Anti - Virus subscriptions, and other upgrades.
Web: http://www.sonicwall.com E-mail: sales@sonicwall.com Phone: (408) 745-9600 Fax: (408) 745-9300
Page 14 Soni cW A L L In t ern et Security A pp li an ce Us e r ’s Gu id e
2 SonicWALL Installation
This chapter describes the procedure used to install yo ur SonicWALL and pe rform the i nitial configuration.
Inspecting the Package
The following items should be included in the package:
One SonicWALL Internet security appliance
One power supply (not included with International SonicWALL PRO or PRO-VX)
One Category 5 Ethernet crossover cable (labeled "Crossover")
One Category 5 Ethernet standard cable
One SonicWALL Quickstart Guide
One Companion CD
One SonicWALL Internet Se curity Appliance User's Guide
If an item is missing from the package, you can contact SonicWALL, Inc. by phone at (408) 752-7819 or submit a Web Support Form at <http://techsupport.sonicwall.com/ swtech.html>.
Overview
Here are a f ew helpful guidelines for installing the SonicWALL applian ce.
•The WAN Ethernet port should be connected to the Internet router or modem.
•The LAN Ethernet port should be connected to a network hub or switch on the internal, protected network.
•The DMZ Ethernet port, included with the SonicWALL XPRS2, the SonicWALL PRO and the SonicWALL P RO-VX, should b e connected to publicly accessible se rvers, such as Web and Mail servers.
A crossover cable should be used when co nne cting the SonicWALL dire ctly to another machine or router.
A standard Ethernet cable should be used when connecting the SonicWALL to a network hub, switch, or modem.
SonicWALL Internet Security Appliance User’s Guide Page 15
Connecting the SonicWALL to the Network
The following diagram illustrates how the SonicWALL is connected to the network:
The following steps describe integration of the SonicWALL into the network.
1. Connect the WAN Ethernet port on the back of the SonicWALL to the Ethernet port on your Internet router or modem. Use a crossover c able when connec ting the SonicW ALL to a router. Use a standard Ethernet cable when connecting to a modem or a hub.
2. Connect the LAN Ethernet port to your Local Area Network (LAN). Use a standard Ethernet cable when connecting the SonicWALL to a hub or switch. Use a crossover cable when connecting d irectl y to a computer.
3. Optional: Connect the DMZ Ethernet port to a hub or switch with a standard Ethernet cable. Or connect the DMZ port directly to a public server with a crossover cable.
4. Plug the SonicWALL power supply into an AC power outlet, then plug the power supply output cable into the port on the back labeled Power. Use the power adapter supplied with the SonicWALL, do not use another power supply.
Note: If you are inst alling a SonicWALL PRO o r a SonicWALL PRO-VX, connect the SonicWALL to an AC power outlet using a power cable. Then press the power switch to the On position.
5. The SonicWALL runs a series of self-diagnostic tests to check for proper operation. During the diagnostic tests, which take about 90 seconds, the Test LED remains on. Wait for the Test LED to turn off.
Verify that all used Link LEDs are illuminated. If not, go to Chapter 14 for troubleshooting tips. The SonicWALL is now properly attached to your netw ork.
SonicWALL Installation Checklist
SonicWALL Installation Pa ge 16
The SonicWALL requires i nforma tion abo ut the IP a ddress confi gurati on of y our netw ork. Your Internet Ser vice Provider (ISP) shou ld be able to provide this information . If you are unfamiliar with the terms used in the section, review Appendix B for networking basic terms and information.
WAN Gateway (Router) IP Address The WAN Gateway (Router) IP Address is the addre ss of the router that connects your
LAN to the Internet. If you have cable or DSL Internet access, the router is probably located at your ISP.
DNS Addresses The DNS Addresses are the addre sses o f Domain Na me Servers , ei ther on y our LAN or
the Internet. These addresse s are requir ed for down loading the Conten t F ilter Li st and for the DNS Name Lookup tool. The DNS ad dresses sho uld be supplied by your ISP.
Mail Server (Optional) The Mail Server address is the name or the IP address of the mai l server used to e-mai l
log messages; it can be a server on your LAN or the Internet. For best results , use the same server used on your LAN for e-mail.
If you are using Network Address Translation (NAT), then you also must have the following information:
SonicWALL WAN IP (NAT Public) Address The SonicWALL WAN IP (NAT Public) Address is the valid IP address that your entire
network uses to access the Internet. This address should be supplied by your ISP.
WAN/DMZ Subnet Mask The WAN Subnet Mask defines which IP addresses are connected to the WAN port of
the SonicWALL but not accessed through the WAN router. This subnet mask should be supplied by your ISP.
SonicWALL LAN IP Address The SonicWALL LAN IP address i s the addres s assigned to the SonicWAL L LAN port and
is used to manage the SonicWALL. It should be a unique I P address from your Local Area Network (LAN) address range.
LAN Subnet Mask The LAN Subnet Mask defines the range of IP addresses located on your LAN.
SonicWALL Internet Security Appliance User’s Guide Page 17
Performing the Initial Configuration
Setting up your Management Station
All management functions on the SonicWALL are performed from a W eb browser-based user interface. Management can be performed from any computer co nnected to the LAN port of the SonicWALL. The computer used for management is referred to as the Management Station.
The SonicWALL is pre-configured with the IP address “192.168.168.168", which is used to access it during initial configuration. During the initial configuration, it is necessary to temporarily change the IP address of your Management Station to one in the same subnet as the SonicWALL. For example, set the IP address of your Management Statio
“192.168.168.200". Restart the Management Station to activate the address change.
Note: Appendix D describes how to change the IP address of your Management Station.
Launching the Web browser
1. Open a Web Browser. Then type the default SonicWALL IP address, "192.168.168.168", into the Location or Address field in the Web browser.
Note: Your Web browser must be Java-enabled and support HTTP uploads in order to fully manage SonicWALL. Netscape Navigator 3.0 and above is recommended.
The first time you contact the SonicWALL, the SonicWALL Installation Wizard automatically launches and begins the installation process.
n to
The SonicWALL Installation Wizard simplifies the initial installatio n and con figuration o f the SonicWALL. The Wizard provides a series of menu-driven instructions for setting the administrator password and configuring the settings necessary to access the Internet.
Note: To bypass the Wizard, click Cancel. Then log into the Son icWALL Management Interface by entering the User Name "admin" and the Password "password".
SonicWALL Installation Pa ge 18
To configure you r SonicWALL appliance, read the in structions on the Wizard Welcome window and click Next to continue.
Setting the Password
Note: It is very important to choose a pass word which cannot be easily guessed by others.
2. To set the password, enter a new password in the New Password and Confi rm New Password fields.
This wind ow also di splays the Use SonicWALL Global Management System check box. SonicWALL Glo bal Management System (SonicWA LL GMS) is a web browser-ba sed securit y management system. SonicWALL GMS allows enterprises and service providers to monitor and manage hundreds of remote SonicWALLs from a central location. F or more information about SonicWALL GMS, contact SonicWALL Sales at (408) 745-9600.
3. Do not select the Use Global Management System check box unless your SonicWALL is remotely managed by SonicWALL GMS. Click Next to continue.
SonicWALL Internet Security Appliance User’s Guide Page 19
Setting the Time and Date
4. Select the appropriate Time Zone from the Time Zone menu. The SonicWALL internal clock is set automatically by a Network Time Server on the Internet. Click Next to continue.
Connecting to the Internet
The Connecting to the Internet screen lists the information requi red to complete the installat ion. You nee d instructi ons for o btaining an IP ad dress automa tically or IP address es from your ISP .
5. Confirm that you have the proper network information necessary to configure the SonicWALL to access the Internet. Click the hyperlinks for definitions of the networking terms. Click Next to proceed to the next step.
SonicWALL Installation Pa ge 20
Selecting Your Internet Connection
6. Select Assi gn ed yo u a sing le sta t ic IP ad dre ss , if your ISP has provided you with a single, valid IP address. Now go to Step 10.
7. Select the second option, Assigned you tw o or m or e IP ad dr esses , if your ISP h as provided you with two or more IP addresses. Either NAT or Standard mode can be enabled if your network has two or more valid IP addresses. If you select the second option, go to Step 11.
8. Select the third option, Provided you with desktop software, a user name, and password (PPP o E), if your ISP requires user name and password authentication as well as the installation of log in software. If you select the third option, go to Step 12.
9. Select the fourth option, Automatically assigns you a dynamic IP address (DHCP), if your ISP automatically assigns you an IP address from their DHCP server. Your SonicWALL enables NAT with DHCP Cli ent, a typi cal network addres sing mode for cable and DSL users. If you select the fourth option, go to Step 13.
Note: The SonicWALL Installation Wizard autodetects PPPoE and DHCP connections. Therefore, it may not be necessary to select from the above options.
Confirming Network Address Translation (NAT) Mode
If you se lect Assi gned you a sing le static I P address in the Connecting to the Internet window, the Use Network Address Translation (NAT) window is
displayed.
SonicWALL Internet Security Appliance User’s Guide Page 21
The Use Network Address Translation (NAT) window verifies that the SonicWALL has a registered IP address. To confirm this, click Next and go to Step 10.
Selecting Standard or NAT Enabled Mode If you selected Assigned you a single static IP Address in Step 6, the Optional-
Network Address Translation window is displayed.
10. The Optional-Network Address Translation (NAT) window offers the ab ility to enab le NAT. S elec t Don’t Use NAT if there are enough static IP addresses for your SonicWALL, all PCs, and all network devices on your LAN. Selecting Don’t Use NAT enables the Standard mode. Select Us e NAT if v alid IP addres ses are i n short s upply or to hide all devices on your LAN behi nd the SonicWALL valid IP address. Click Next to continue.
SonicWALL Installation Pa ge 22
Configuring WAN Network Settings
If you selected either NAT or Standard mode, the Getting to t he Int e rne t window is displayed.
11. Enter the valid IP address provided by your ISP in the Getting to the Inte rnet window. Enter the SonicWALL WAN IP Address, WA N/DMZ Su bnet Mask, WAN Gateway (Router) Address, and DNS Server Addresses. Click Next to continue. If NAT is disabled, go to Step 13. If Standard mode is s elected, go to Step 14.
Setting the User Name and Password for PPPoE If you select NAT with PPPoE in the Connecting to the Internet window, the
SonicWALL ISP Settings (PPPoE) wind ow is displayed
.
12. Enter the Use r Na me and Password provided by your ISP. The Password is case- sensitive. C lick Next and go to Step 13.
SonicWALL Internet Security Appliance User’s Guide Page 23
Confirming DHCP Client Mode
If you sel e ct DHCP in Step 6 , the Obtain an IP address automatically window is displayed.
13. The O btain an I P add ress autom atica lly window states that the ISP dynamically assigns an IP address to the SonicWALL. To confirm this, click Next and go to Step
15.
Configuring LAN Network Settings
14. The Fill in information about your LAN window allows the configuration of the SonicWALL LAN IP Address and the LAN Subnet Mask.The SonicWALL LAN IP Address is the private IP address assigned to the LAN port of the SonicWALL. The LAN Subnet Mask defines the range of IP addresses on the LAN. The default values
provided by the SonicWALL work for most networks. Enter the SonicWALL LAN settings and click Next to continue.
SonicWALL Installation Pa ge 24
Configuring the SonicWALL DHCP Server
15. The Optional-SonicWALL DHCP Server window configures the S onicWALL DHCP Server. If enabled, the SonicWALL automatically configures the IP settings of computers on the LAN. To enable the DHCP server, select the Enable DHCP Server check box, and specify the range of IP addresses that are assigned to computers on the LAN.
If the Enable DHCP Server check box is not selected, the DHCP Server is disabled. Click Next to continue.
Configurat io n Su m m a ry
16. The Configuration Summary window displays the configurati on defined using the Installation Wizard. To modify any of the settings, click Back to return to the Connect ing to the Internet w indow. If the configurat ion is correct, click Next to
proceed to the Congratulations window.
SonicWALL Internet Security Appliance User’s Guide Page 25
Congratulations
Note:The new SonicWALL LAN IP address, displayed in the URL field of the Congratulations window, is used to log in and manage the SonicWALL.
17. Click Resta rt to restart the Sonic WAL L. Restarting
Note:The final window provides important information to help configure the computers on
the LAN. Click Print this Page to print the window information.
The SonicWALL takes 90 sec onds to restart. During this time, the yellow Test LED is lit. Click Close to exit the SonicWALL Wizard.
SonicWALL Installation Pa ge 26
18. Reset the Management Station Information Reset the IP address of the Management Station according to the information
displayed in the final window of the Installation Wizard.
19. Log into the SonicWALL Management Interface Once the So nicWALL restarts, conta ct the S onicWALL Web Managem ent Interface at
the new SonicWALL LAN IP address. Ty pe the User Name “admin” and enter the new administrator password to log into the SonicWALL.
20. R egister the SonicWALL The Status window in the SonicWALL Web Management Interface di splays a link
to the online registration form. Registering the SonicWALL provides access to technical support, software updates, and information about new products. Once registered, you are eligible for a free one-month subscription to the SonicWALL Content Filter List and a 15-day trial of SonicWALL Network Anti-Virus.
SonicWALL Internet Security Appliance User’s Guide Page 27
3 Managing Your SonicWALL
This chapter contains a brief overview of SonicWALL management commands and functions. The commands and functions are accessed through the SonicWALL Web Management Interface. The co nfiguration is the same for all Son icWALL Internet security appliances; any exceptions are noted.
1. Log into the SonicWALL using a Web Browser
You can manage the SonicWALL from any computer connected to the LAN port of the SonicWALL using a Web browser. The computer used for management is referred to as the "Management Station".
Note: To manage th e SonicWALL, your Web browser must ha ve Java and Java
applets enabled and support HTTP uploads.
2. Open a Web browser and type the SonicWA LL IP address---initially, "192.168.168.168"---into the Location or Address field at the top of the browser. An Authentication window with a Password di alogue bo x is dis­played.
3. Type “admin” in the User Name field and the password previously defined in the Installation Wizard in the Password fiel d. Passwords are c ase-sensitiv e. Enter the password exactly as defined and click Login.
Note: All SonicWALLs are configured with the U ser Name “admin” an d the default Password “password”. The User Name is not config ura b le.
If you cannot log in to the SonicWALL, a cached copy of the page is displayed instead of the correct page. Click Reload or Refresh on the Web browser and try again. Also, be sure to wait until the Java applet has finished loading before attempting to log in.
Once the password is entered, an authenticated management session is established. This session times out after 5 minutes of inactivity. The default time­out can be increased on the Password window in the General section.
Page 28 Managing Your SonicWALL
Status
To view the Status tab, log into y our SonicWALL using your web browser. Click General and then click the Status tab.
Note: The SonicWALL Status window is displayed above. Each SonicWALL Internet security appliance displays unique characteristics, such as the presence of VPN acceleration hardware or a different amount of mem ory.
The Status tab displays the following information:
SonicWALL Serial Number - the serial number of the SonicWALL unit.
Number of LAN IP addresses all owed with this li cense - number of IP addresses that can be managed by the SonicWALL
Registration code - the registration code generated when the SonicWALL is registered at <http//www.mysonicwall.com>.
SonicWALL Active time - the length of time in days, hours and minutes that the SonicWALL is active.
Firmware version - shows the current version number of the firmware installed on the SonicWALL.
ROM version - the version number of the ROM.
CPU - the type and speed of the SonicWALL processor.
SonicWA LL Internet Se curity App li an c e Us er’ s Gu ide Page 29
Loading...
+ 164 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use