Manuel d'utilisation / d'entretien du produit 3 du fabricant SonicWALL
Aller à la page of 348
C OM P REHENSIVE INTERN ET S ECURI TY ™ SSSS S S o n i c W A L L S e c u r i t y A p p l i a n c e S onicOS Standard 3 . 0 Administrator's Guid e.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE i Chapter : T able of Content s T able of Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i Preface . . . . . . . . . . . . . . . . .
ii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Registering Your SonicWALL Security Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Before You Register . . . . . . . . . . . . . . . . . .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE iii Ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Process Monitor . . . . . . . . . . . . . . .
iv S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Chapter 13: Configuring S t atic Rout es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Network > Routing . . . . . . . . . . . . . . . . . . . . .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE v P ART 5: Wireless Chapter 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Y our WLAN127 Considerations for Using Wireless Connec tions . . . . . . . . . . . . . . . . .
vi S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Customize Login Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Custom Post Authentication Re direct Page .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE vii VPN > Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 0 2 VPN Global Settings . . . . . . . . . . . . . .
viii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents P ART 9: Users Chapter 41: Viewing User S tat us and Configuring User Authentication . . . . 249 User Level Aut hentication Overview . . . . . . . . . . . . . . . .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE ix Configuring SonicWALL Ne twork Anti-Virus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 Chapter 46: Managing SonicW ALL Gateway A nti-Virus Service.
x S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Appendix A:Using the SonicS etup Diagnostic and Recovery T ool . . . . . . . 313 SonicSetup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xi Chapter : Chapter : Preface Copyright Notice © 2004 SonicWAL L, Inc. All rights rese rved.
xii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Limited W arranty SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any case commencin g n.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xiii About this Guide About this Guide Welcome to the SonicWALL SonicOS Standard 3 .0 Administra tor’s Guide . This manual provides the information you ne ed to successfully activate, confi gure, and administer SonicOS Standa rd 3.
xiv S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Organization of this Guide The SonicOS Standard 3.0 Administr ator’s Guide orga nization is structured in to the following parts that parallel the top-level me nu items o f SonicWAL L Web -based mana gemen t interface.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xv About this Guide Part 9 Users This part explains ho w to cre ate and manag e a user data ba se on the So nicWALL se curity ap plian ce. and how to integrate the SonicWALL security applianc e with a RADIUS server for user auth entication.
xvi S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Guide Conventions The following Conventions used in this guide are as follows: Icons Used in this Manual These spe cial mess.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xvii SonicWALL Technical Support SonicW ALL T echnical Support For timely resolution of tech nical support questions, visit SonicWALL on the Internet at <http://www.sonicwall.com/ services/support.
xviii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Current Document ation Check the SonicWALL documentation Web site for that latest versio ns of this manual and all other SonicWALL p roduct documentation. http://www.sonicwall.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 1 P ART 1 Part 1 Introduction.
2 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
3 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1 Chapter 1: Introduction What’ s New in SonicOS S t andard 3.0 • Real-time Gatew a y An ti Virus (GA V) - Provides per packet virus scanning using a Dee p Packet Inspection version 2.
4 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction Note: Registration Admission Status (R AS) and In te rnet Locator Service (ILS) LDAP for H.323 is not supported on Soni cOS Standard 3.0. For H.323 RAS and ILS LDAP support on the Son icWALL TZ 170 Series, upgr ade your firmware to SonicOS En hanced 3.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 5 SonicWALL Management Interface Navigating the Management Interface Navigating the SonicWALL man agement interface includes a hierarchy of menu buttons on the navigation bar (left side of your browser window).
6 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction Stat u s B a r The Status bar at the bottom of the management interf ace window displays t he status of actions executed in the SonicWALL management inter face.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 7 SonicWALL Management Interface The table navigation bar includ es bu ttons for moving throug h table pages.
8 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction.
9 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2 Chapter 2: Basic SonicW ALL Security Appliance Setup SonicW ALL Security Appliance Configuration S tep s The chapter provides in structions for basic insta llation of the SonicW ALL security a ppliance running SonicOS Standard 3.
10 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup If Y ou Have DSL Your ISP is probably using PPPoE to dynamically authenticate your login an d assign an addr ess to your computer.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 11 Accessing the SonicWALL Security Appliance Management Interface Accessing the SonicW ALL Security Appliance Management Interface To a.
12 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup SonicW ALL TZ 50 Wireless/TZ 150 W ireless/TZ 170 Wir ele ss If you are configur.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 13 Using the SonicWALL Setup Wizard 4 Choose Static IP and click Next . 5 Enter the information provided by yo ur ISP in the following fields: SonicWALL WAN IP Address , WAN Subnet Mask , WAN Gateway (Router) Address , and DNS Server Addresses .
14 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup 9 Tip : The SonicWALL security appliance LAN IP address, di splayed in the URL field of the Setup Wizard Complete page, is used to log in and mana ge the SonicWALL secu rity app liance.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 15 Using the SonicWALL Setup Wizard 3 Select your local time zone from the Time Zone menu. Click Next . Note: Set the time zone correctly before you re gister your SonicWAL L security appliance.
16 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup 3 Select your local time from the Time Zone menu. Click Next . 4 Select PPTP . Click Next . 5 Enter the PPTP server IP address in th e PPTP Server IP Address field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 17 Using the SonicWALL Setup Wizard Configuring the TZ 170 SP using the Setup Wizard Configuring the SonicWALL TZ 17 0 SP security appliance using the Setup Wizard includes two additional pages for configur ing the SonicWALL TZ 170 SP’s mo dem.
18 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Configuring the TZ 50 Wireless/TZ 150 W ireless/170 Wireless using the Setup W i.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 19 Using the SonicWALL Setup Wizard Configuring W AN Settings 7 If you selected Static IP address , you must have your IP address inform.
20 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Configuring the TZ 50 Wirele ss/TZ 150 W ireless/TZ 170 Wireless as a Secure Acc.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 21 Using the SonicWALL Setup Wizard Configuring WiFiSec - VPN Client User Authentication 8 WiFiSec and Group VPN are automatically enab le d on the security applian ce using the default settings associated with each featur e.
22 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup PPPoE , if your ISP provided you with client software, a user name, and a passwor d. PPTP , if your ISP provided you with a server IP address, a user name, and password.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 23 Using the SonicWALL Setup Wizard Changing the Password 3 Type a new password in the New Password field. The passwor d should be a uniq ue combinatio n of letters, or number, or symbols, or a combination of all three fo r the most secure password.
24 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Congratulations! When the settings are applied to the security ap pliance, the Congratula tions page is displayed. Click Restart to complete the configura tio n.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 25 Registering Your SonicWALL Security Appliance 1 In the Security Services section on the System > Status page, click the Register link in Your SonicWALL is not registered. Click here to Regis ter your SonicWALL .
26 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Network Anti -Viru s - protects computers o n your ne twork from v iruses .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 27 P ART 2 Part 2 System.
28 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 29 System > Status C HAPTER 3 Chapter 3: V iewing System S t atus Information System > S t atus The Status page contains five sections : System Messages, System Informati on, Latest Alerts, Security Services, and Network Interfa ces .
30 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 3: Viewing System Status Information Wizards The Wizards button on the Sy stem > Status page prov ides access to th e SonicWALL Configuration Wizard .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 31 System > Status • Registration Code - the registration code is ge nerated when your SonicW ALL secu rity appliance is registered a t <https://www .mysonicwall.com> . Security Services If your SonicWALL security applian ce is not regi stered at mySonicWALL.
32 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 3: Viewing System Status Information Network Interfaces The Network Inte rfaces displa ys the IP address an d link information for interfaces on your SonicWALL security appliance.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 33 System > Licenses C HAPTER 4 Chapter 4: System > Licenses System > Licenses The System > Licenses page provides links to activate, upgr ade, or renew SonicWALL Security Services and upgrade s.
34 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses Node License S t atus Node licensing can be monitore d and controlled from the System > Licenses page. Th e Node License Status section displays the number of licensed nodes, and th e number of nodes curre ntly in use.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 35 System > Licenses You can clicking on the icon in the Exclude colu mn of the Currently Licensed Nodes t able to automatically add the entr y to the Node License Exclus ion List .
36 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses Manage Security Services Online To activate, upgrade, or renew services, click the link in To Activate, Upgrade, or Rene w services, click here . Click the link in To synchronize licenses with mySon icWALL.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 37 System > Licenses From a Computer Conn ected to the Internet 1 Make sure yo u have an account a t http://www.m ysonicwall.c om and yo ur SonicWAL L security appliance is registered to the account befor e proceeding.
38 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 39 System > Administration C HAPTER 5 Chapter 5: Using System Administration System > Administration The System > Administration page pr ovide s settings for the configuration of SonicWALL security appliance for secure and remote ma nagement.
40 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration Firewall Name The Firewall Name uniquely identifies the SonicWALL secur i ty appliance and defau lts to the serial number of the SonicWALL security applian ce.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 41 System > Administration W eb Management Settings The SonicWALL security applia nce can be managed using HTTP or HT TPS and a Web browser. Both HTTP and HTTPS are en ab le d by default.
42 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration Advanced Management Enable SNMP SNMP (Simple Network Ma nagement Proto col) is a network prot.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 43 System > Administration Enable Management Using SonicW ALL GMS To enable the SonicW ALL security ap plia n ce to be managed by SonicWALL Global Management System (GMS). Sele ct th e Enable Management using GMS checkbox, then click Configure .
44 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 45 System > Time C HAPTER 6 Chapter 6: Setting System T ime System > T ime The System > Time page defines the time and d ate se tt ings to time stamp log events, to automatically update SonicWAL L Security Se rvices, a nd for other internal purp oses.
46 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 6: Setting System Time Setting the SonicW ALL S ecurity Appliance Ti me To select your time zone and automatically up date the time, choose th e time zone from the Time Zone menu.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 47 System > Settings C HAPTER 7 Chapter 7: Configuring System Settings System > Settings The System > Settings pa ge includes features for ma nagi ng the SonicWALL security applian ce firmware and your custom pr eferences.
48 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 7: Configuring System Settings Export Settings To export configuration settings from the SonicWAL L security app liance, us e the instructio ns below: 1 Click Export Settings .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 49 System > Settings Firmware Management Settings The Firmware Manage ment table has the following columns: • Firmware Image - In this column, types of firmware images are listed: Current Firmware , firmware currently loaded on the SonicWALL security applian ce.
50 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 7: Configuring System Settings Firmware Management The Firmware Management tabl e has th e following columns: • Firmw are .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 51 System > Diagnostics C HAPTER 8 Chapter 8: Performing Diagnostic T est s and Rest arting the SonicW ALL Security Appliance System .
52 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance T ech Support Report The Tech Support Report .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 53 System > Diagnostics Diagnostic T ools You select the diagnostic tool from the Diagnostic Tools menu in the Diagnostic Tool secti on of the System > Diagnos tics page.
54 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance Check the Group box next to any two or more criter ia to combine th em with a logical OR .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 55 System > Diagnostics 2 The SonicWALL security applia nce queries the DNS Server and displays the result in the Result section. It also displays th e IP ad dr es s of th e D NS Ser ve r used to perform the query.
56 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance To 204.71.200.74 / 80 (02:00:cf:58:d3:6a) The SonicWA LL security ap pliance receives SYN from LA N client.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 57 System > Diagnostics Ping The Ping test bounces a packet off a ma chine on the Inter net and return s it to the sender. This test shows if the SonicWALL security appliance is able to contact the remote host.
58 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance System > Rest art Click Restart to display the Syst em > Restart page . The SonicWALL security appliance can be restarted from the Web Management interface.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 59 P ART 3 Part 3 Network.
60 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 61 Network > Settings C HAPTER 9 Chapter 9: Configuring Network Settings Network > Settings The Network > Settings page allows you to configure the yo ur network and Internet connectivity settings in the Interface table.
62 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Setup Wizard The Setu p Wizard button accesses the SonicWALL Setup Wizar d . offers a easy-to-use method for configuring your SonicWAL L security appliance for th e most co mmon Intern et conne ct ivity op tions.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 63 Network > Settings Interface Options by Soni cW ALL Security Appliance DNS Settings DNS (Domain Name System) is a hierarchical system for identifying hosts on the Int ernet or on a private, corpor ate TCP/IP inte rnetwork.
64 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring the W AN Interface The Mode menu in the Inter faces table for the WAN interface determines the network addre ss scheme of your SonicWALL security appliance.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 65 Configuring the WAN Interface Configuration Example Your ISP has given you a public IP address o f 66.2 17.71.191 and a range o f public IP addre ss from 66.217.71.192 to 66.21 7.71.200.
66 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring NA T Enabled If your ISP provides a static IP addre ss for your Internet connection, use the NAT Enabled . 1 Select NAT Enabled fr om the drop-down menu in the Mode column of th e Interfaces ta ble.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 67 Configuring the WAN Interface Configuring NA T with PPPoE Client The SonicWALL security applia nce can use Point-to-P oint Protocol over Ether ne t to connect to the Internet.
68 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring NA T with PPTP Client If your Internet connection is provide d through a PPTP server, you mu st configure the SonicWALL security appliance to use NAT with PPTP Client.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 69 Configuring the WAN Interface The WAN Interfa ce Settings information at the top of the Ethernet page is the Ethernet address of the WAN interface on th e SonicWALL security ap pliance.
70 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring the LAN Interface Basic LAN Configuration 1 Click on the edit icon in the Configure column of the LAN information. The LAN Pr operties window is displa yed.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 71 Configuring the OPT Interface Configuring Ethernet Settings The Ethernet tab in the LAN Properties window allows you to manage the Ethe rn et settings of LAN interface. Fo r most ne tworks, you do not n eed to make any chan ges on this page.
72 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring T ransp arent Mode Transpare nt Mode requires valid IP addresses for all computers on your networ k, and allows remote access to authenticated users.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 73 Configuring the DMZ Interface Configuring NA T Mode NAT Enabled mode gives the OPT inte rf ac e a single IP address an d a su bn et of ava ilab le IP address. The IP addresse s of devices connecting to the OPT interface ar e translated to the single OPT interface IP ad dr es s.
74 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring T ransp arent Mode Transpare nt Mode requires valid IP addresses for all computers on your networ k, and allows remote access to authenticated users.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 75 Configuring the Modem Interface (TZ 170 SP) Configuring NA T Mode NAT Mode gives the DMZ interfa ce a single IP address and a subnet of available IP address. The IP addresses of devices connecting to the DMZ interf ace ar e translated to the single DMZ interface IP address.
76 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Settings Modem Settings Speaker Volume - choose On or Of f for your modem speaker volume.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 77 Configuring the Modem Interface (TZ 170 SP) Failover The Failover page in the Modem Setting window inclu des the same settings on the Modem > Failover page. If you con figured the failover setti ngs on the Modem > Fail over page, they are displayed in the Fa ilover page.
78 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings value. In this case, the WAN failover only o ccurs when loss of the physical WAN Ethernet connection occurs on the SonicWALL secur ity appliance.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 79 Configuring WLAN Properties (TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless) Configuring WLAN Properties (TZ 50 Wireless/TZ 150 W ire.
80 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings • SSID : Enter a recognizable str i ng for the SSI D for the SonicWAL L TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless security applianc e. This is the name that w ill appear in clients’ lists of available wireless connections.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 81 Network > One-to-One NAT C HAPTER 10 Chapter 10: Configuring One-to-One NA T Network > One-to-One NA T One-to-One NAT maps valid, external addresses to private addresses hidden b y NAT.
82 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 10: Configuring One-to-One NAT 4 Enter the beginn i ng IP add re ss of the va lid ad dr e ss rang e be in g ma pp e d in the Public Range Begin field. This address sh ould be assigned by your ISP and be in the same logica l subnet as the NAT public IP address.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 83 Network > One-to-One NAT 10 Configure the following settings: • Allow • Service - HTTP • Source - W AN • Destination - LAN 192.1 68.1.10 - 192.168.1.12 In the Options tab, select always from the Apply this Rule menu.
84 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 10: Configuring One-to-One NAT.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 85 Network > Web Proxy C HAPTER 11 Chapter 11: Configuring W eb Proxy Settings Network > W eb Proxy A Web proxy server inter cepts HTTP requ ests and de te rmines if it has store d copies of the r equested Web pages.
86 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 11: Configuring Web Proxy Settings Configuring Automatic W eb Proxy Forwarding S Alert: The prox y server mu st be locate d on the WAN ; it can no t be locate d on the LAN. To configure a Proxy Web sever, select the Network > Web Proxy page.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 87 Network > Intranet C HAPTER 12 Chapter 12: Configuring Intranet Settings Network > Intranet The SonicWALL se curity appl iance can be configured as an Intrane t firewall to prevent networ k users from accessing sensitive servers.
88 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 12: Configuring Intranet Settings Inst allation 1 Connect the LAN Ethernet po rt on the back of t he SonicWALL secu rity appliance to the network segment to be protected again st unauthorized access.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 89 Network > Routing C HAPTER 13 Chapter 13: Configuring S tatic Routes Network > Routing If you have routers on your LAN o r WAN, you c an co nfigure static routes on the SonicWALL security appliance using the settings on the Network > Routing page.
90 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 13: Configuring Static Routes S t atic Routes Static Routes are configured wh en network traffic is directed to subnets located behind routers on your network. For in stance, you have a r outer on your netwo rk with the IP address of 192.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 91 Network > Routing If you have an Intern al (L AN) ro ut er on your ne t work with th e IP addre ss of 192.168.168.254, and there is another subnet on your network with IP address range of 10.
92 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 13: Configuring Static Routes 2 Select one of the following types of RIP Advertisements: RIPv1 Enabl ed - RIPv1 is the first version of Routing Inform ation Pro tocol.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 93 Network > ARP C HAPTER 14 Chapter 14: Configuring Address Resolution Protocol Settings Network > ARP The ARP (Address Resolution Protocol) Cache stores IP or logical addresse s received from ARP replies in order to minimize the numbe r of ARP broadcasts on a network.
94 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings S t atic ARP Entries The Static ARP featur e allows for static mappi ng.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 95 Network > ARP Consider the followin g ne tw ork example : With SonicOS Standard, although it is not possible to create a NAT rule for a secondar y subnet on the DMZ (or OPT) interface, it is poss ible to support the secondary subnet in a routed configuration.
96 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings Navigate to the Network > Routing page, an d add a sta tic route for the 19 2.168.50 .0/24 netw ork as follows: The entry will appear in the table as follows: To allow the traffic to reach the 192.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 97 Network > ARP After adding the static ARP en try for the router, ma rk the checkbox next to the WAN interface in the 'Prohibit dynamic ARP en tries' area. Click the OK button in the alert dial og to proceed.
98 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 99 Network > DHCP Server C HAPTER 15 Chapter 15: Configuring the DHCP Server Network > DHCP Server The SonicWALL security applia nce DHCP Server distributes IP addre sses, subnet masks, gateway addresses, and DNS server ad dresses to the computers on yo ur network.
100 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 15: Configuring the DHCP Server DHCP Server Lease Scopes The DHCP Server Lease Scope s table displays the cur rently config ured DHCP IP r anges. Th e table shows: • Ty p e : Dynamic or Stat i c • Lease Scope : The IP addre ss range, fo r examp le 172.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 101 Network > DHCP Server 10 Click the DNS/WINS tab to continue configuring the DHCP server. 11 If you have a domain name for the DNS Server, en ter it in the Domain Name field. 12 Inherit DNS Settings Dynamically from the SonicWAL L’s DNS Settings is selected by default.
102 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 15: Configuring the DHCP Server 4 Enter the device IP address in the Static IP Ad dress field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 103 Network > Dynamic DNS C HAPTER 16 Chapter 16: Configuring Dynamic DNS Network > Dynamic DNS Dynamic DNS (DDNS) is a service pr.
104 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS Additional Services offere d by Dynamic DNS Providers Some common additional services offered by Dynamic DNS providers include : • Wildcards - allows for wildcard referenc es to sub-domains.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 105 Network > Dynamic DNS Configuring Dynamic DNS Using any Dynamic DNS service begi ns with settings up an account with the DDNS service provider (or provide rs) of your cho ice. It is p ossible to us e multiple providers simultane ously.
106 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS Specify IP Address manually - Allows fo r the IP address to be registered to be manua lly specified and asserted.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 107 Network > Dynamic DNS Dynamic DNS Settings T able The Dynamic DNS Settings table provides a table view of configured DDNS profiles. Dynamic DNS Settings tab le includes the following columns: • Profile Name - The name assigned to the DDNS entry duri ng its creation.
108 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 109 P ART 4 Part 4 Modem.
110 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 111 Modem > Status C HAPTER 17 Chapter 17: V iewing Modem S t atus Modem > S t atus The Status page displays dialup connection infor mation when the modem is active.
112 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 17: Viewing Modem Status Modem S t atus In the Modem Status section, the current a ctive network information from your ISP .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 113 Modem > Settings C HAPTER 18 Chapter 18: Configuring Modem Settings Modem > Settings The Modem > Settings page lets you selec t from a lis t of modem profiles, select the volume of the modem, and also configur e AT commands for modem initialization.
114 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 18: Configuring Modem Settings Configuring Profile and Modem Settings To configure the SonicWALL security ap plia nce modem settings, perform the following steps: 1 Select the volume of the mode m from the Speaker Volume menu .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 115 Modem > Failover C HAPTER 19 Chapter 19: Configuring Modem Failover Modem > Failover To improve the operational availability o.
116 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 19: Configuring Modem Failover Before you configure your Modem Failov er Settings , create your dial up profiles in the Modem Profile Configuration window, which you access from th e Modem > Di alup Prof iles page.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 117 Modem > Advanced C HAPTER 20 Chapter 20: Configuring Advanced Modem Settings Modem > Advanced The Modem > Adva nced page allows you to configur e the modem to be remotely tr iggered to dialout.
118 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 20: Configuring Advanced Modem Settin gs.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 119 Modem > Dialup Profiles C HAPTER 21 Chapter 21: Configuring Modem Dialup Properties Modem > Dialup Profiles The Modem > Dialup Profiles page allows you to configure modem profiles on the SonicWALL security applianc e using your dial-up ISP inform ation for the co nnection.
120 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties Configuring a Dialup Profile In the Modem > Dia lup Profiles page, click th e Add button. The Modem Prof ile Configuration window is displayed for configuring a dia lup profile.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 121 Modem > Dialup Profiles > Modem Profile Configuration 8 Click the ISP Address tab. 9 In the ISP Address Setting secti on, sel ect Obtain an IP Address Au tomatically if you do not have a permanent dialup IP addre ss from your ISP.
122 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties • Dial on Dat a - Using Dial on Dat a require s that outbound data is detected before t he modem dials the ISP .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 123 Modem > Dialup Profiles > Modem Profile Configuration 20 Click on the Schedule tab. 21 Select Limit Times for Dialup Profile to specify the scheduled times the mo dem is allowed to make connections.
124 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties The next line has OK as the expected string, and the interpret ers waits for OK to be returned in response to the previous comman d, ATV1 , before continuing the scr ipt.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 125 P ART 5 Part 5 W i reless.
126 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 127 C HAPTER 22 Chapter 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Yo u r W L A N The SonicWALL T Z 50 Wireless/TZ 1 50 Wireless/TZ 70 Wireless support two wireless protocols called IEEE 802.
128 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Considerations for Using Wireless Connections • Mobility - if the majority of your network is laptop co mpu ters, wirele ss is mo re por t able than wire d connections.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 129 Optimal Wireless Performance Recommendations Optimal Wireless Performance Recommendations • Place the TZ 50 Wireless/TZ 150 Wireless/TZ 1 70 Wireless near the ce nter of your intended net- work.
130 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Wireless Node Count Enforcement Users on the WLAN are not counted to wards the nod e enforcement on the Son icWALL.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 131 Using the Wireless Wizard Using the Wireless W izard You can use the Wireless Wizard to quickly an d eas ily set up your wireless network. Log into th e TZ 50 Wireless/TZ 150 Wireless/TZ 17 0 Wireless, and click Wireless on the menu bar.
132 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN WLAN 802.1 1b Settings 3 Type a unique identifier for the TZ 50 Wirele ss /TZ 150 Wireless/TZ 17 0 Wireless in the SSID field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 133 Using the Wireless Wizard WiFiSec - VPN Client User Authentication 5 Create a new user with VPN Client privileges by typing a user name and password in the User Name and Password fields.
134 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Wireless Configuration Summary 7 Review your wireless setting s for accuracy. If you want to make changes, click Back until the settings are disp la ye d.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 135 Wireless > Status Congratulations 9 Congratulations! Yo u have successfully c ompleted configur ation of your wireless s ettings.
136 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN WLAN Settings In addition to providing different.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 137 Wireless > Status WLAN S t atistics S t ation St atus The Station Status table displays in formation about wirele s s connections associated with the TZ 50 Wireless/TZ 150 Wirele ss/TZ 170 Wireles s.
138 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN • Associ ated - status of 802.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 139 Wireless > Settings C HAPTER 23 Chapter 23: Configuring Wireless Settings Wireless > Settings The Wireless > Settings page allows you to configur e your wireless settin gs.
140 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings Note: WPA support is only available in Access Point Mode. WPA suppor t is not available in Bridge Mode. Wireless Settings Enable WLAN Radio : Enable the TZ 50 Wireless/TZ 15 0 Wire less/TZ 170 Wireless radio for wir eless connections.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 141 Wireless > Settings • 802.1 1g Only - If your wireless network consist s only of 802.1 1g clients, you may select this m ode for increased 802.1 1g performance. Y ou may also se lect this mode if you wish to prevent 802.
142 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings Configuring a Secure Wireless Bridge When switching from Access Point mode to Wireless Bridge mode, all clients are disconnected, and the navigation panel on the left changes to reflect the new mode of operation.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 143 Wireless > Settings Network Settings for the Example Network Wireless Bridging (without W iFiSec) To provide compatibility with o.
144 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings Referring to our example network, the Access Point TZ 170 Wireless has the following two VPN Policies defined: Advanced Configuration for both VPN Policies 1 Click Advanced .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 145 Wireless > Settings 7 Click OK to close t he window , and then click Apply for the settings to tak e effect on the SonicWALL. Wireless Bridge VPN Policy The Wireless Bridge VPN Polic y is configured a s follows: 1 Click VPN , then Configure .
146 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 147 Wireless > WEP/WP A Encryption C HAPTER 24 Chapter 24: Configuring WEP and WP A Encryption Wireless > WEP/WP A Encryption Wire.
148 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 24: Configuring WEP and WPA Encryption WEP Encryption Settings Open-system auth en tication is th e only m ethod r equired by 802.11b. In op en- system au thentication, the SonicWALL allows the wireless client access without verifying its identity.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 149 Wireless > WEP/WP A Encryption WP A-PSK Settings Encryption Mode : In the Authenticat ion Type field, select WPA-PSK . WPA Settings : • Cypher T ype : s elect TKIP . T emporal Key Integr ity Protoco l (TKIP) is a protocol for enforcing key integrity on a per-packet basis.
150 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 24: Configuring WEP and WPA Encryption WP A Settings: • Cypher T ype : select TKIP . T emporal Key Integrity Protocol (TKIP) is a protocol for enforcin g ke y integrity on a per-p acket basis.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 151 Wireless > Advanced C HAPTER 25 Chapter 25: Configuring Advanced Wireless Settings Wireless > Advanced To access Advanced co nfiguratio n setting s for th e T Z 50 Wir eless/T Z 150 Wirele ss/TZ 170 Wir eless, log into the SonicWALL, click Wireless , and then Advanced .
152 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 25: Configuring Advanced Wireless Settings Wireless Client Communications 1 Enter the number of clients to associate with the TZ 50 Wireless/TZ 150 Wir eless/TZ 170 Wireless in the Maximum Client Associations field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 153 Wireless > Advanced antenna should then be co nnected to the RP-T NC type connector near the power- socket. This antenna is not used exclusively for transmitting a nd receiving. Select High from the Transmit Power menu to se nd the strongest si g nal on the WLAN.
154 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 25: Configuring Advanced Wireless Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 155 Wireless > MAC Filter List C HAPTER 26 Chapter 26: Configuring the MAC Filter List Wireless > MAC Filter List Wireless network.
156 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 26: Configuring the MAC Filter List 5 Click OK to add the MAC address. Once the MAC addr ess is added to th e MAC Address List , you can select Allow or Block next to the entry.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 157 Wireless > IDS C HAPTER 27 Chapter 27: Configuring Wireless IDS Wireless > IDS Wireless Intrusion Detectio n Services (WIDS) g.
158 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 27: Configuring Wir eless IDS Access Point IDS When the Radio Role of the TZ 50 Wireless/TZ 150 Wi reless/TZ 170 Wireless i.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 159 Wireless > IDS Active scanning occurs wh en the TZ 5 0 Wireless/TZ 150 Wirel ess/TZ 170 Wireless starts up, and at any time Scan Now is clicked on the Wireless > IDS page.
160 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 27: Configuring Wir eless IDS.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 161 P ART 6 Part 6 W ireless Guest Services.
162 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 163 WGS > Status C HAPTER 28 Chapter 28: V iewing Wireless Guest Services S tatus Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN .
164 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 28: Viewing Wireless Guest Services Status.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 165 WGS > Settings C HAPTER 29 Chapter 29: Configuring Wireless Guest Services Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN .
166 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services Byp ass Guest Authentication Bypass Guest Authentica tion allows a TZ 50 Wireless/TZ 15 0 Wireless/TZ 170 Wireless running WGS to integrate into environ ments already using some form of user-level authenticatio n.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 167 WGS > Settings Enable SMTP Redirect Enable SMTP Redirect causes SMTP traffic coming in from a guest account to be redirected to the SMTP server you specify. Chec k Enable SMTP Redirect and click the Configure button in the sa me line.
168 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services supernetting (e .g. enteri ng 192. 168.0.0/255.255 .240.0 to cove r individual class C networks 192.168.0.0/24 throug h 192.168.15.0/24).
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 169 WGS > Settings 4 Select Specify URLs for custom conte nt if you have graphics or text available on a web server to use at the header and foot er of the login pag e. Enter the URLs for the content in the Custom Header URL and Custom Footer URL fields.
170 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services Enable Account : Check this for all guest accounts gene rate d from this profile to be enabled upon creation. Auto-Prune Ac count : Check this to have the account removed from the da tabase after its lifetime expires.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 171 WGS > Accounts C HAPTER 30 Chapter 30: Managing Wireless Guest Account s Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN .
172 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts Automatically Generating Guest Account s You can generate a specifie d number of guest accounts. 1 Under the list of accounts, click Generate .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 173 WGS > Accounts Manually Configuring Wireless Guest s To configure new wireless guest accoun ts, click Add .
174 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts Flexible Default Route Previously, network traffic from the LAN and WLAN was directed to the WAN interface.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 175 WGS > Accounts To configure routing on the TZ 50 Wirele ss/TZ 150 Wireless/TZ 170 Wireless to suppor t the above example, clic k Network and then Routing . 1 Under Default Ro ute , click Configure .
176 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts The example above describes a moderately com plex network configur ation where the TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless offers both WiFiSec and WGS access via a default route on LAN.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 177 P ART 7 Part 7 Firewall.
178 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 179 Network Access Rules Overview C HAPTER 31 Chapter 31: Configuring Network Access Rules Network Access Rules Overview Network Access .
180 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules Using Bandwid th Management with Access Rules Bandwidth management allows you to assign guaranteed and maxim um bandwidth to service s and also set priorities for outbound traffic.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 181 Firewall > Access Rules Navigating and Sorting the Access Rules T able Entries The Access Rules table pr ovides easy pagination for vie wing a large number of VPN policies.
182 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules 3 You can add an optional text in the Comment field. This informatio n is displayed in the Options column of the Access Rules table. Click Next .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 183 Firewall > Access Rules 5 Select Allow action to allow the service to the network , or select Deny to disallow the service to the network. 6 Enter a value in minutes in the Inactivity Time out (minutes) field.
184 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules address, enter “*” in th e IP Addr ess Begin field. By typing “ * ” in the field, all traffic using the service is either allowe d or denied to all comp uters on the network.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 185 Firewall > Access Rules 5 If you want to define the source IP addresses that are af fe cted by the rule, such as restricting cert.
186 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules 14 Click th e Bandwidth tab. 15 Select Bandwidth Management , and enter the Gu aranteed Bandwidth in Kbps. 16 Enter the maximum amount of bandwidth ava ilable to the Rule at any time in the Maximum Bandwidth field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 187 Firewall > Access Rules Rule Examples The following examples illustrate methods for creating Network Access Rules. Blocking LAN Access for Specific Services This examp le shows h ow to block L AN acces s to NNTP servers on the Internet during business hours.
188 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 189 Access Rules > Advanced C HAPTER 32 Chapter 32: Configuring Advanced Rule Options Access Rules > Advanced Click Advanced underneath Access Rules.The Advanced Rule Options page is displayed.
190 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 32: Configuring Advanced Rule Options Detection Prevention Enable Stealth Mode By default, the SonicWALL security appliance resp ond s to incoming connection requests as eithe r “blocked” or “open”.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 191 Firewall > Services C HAPTER 33 Chapter 33: Configuring Custom Services Firewall > Services Services are anything a server pr ovides to o ther computers. A service can be as simple as the computer asking a server for the correct time (NTP ) and the server returns a response.
192 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 33: Configuring Custom Services 1 Click Add . The Add Service window is displa yed. 2 Enter the name of th e ser vic e in the Name field. 3 Enter the port number or number s that apply to the service in the Port Range fields.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 193 Firewall > VoIP C HAPTER 34 Chapter 34: Configuring V oIP Firewall > V oIP The SonicWALL security applia nce supports the mo st widely used VoIP st andard protocols and the most commonly used VoIP vendors and systems on the ma rket.
194 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 34: Configuring VoIP H.323 H.323 is a comprehensive suite of pro tocols for voice, vide o, and data communications betwe en computer s, terminals, network d evices, an d network s ervices.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 195 Firewall > VoIP Configuring the V oIP Settings The SonicWALL security applia nce allows VoIP p hone and applications to be deplo ye d behind the firewall. The Firewall > VoIP page includes the settings for suppo rting VoIP traffic on the SonicWALL security appliance.
196 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 34: Configuring VoIP.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 197 Firewall > Connections Monitor C HAPTER 35 Chapter 35: Monitoring Active Firewall Connections Firewall > Connections Monitor The Firewall > Connections Monito r page provides you the filterin g controls to query log even t messages based on your configu red filter logic.
198 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 35: Monitoring Active Firewall Connections Setting Filter Logic By default, the SonicOS filter logic is set to “P riority && Category && S ource && Destination.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 199 P ART 8 Part 8 VPN.
200 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 201 SonicWALL VPN Options Overview C HAPTER 36 Chapter 36: Configuring VPN Settings SonicW ALL VPN Options Overview The SonicWALL security applia nce can be configured to support remote VPN clients and/or site -to- site VPN connections between offices.
202 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings VPN > Settings The VPN > Settings page provides the SonicWALL fe atures for configuring site-to-site VPN connections and clie nt VPN connectio ns.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 203 Configuring GroupVPN Policy on the SonicWALL Navigating and Sorting the VPN Policies Entries The VPN Policies table provides easy pagina tion for vie wing a large number of VPN policies.
204 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Configuring IKE Preshared Secret To edit the default settings for GroupVPN, follow these ste ps: 1 Click the edit icon in the GroupVPN entry. The VPN Policy window is displayed.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 205 Configuring GroupVPN Policy on the SonicWALL In the IKE (Phase 1) Proposal section, select the following settings: Group 2 from the DH Group menu. 3DES from the Encryption menu SHA1 from the Authentication menu Leave the default setting, 28800, in the Life Time ( secs) field.
206 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Forward Packets to Remote VPNs - allows the remote VPN t unnel to participate in the SonicWALL routing table. Inboun d traffic is decrypt ed and can be forwarded to a remote site via another VPN tunnel.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 207 Configuring GroupVPN Policy on the SonicWALL Single Session - The user will be prompted for us ername and password each time the connection is enabled and will be valid until the connection is disabled .
208 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Configuring GroupVPN with IKE 3rd Party Certificates To configure your GroupVPN policy with IK.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 209 Configuring GroupVPN Policy on the SonicWALL 6 Click on the Proposals tab. 7 In the IKE (Phase 1) Proposal section, select the following settings: Group 2 from the DH Group menu. 3DES from the Encryption menu.
210 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 9 Click on the Advanced tab and select any of the following opt io nal settings that you want .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 211 Configuring GroupVPN Policy on the SonicWALL VPN Terminated at the LAN, OPT/ DMZ/WLAN, or LAN/OPT/DMZ/WLAN - Selecting this option allows you to terminate a VPN tunnel on a specific destination in stead of allowing the VPN tunnel to terminate on the entire Son icWALL netwo rk.
212 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings DHCP Lease or Manual Configurat ion - When the G VC connec ts to the SonicWALL, the policy.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 213 Site to Site VPN Configurations Export a GroupVPN Client Policy If you want to export the Gl obal VPN Client configuration settings .
214 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings • Branch Office (Gateway to Gateway) - A SonicW ALL is configured to connect to another Son- icW ALL via a VPN tunnel. Or , a SonicW ALL is conf igured to connect via IPSec to anoth er manu- facturer’s firewall.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 215 Site to Site VPN Configurations If Preshared Secret, Shared Secret:__________ _________ Phase 1 DH - 1 2 5 SA Lifetime 28800 or ____.
216 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Creating a T ypical IKE Preshared Secret VPN Policy You can create a Typical VPN policy using the VPN Policy W izard to configure an IPSec VPN security associ ation betwe en two So nicWALL appliances.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 217 Site to Site VPN Configurations Qualified Domain Name of th e remote destinati on in the IPSec Gateway Name or Addre ss field. Click Next . 4 Enter the IP address of the network pr otected by the remote Soni cWALL in the Remote Network field.
218 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Qualified Domain Name of th e remote destination in the IPSec Gateway Name or Address field. Click Next . 4 Enter the IP addres s of the network protected b y the remote SonicWALL in the Remote Network field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 219 Site to Site VPN Configurations Qualified Domain Name of th e remote destinati on in the IPSec Gateway Name or Addre ss field. Click Next . 4 Enter the IP address of the network pr otected by the remote Soni cWALL in the Remote Network field.
220 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Select an encryption method from the Enc ryption list for the VPN tunnel. If netw ork speed is preferred, then se lect DES . If network security is preferred, select 3DES .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 221 Site to Site VPN Configurations Configuring a VPN Policy IKE with Preshared Secret To manually configu re a VPN Policy using IKE with Preshared Secr et, follow the steps below: 1 In the VPN > Settings page, click Add .
222 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 8 Click th e Proposals tab. 9 In the IKE (Phase 1) Propos al section, the default setti ngs offer a secure connection configurat ion , ho we ve r, th e set tin gs can be modif ied to reflect y our pr ef er en ce s.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 223 Site to Site VPN Configurations 11 Click the Advanced tab. Select any optional configuration options you want to apply to your VPN policy in the Advanced Settings section.
224 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings VPNs check box.Traffic can travel from a branch office to a bran ch office via the corpor ate office.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 225 Site to Site VPN Configurations can be used as a valid key. I f this key is used, it must also be entered in the Authentication Ke y field in the remote SonicWALL. If authentication is not used, this field is ignored.
226 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 3 Type a Name for the Security Associat ion in the Name field. 4 Type the IP address or Fully Qualified Do main Name (FQDN) of the primar y remote SonicWALL in the IPSec Primary Gatewa y Name or Address field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 227 Site to Site VPN Configurations 11 Click the Advanced tab. Select any optional configuration options you want to apply to your VPN policy in the Advanced Settings section.
228 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 229 VPN > Advanced C HAPTER 37 Chapter 37: Configuring Advanced VPN Settings VPN > Advanced The VPN > Advanced page includes optional settings that affect all VPN policies.
230 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 37: Configuring Advanced VPN Settings keep alive that act s as a “hea rtbea t” se nt by the VPN de vice behind the NA T or NAPT device. The “keepalive” is silently discarded by the IPSec peer .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 231 VPN > Advanced VPN Bandwid th Management Bandwidth management is a means of allocating ban d width resources to critical applications on a network. The VPN Bandwidth Management section allows you to define th e amount of outboun d VPN traffic allowed from the SonicWALL.
232 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 37: Configuring Advanced VPN Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 233 VPN > DHCP ov er VPN C HAPTER 38 Chapter 38: Configuring DHCP Over VPN VPN > DHCP over VPN The VPN > DHCP over VPN page allows a Host (DHCP Client ) behind a SonicWALL obtain an IP address lease from a DHCP server a t the other end of a VPN tunnel.
234 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 38: Configuring DHCP Over VPN Configuring the Central Ga teway for DHCP Over VPN To configure DHCP over VPN for the Central Gateway , use the follow ing steps: 1 On the DHCP over VPN page, sele ct Central Gateway from the DHCP Relay Mode menu.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 235 VPN > DHCP ov er VPN Configuring DHCP over VPN Remote Gateway 1 Select Remote Gateway from the DHCP Relay Mode menu. 2 Click Configure . The DHCP over VPN Configuration window is displayed.
236 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 38: Configuring DHCP Over VPN Device Configuration 1 To configure devices on your LAN, click the Devices tab.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 237 VPN > L2TP Server C HAPTER 39 Chapter 39: Configuring L2TP Server Settings VPN > L2TP Server You can use Layer 2 Tunne ling Protocol (L2TP) to create VPN over public networks su ch as the Internet.
238 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 39: Configuring L2TP Server Settings To enable L2TP Server functionality on the SonicWALL , select Enable L2TP Serv er . Then click Configure to display the L2TP Server Configur ation window.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 239 VPN > L2TP Server Currently Active L2TP Sessions • User Name - the user name assig ned in the local user dat abase or the RADIUS user dat abase. • PPP IP - the source IP addr ess of the connection.
240 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 39: Configuring L2TP Server Settings.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 241 Digital Certificates Overview C HAPTER 40 Chapter 40: Managing Certificates Digit al Certificates Overview A digital certificate is an electron ic means to ve rify identity by a trusted third party known as a Certificate Authority (CA).
242 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates VPN > Local Certificates After a certificate is signed by th e CA and returned to you, you can impor t the certificate into the SonicWALL to be used as a Local Certificate for a VPN Security Association.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 243 VPN > Local Certificates Delete This Certificate To delete the certificate, click Delete This Certificate . You can delete a certificate if it has expired or if you decide not to use third party certificates for VPN auth entication.
244 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates VPN > CA Certificates Importing CA Certificates into the SonicW ALL After your CA service has validat ed your CA Certif icate , you can import it into the So nicWALL and use it to validate Local Certificates for VPN Security Associations.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 245 VPN > CA Certificates Certificate Revocation List (CRL) A Certificat e Revocation List (CRL) is a way to check the validity of an existing certificate. A certificate may be inva lid for several reasons: • It is no longer needed.
246 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 247 P ART 9 Part 9 Users.
248 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 249 User Level Authentication Overview C HAPTER 41 Chapter 41: V iewing User S t atus and Configuring User Authentication User Level Aut.
250 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication Active User Sessions The Active User Sessions table lists the User Name , the IP Address of the user, the Session Time , Time Remaining of the session, and the Inactivity Remaining time.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 251 Users > Settings Global User Settings The settings listed below ap ply to all users when authenticated thro ugh the SonicWALL security appliance.
252 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication field, then click Add . T o add an IP add ress range, e nter the range st arting IP a ddress in the first field and the length of the ran ge in the next fiel d (up to th e last three numbers o f the IP a ddress.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 253 Users > Settings Configuring RADIUS Authentication To enable the SonicW ALL security ap plia n ce to use auth e nt icat ion fro m a RADI US ser ve r, fo llow these steps: 1 Select Use RADIUS for user authentication .
254 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication 11 Click th e RADIUS Users tab.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 255 Users > Settings 14 Type in a valid user name in the User field, and the password in the Password field. 15 Click Test . If the validation is successful, the Status messages changes to Success .
256 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 257 Users > Local Users C HAPTER 42 Chapter 42: Configuring Local Users Users > Local Users Add local users to the SonicWALL securi ty appliance internal datab ase. Click Add User to display the Add User configuration window.
258 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 42: Configuring Local Users Adding a Local User 1 Create a user name and type it in the User Name field.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 259 P ART 10 Part 10 Security Services.
260 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 261 SonicWALL Security Services C HAPTER 43 Chapter 43: Managing SonicW ALL Security Services SonicW ALL Security Services SonicWALL, In c. offers a v ariety of subscription-based security serv ices to provide layered se cu rity for your networ k.
262 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 43: Managing SonicWALL Security Services mySonicW ALL.com mySonicWALL.com delivers a convenient , one-stop resource for registra tion, activation, and management of your SonicWALL products and serv ices.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 263 Security Services > Summary Security Services > Summary The Security Services > Summary page lists th e available SonicWALL secu rity services and upgrades available fo r your SonicWALL secu rity appliance and pro vides access to mySonicWALL.
264 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 43: Managing SonicWALL Security Services If Y our SonicW ALL Security Appliance is Not Registered If your SonicWALL security appliance is not registered, the Security Services > Summary page does not include the Services Summary table.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 265 SonicWALL Content Filtering Service C HAPTER 44 Chapter 44: Configuring SonicW ALL Content Filtering Service SonicW ALL Content Filt.
266 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Security Services > Content Filter The Security Servic es > Conte.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 267 Security Services > Content Filter 1 Click the SonicWALL Content Filtering Subscr iption link on the Security Ser vices > Content Filtering page. The mySonicWALL.com Login page is displayed.
268 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Content Filter T ype There are three types of content filte ring ava ilable on the SonicWALL security ap pliance.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 269 Configuring SonicWALL Filter Properties T rusted Domains Trusted Domains can be added to ena ble content from specific domains to be exemp t from Restrict Web Features .
270 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Custom List The Custom List page allows you to specify allowed or forbidden domain s and keywords to block. Allowed/Forbidden Domains You can cu stomize your URL list to inc lude Allowed Domains and Forbidden Domains .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 271 Configuring SonicWALL Filter Properties Disable all We b traffic e xcept for Allowed Domains When the Disable Web traffic exc ept for Allowed Domains check box is selected, the SonicWALL security appliance only allows Web access to sites on the Allowed Domains list.
272 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Consent The Consent tab allows you to en force content filtering on d esign ated computer s and provide optional filtering on other computers.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 273 Configuring SonicWALL Filter Properties Mandatory Filtered IP Addresses Consent Page URL (m andatory filtering) When a user opens a Web browser on a co mpu ter using mandatory conten t f iltering, a consent pag e is displayed.
274 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 275 SonicWALL Network Anti-Virus Overview C HAPTER 45 Chapter 45: Managing SonicW ALL Network Anti-V irus and E-Mail Filter Services SonicW ALL Network Anti-V irus Overview The widespread outbreaks of viruses illustra te the problematic nature of virus defense for small offices.
276 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 45: Managing SonicWALL Network Anti-V irus and E-Mail Filter Services Security Services > Anti-V irus If SonicWALL Ne tw.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 277 Security Services > Anti-Virus S Alert: You must h ave a mySon icWALL.com a ccount an d your Sonic WALL must be register ed to activate SonicWALL Network Anti-Virus. 1 Click the SonicWALL Network Anti-Virus Subsc ription link on the Security Services > Ant i- Virus page.
278 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 45: Managing SonicWALL Network Anti-V irus and E-Mail Filter Services Security Services > E-Mail Filter The Security Ser.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 279 SonicWALL Gateway Anti-Virus Overview C HAPTER 46 Chapter 46: Managing SonicW ALL Gateway Anti-V irus Service SonicW ALL Gateway Ant.
280 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e SonicW ALL Gateway Anti-V irus/Intrusion Prevention Features • Real-T .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 281 SonicWALL Gateway Anti-Virus Overview Activating SonicW ALL Gateway Anti-V irus If you do not have SonicWALL Gateway Anti-Virus inst.
282 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e Activating SonicW ALL Gateway Anti-V irus If you have an Activation Key .
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 283 Configuring SonicWALL Gateway Anti-Virus Configuring SonicW ALL Gateway Anti-V irus After activating SonicWALL Gateway Anti-Virus, t.
284 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 285 SonicWALL Intrusion Prevention Service C HAPTER 47 Chapter 47: Managing SonicW ALL Intrusion Prevention Service SonicW ALL Intrusion.
286 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service maintains a curr en t an d robust signatur e da t abase by inco rp orat.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 287 SonicWALL Intrusion Prevention Service How SonicW ALL ’ s Deep Packet Inspection Architecture Wo r k s Deep Packet Inspection t ec.
288 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service Security Services > Intrusion Prevention The Security Servic es > Intrusion Preventio n page provides the settings for configuring SonicWALL Intrusion Prevention Service.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 289 Security Services > Intrusion Prevention Activating the SonicW ALL IPS FREE TRIAL To try a FREE TRIAL of SonicW ALL IPS, follow these steps: 1 Click the FREE TRIAL link. The mySonicWALL.
290 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 291 SonicWALL Global Security Client C HAPTER 48 Chapter 48: Managing SonicW ALL Global Security Client SonicW ALL Global Security Clien.
292 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 48: Managing SonicWALL Global Security Client Global Security Client Features • Multi-Pronged Protect ion - extends the boundar ies of security by protecting the corpor at e net- work and remote/mobile worker s from malicious att acks that occur over the Internet.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 293 SonicWALL Global Security Client Activating SonicW ALL Global Security Client If you have an Activation Key for your SonicWA LL Glob.
294 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 48: Managing SonicWALL Global Security Client.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 295 P ART 11 Part 11 Log.
296 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 297 SonicOS Log Event Messages Overview C HAPTER 49 Chapter 49: V iewing Log Event s SonicOS Log Event Messages Overview During the operation o f a SonicWA LL security a ppliance, So nicOS softwa re sends lo g event messages to the console .
298 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 49: Viewing Log Events Log > V i ew The SonicWALL security appliance maintains an Event log which displays potent ial security threats.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 299 Log > View SonicOS Log Entries Each log entry contains the da te and time of the ev en t an d a b rief message descr ibin g the eve nt. It is also possible to copy the log entries from the managemen t interface and paste in to a report.
300 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 49: Viewing Log Events.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 301 Log > Categories C HAPTER 50 Chapter 50: S pecifying Log Categories Log > Categories You can define which log me ssages appear in the Son icWALL security appliance Event Log . Log Categories All Log Categories are enabled by default except Networ k Debug .
302 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 50: Specifying Log Categories Logs Java, ActiveX, and Cook ies blocked by the SonicWALL security appliance. • User Activity Logs successful and unsucc essful log in attempts.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 303 Log > Automation C HAPTER 51 Chapter 51: Configuring Log Automation Log > Automation Click Log , and then Automation to begin configuring the Soni cWALL security appliance to se nd log files using e-mail and co nf ig u rin g sys log ser ver s on you r netwo rk .
304 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 51: Configuring Log Automation E-mail • Mail Server - to e-mail log or alert messa ges, enter the name or IP addre ss of your mail server in the Mail Server field. If this field is left blank, log and ale rt messages are not e-mailed.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 305 Log > Automation Syslog Event Redund ancy Filter (seconds) - The Syslog Event Redund ancy Filter setting prevents repetitive messag es from being writte n to Syslog.
306 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 51: Configuring Log Automation.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 307 Log > Name Resolution C HAPTER 52 Chapter 52: Configuring Name Resolution Log > Name Resolution The Lo g > Name Resolution page includes settings for configuring the name servers u sed to resolve IP addresses and se rver names in the log reports.
308 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 52: Configuring Name Resolution Selecting Name Resolution Settings The security appliance can use DNS, NetBios, or bo th to resolve IP addre sses and server names.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 309 Log > Reports C HAPTER 53 Chapter 53: Generating and V iewing Log Report s Log > Report s The SonicWALL security appliance can.
310 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 53: Generating and Viewing Log Reports Click Reset Da ta to clear the report statis tics and begin a new sample period . The sample period is also reset when data collection is stoppe d or started, and when the Soni cWALL security appliance is rest ar te d.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 311 Log > ViewPoint Log > V iewPoint SonicW ALL V i ewPoint SonicWALL ViewPoint is a software solution that creates dynamic, Web-based reports of network activity.
312 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 53: Generating and Viewing Log Reports.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 313 SonicSetup A PPENDIX A Appendix BA Using the SonicSetup Diagnostic and Recovery T o ol SonicSetup SonicSetup provides improved diagnostic and in itial setup capabilities for SonicWALL security appliances.
314 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Introduction and Discovery After establishing a connection between th e Soni cWALL and the management wo rkstation (preferably with a direc t cross-ov er cable con nection), la unch SonicSe tup.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 315 Diagnostics Diagnostics Diagnostics include ha rdware and software componen ts, and it runs in two modes: ROM a nd Firmware. Th e transition between the two mo des is autom atically contr olled by Sonic Setup, and is transparent to the ad m i nis tra to r.
316 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Diagnostic Result s After the diagno stics have run, the diag nostic results are displayed : Included in the results is the Diagn o stic Code which, in the event of a failure, must be interpreted by SonicWALL Support.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 317 SonicOS Recovery If the SonicROM image fails to transfer, a failure notification page is displayed, and the ad ministrator must have the opportu nity to retry the process. Multiple failed attempts r eceive an appropriate response from SonicWALL Supp ort.
318 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Restoring Factory Default s If the SonicWALL fails to startup complet.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 319 Address Synchronization Address Synchronization The SonicWALL should be fully operational at this ti me. The administrator is then prompted to p rovide an IP address for the SonicWALL: • Any address may be set, regardless of the current IP address setting (i.
320 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 321 SonicWALL SafeMode A PPENDIX B Appendix BA Resetting the SonicW ALL Security Appliance Using SafeMode SonicW ALL SafeMode If you are unable to c onnect to th e SonicWAL L secu rity appliance’s manageme nt interface, yo u can restart the SonicWALL security appliance in Safe Mode.
322 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX B: Resetting the SonicWALL Security Appliance Using SafeMode 3 The Test light starts blinking when the secu rity applianc e has re booted into SafeMode. 4 Connect to the management inter face: Point the Web browser on your Ma nagement Station to 192.
S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 323 Upgrading SonicOS Firmware Upgrading SonicOS Firmware In SafeMode, you can upload newe r versions of the SonicOS firmware to your SonicWAL L security appliance. 1 Connect to <http://www.
324 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX B: Resetting the SonicWALL Security Appliance Using SafeMode.
325 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Chapter C: Index Numerics 802.11g 127 A access point stat us 136 access rules bandwidth man agement 180 configuration examples 187 g.
Index 326 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE updating firmware 48 flexible default route 174 fragmentatio n th re sh old 153 fragments 137 G Gateway Anti-Virus 279 applica.
Index S ONIC WALL S ONIC OS S TAND ARD 3.0 A DMINISTRATOR ’ S G UIDE 327 secure access point 18 , 20 secure wireless bridge 18 security services activating a free trial of Intrusion Preventio n Serv.
Index 328 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE hexadecimal. 148 WEP key mode 148 WGS, see wireless guest ser vices WiFiSec 127 , 136 WiFiSec enforcement 13 0 , 140 WiFiSec P.
© 2 00 4 Soni cWALL, I n c . Soni cWAL L is a reg is tered tr adem ar k of S onic WAL L, I n c . Other produ ct a nd c ompa ny name s men tione d h erei n ma y be t r adem ar ks and/ or re gi stered tr ade m arks of the ir respe cti ve com pan ie s. Speci ficat io ns and desc ripti on s su bject to chang e with out n oti ce.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté SonicWALL 3 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du SonicWALL 3 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation SonicWALL 3, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le SonicWALL 3 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le SonicWALL 3, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du SonicWALL 3.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le SonicWALL 3. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei SonicWALL 3 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.