Manuals
/
SonicWALL
/
Household Appliance
/
Home Security System
SonicWALL
3
manual
SonicOS Standard Administrators Guide
Models:
3
1
1
348
348
Download
348 pages
8.9 Kb
1
2
3
4
5
6
7
8
Install
Password
Flexible Default Route
Login
System Administration
Part 5 Wireless
Warranty
Configuring WAN Settings
Reset Data
System Diagnostics
Page 1
Image 1
COMPREHENSIVE INTERNET SECURITY
™
SSSSS
SonicWALL Security Appliance
SonicOS Standard 3.0
Administrator's Guide
Page 1
Page 2
Page 1
Image 1
Page 1
Page 2
Contents
SonicOS Standard Administrators Guide
Table of Contents
Part 2 System
Part 3 Network
Part 4 Modem
Part 5 Wireless
Part 8 VPN
Vii
Configuring Site to Site VPN Policies Using
Viii
Part 9 Users
Part 11 Log
Index
Copyright Notice
Preface
Trademarks
Xii
Limited Warranty
Page
Organization of this Guide
Part 9 Users
Part 10 Security Services
Part 11 Log
About this Guide
Icons Used in this Manual
Guide Conventions
SonicWALL Technical Support
More Information on SonicWALL Products and Services
North America Telephone Support
International Telephone Support
Xviii
Current Documentation
Introduction
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
What’s New in SonicOS Standard
Introduction
SonicWALL Management Interface
SonicWALL Management Interface
Navigating the Management Interface
Applying Changes
Status Bar
Navigating Tables
Getting Help
Common Icons in the Management Interface
Logging Out
Introduction
SonicWALL Security Appliance Configuration Steps
Basic SonicWALL Security Appliance Setup
Internet Service Provider ISP Information
Collecting Required ISP Information
If You Have DSL
Other Information
If You Have a Static IP Address
SonicWALL Management Interface
SonicWALL TZ 170 SP
Using the SonicWALL Setup Wizard
Configuring a Static IP Address Internet Connection
SonicWALL TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless
Using the SonicWALL Setup Wizard
Configuring a PPPoE Internet Connection
Configuring a Dhcp Internet Connection
Configuring Pptp Internet Connectivity
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
Configuring the TZ 170 SP using the Setup Wizard
Changing the Password
Welcome to the SonicWALL Setup Wizard
Configuring the WAN Network Mode
Selecting the Deployment Scenario
Configuring LAN Settings
Configuring WAN Settings
Configuring LAN Dhcp Settings
Configuring Wlan 802.11b/g Settings
Configuring the LAN Dhcp Settings
Configuring the LAN Settings
Configuring Wlan 802.11b Settings
Configuring the WAN Network Mode
Configuring the TZ 170 Wireless as a Secure Wireless Bridge
Configuring Secure Wireless Bridge Settings
Configuring Wlan Network Setting
Before You Register
Registering Your SonicWALL Security Appliance
Registering Your SonicWALL Security Appliance
Registering Your SonicWALL Security Appliance
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
System
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
System Status
Viewing System Status Information
System Status
System Messages
Wizards
System Information
Latest Alerts
Security Services
SonicWALL TZ 150 Wireless
SonicWALL TZ 50 Wireless
Network Interfaces
SonicWALL Security Appliance Model Interfaces SonicWALL TZ
System Licenses
System Licenses
System Licenses
Currently Licensed Nodes
Node License Status
Node License Exclusion List
Security Services Summary
Manual Upgrade for Closed Environments
Manage Security Services Online Manual Upgrade
From a Computer Connected to the Internet
System Licenses
System Administration
Using System Administration
System Administration
Login Security
Name/Password
Firewall Name
Web Management Settings
Advanced Management
Enable Snmp
Four addresses or host names can be used
Click OK
Enable Management Using SonicWALL GMS
Using System Administration
System Time
Setting System Time
Set Time
System Time
Setting the SonicWALL Security Appliance Time
NTP Settings
System Settings
Configuring System Settings
Settings
Import Settings
Click Export Settings
Export Settings
Firmware Management
New Firmware
Firmware Management Settings
SafeMode Rebooting the SonicWALL Security Appliance
System Information
Firmware Management
System Diagnostics
System Diagnostics
Generating a Tech Support Report
Tech Support Report
Active Connections Monitor Settings
Diagnostic Tools
Active Connections Monitor
DNS Name Lookup
CPU Monitor
Packet Trace
Find Network Path
Select Packet Trace from the Diagnostic tool menu
Ping
Reverse Name Resolution
Process Monitor
System Restart
Network
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
Network Settings
Configuring Network Settings
Network Settings
Interfaces
Setup Wizard
Interface Options by SonicWALL Security Appliance
DNS Settings
Configuring Transparent Mode
Configuring the WAN Interface
Configuring the WAN Interface
Configuration Example
Configuring NAT with Dhcp Client
Configuring NAT Enabled
Configuring NAT with L2TP Client
Configuring NAT with PPPoE Client
Configuring Ethernet Settings in WAN Properties
Configuring NAT with Pptp Client
Configuring the WAN Interface
Basic LAN Configuration
Configuring the LAN Interface
Configuring Multiple LAN Subnets
Configuring Ethernet Settings
Configuring the OPT Interface
Configuring the OPT Interface
Configuring Transparent Mode
Configuring NAT Mode
Configuring the DMZ Interface
Configuring the DMZ Interface
Select OPT in NAT Mode
Configuring Transparent Mode
Configuring the Modem Interface TZ 170 SP
Configuring the Modem Interface TZ 170 SP
Select DMZ in NAT Mode
Profiles
Modem Settings
Failover
Select Enable WAN Failover
Activating the Modem
Advanced
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
Sonicwall Sonicos Standard 3.0 ADMINISTRATOR’S Guide
Select the Enable One-to-One NAT check box
Configuring One-to-One NAT
Network One-to-One NAT
Network One-to-One NAT
Select Enable One-to-One NAT
One-to-One NAT Configuration Example
Click Firewall, then Access Rules
Allow Service Http Source WAN
Configuring One-to-One NAT
Network Web Proxy
Configuring Web Proxy Settings
Network Web Proxy
Bypass Proxy Servers Upon Proxy Failure
Configuring Automatic Web Proxy Forwarding
Forward OPT/DMZ/WLAN Client Requests to Proxy Server
Network Intranet
Configuring Intranet Settings
Network Intranet
Intranet Settings
Installation
Specified address ranges are attached to the LAN link
Specified address ranges are attached to the WAN link
Network Routing
Configuring Static Routes
Network Routing
Static Routes
Static Route Configuration Example
Key terms
SonicWALL LAN IP Address
Route Advertisement
Route Advertisement Configuration
Routing Table
Network ARP
Configuring Address Resolution Protocol Settings
Network ARP
Static ARP Entries
Adding a Secondary Subnet using the Static ARP Method
Secondary Subnets with Static ARP
Network ARP
Prohibit Dynamic ARP Entries
Flushing the ARP Cache
Navigating and Sorting the ARP Cache Table
Configuring Address Resolution Protocol Settings
Dhcp Server Settings
Configuring the Dhcp Server
Network Dhcp Server
Network Dhcp Server
Dhcp Server Lease Scopes
Configuring Dhcp Server for Dynamic Ranges
101
Configuring Static Dhcp Entries
Current Dhcp Leases
Network Dynamic DNS
Configuring Dynamic DNS
Supported Ddns Providers
Network Dynamic DNS
Additional Services offered by Dynamic DNS Providers
105
Configuring Dynamic DNS
106
107
Dynamic DNS Settings Table
108
109
Modem
110
Modem Status
Viewing Modem Status
Modem Status
111
Modem Status
Modem Settings
Configuring Modem Settings
Modem Settings
113
Configuring Profile and Modem Settings
Modem Failover Settings
Configuring Modem Failover
Modem Failover
Modem Failover
Configuring Modem Failover
Modem Advanced
Modem Advanced
117
Configuring Advanced Modem Settings
Modem Dialup Profiles
Configuring Modem Dialup Properties
Dial-Up Profiles
Modem Dialup Profiles
Configuring a Dialup Profile
Modem Dialup Profiles Modem Profile Configuration
121
Modem Dialup Profiles Modem Profile Configuration
122
123
Chat Scripts
Custom Chat Scripts
125
Wireless
126
127
LAN WAN
Considerations for Using Wireless Connections
Wireless Guest Services WGS
Optimal Wireless Performance Recommendations
Optimal Wireless Performance Recommendations
129
WiFiSec Enforcement
Wireless Node Count Enforcement
MAC Filter List
Welcome to the SonicWALL Wireless Configuration Wizard
Using the Wireless Wizard
Wlan Network Settings
Using the Wireless Wizard
Wlan Security Settings
Wlan 802.11b Settings
Wireless Guest Services
WiFiSec VPN Client User Authentication
133
Updating the TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless
Wireless Configuration Summary
Configuring Additional Wireless Features
Wireless Status
Wireless Status
135
Access Point Status
Wlan Settings
Station Status
Wlan Statistics
137
138
Wireless Settings
Configuring Wireless Settings
Wireless Radio Mode
Wireless Settings
Wireless Settings
141
Secure Wireless Bridging TZ 170 Only
Configuring a Secure Wireless Bridge
Wireless Bridging without WiFiSec
Network Settings for the Example Network
143
Select LAN for VPN Terminated at
Advanced Configuration for both VPN Policies
145
Wireless Bridge VPN Policy
146
Wireless WEP/WPA Encryption
Configuring WEP and WPA Encryption
Wireless WEP/WPA Encryption
147
WPA Encryption Settings
WEP Encryption Settings
WEP Encryption Keys
WPA-EAP Settings
WPA-PSK Settings
149
WPA Settings
Wireless Advanced
Wireless Advanced
Beaconing & Ssid Controls
151
Advanced Radio Settings
Wireless Client Communications
Configurable Antenna Diversity TZ 170 Wireless
153
154
Wireless MAC Filter List
Configuring the MAC Filter List
Wireless MAC Filter List
155
156
Wireless IDS
Configuring Wireless IDS
Wireless Bridge IDS
Wireless IDS
Enable Client Null Probing
Access Point IDS
Rogue Access Point Detection
Association Flood Detection
159
Authorizing Access Points on Your Network
160
161
Wireless Guest Services
162
WGS Status
WGS Status
163
Viewing Wireless Guest Services Status
WGS Settings
Configuring Wireless Guest Services
WGS Settings
165
Enable Dynamic Address Translation DAT
Bypass Guest Authentication
Bypass Filters for Guest Accounts
Enable URL Allow List for Authenticated Users
Enable Smtp Redirect
Enable IP Address Deny List for Authenticated Users
167
Check the Customize Login Page box
Customize Login
Maximum Concurrent Guests
Custom Post Authentication Redirect
WGS Account Profiles
To add a profile
Account Lifetime
WGS Accounts
Managing Wireless Guest Accounts
Working with Guest Accounts
WGS Accounts
Automatically Generating Guest Accounts
Account Detail Printing
Manually Configuring Wireless Guests
Account Profile
173
Secure Access Point with Virtual Adapter Support
Flexible Default Route
175
Secure Access Point with Wireless Guest Services
176
177
Firewall
178
Network Access Rules Overview
Configuring Network Access Rules
Network Access Rules Overview
179
Firewall Access Rules
Using Bandwidth Management with Access Rules
Adding Rules using the Network Access Rule Wizard
Restoring Default Network Access Rules
Configuring a Public Server Rule
Navigating and Sorting the Access Rules Table Entries
Configuring a General Network Access Rule
183
Adding Rules Using the Add Rule Window
185
Configuring Network Access Rules Click the Bandwidth tab
Rule Examples
Blocking LAN Access for Specific Services
Enabling Ping
Select WAN from the Destination Ethernet menu
188
Access Rules Advanced
Configuring Advanced Rule Options
Windows Networking NetBIOS Broadcast Pass Through
Access Rules Advanced
Access Rule Service Options
TCP Connection Inactivity Timeout
Detection Prevention
Source Routed Packets
Firewall Services
Configuring Custom Services
User Defined Custom Services
Firewall Services
Predefined Services
Firewall VoIP
Configuring VoIP
VoIP Protocols
Firewall VoIP
SIP
323
SIP Settings
Configuring the VoIP Settings
Settings
195
196
Firewall Connections Monitor
Monitoring Active Firewall Connections
Firewall Connections Monitor
197
Using Group Filters
Setting Filter Logic
Click Apply Filters
Source IP Priority && Category && Source && Destination
199
VPN
200
SonicWALL VPN Options Overview
Configuring VPN Settings
SonicWALL VPN Options Overview
201
VPN Global Settings
VPN Settings
VPN Policies
Configuring GroupVPN Policy on the SonicWALL
Configuring GroupVPN Policy on the SonicWALL
Currently Active VPN Tunnels
Navigating and Sorting the VPN Policies Entries
Configuring IKE Preshared Secret
205
206
207
Configuring GroupVPN with IKE 3rd Party Certificates
209
210
211
212
Site to Site VPN Configurations
Site to Site VPN Configurations
Export a GroupVPN Client Policy
Site-to-Site VPN Deployments
Site a
VPN Planning Sheet for Site-to-Site VPN Policies
Router
Additional Information
215
Creating a Typical IKE Preshared Secret VPN Policy
217
Creating a Custom VPN Policy IKE with Preshared Secret
Creating a Manual Key VPN Policy with the VPN Policy Wizard
219
220
Tip The Shared Secret must be a minimum of four characters
Configuring a VPN Policy IKE with Preshared Secret
221
222
223
Select Manual Key from the IPSec Keying Mode menu
Configuring a VPN Policy using Manual Key
General tab, select IKE using 3rd Party Certificates
Configuring a VPN Policy with IKE 3rd Party Certificate
225
226
227
228
Advanced VPN Settings
Configuring Advanced VPN Settings
VPN Advanced
VPN Advanced
VPN User Authentication Settings
VPN Bandwidth Management
Select Enable VPN Bandwidth Management
231
Configuring Advanced VPN Settings
Dhcp Relay Mode
Configuring Dhcp Over VPN
VPN Dhcp over VPN
VPN Dhcp over VPN
Configuring the Central Gateway for Dhcp Over VPN
235
Configuring Dhcp over VPN Remote Gateway
Click OK to exit the Dhcp over VPN Configuration window
Device Configuration
Current Dhcp over VPN Leases
VPN L2TP Server
Configuring L2TP Server Settings
VPN L2TP Server
237
IP Address Settings
L2TP Server Settings
Adding L2TP Clients to the SonicWALL
239
Currently Active L2TP Sessions
Configuring L2TP Server Settings
Digital Certificates Overview
Managing Certificates
SonicWALL Third-Party Digital Certificate Support
Digital Certificates Overview
Importing Certificate with Private Key
VPN Local Certificates
Certificate Details
Delete This Certificate
Generating a Certificate Signing Request
VPN Local Certificates
Select Add New Local Certificate from the Certificates menu
Importing CA Certificates into the SonicWALL
VPN CA Certificates
Select Add New CA Certificate
Certificate Revocation List CRL
Automatic CRL Update
Importing a CRL List
Click Browse for Please select a file to import
246
247
Users
248
User Level Authentication Overview
User Level Authentication Overview
Users Status
249
Authentication Method
Users Settings
Active User Sessions
Internet Authentication Exclusions
Global User Settings
Users Settings
251
Acceptable Use Policy
Select Use Radius for user authentication
Configuring Radius Authentication
253
254
255
256
Users Local Users
Configuring Local Users
Users Local Users
257
Adding a Local User
259
Security Services
260
SonicWALL Security Services
SonicWALL Security Services
Activating Free Trials
MySonicWALL.com
Security Services Summary Manage Licenses
Security Services Summary
Security Services Summary
263
Security Services Information
Security Services Settings
If Your SonicWALL Security Appliance is Not Registered
SonicWALL Content Filtering Service
SonicWALL Content Filtering Service
265
Content Filter Status
Security Services Content Filter
Activating SonicWALL Content Filtering Service
Security Services Content Filter
Activating a SonicWALL Content Filtering Service
267
Restrict Web Features
Content Filter Type
Message to Display when Blocking
Configuring SonicWALL Filter Properties
Configuring SonicWALL Filter Properties
Trusted Domains
Allowed/Forbidden Domains
Custom List
Keyword Blocking
271
Disable all Web traffic except for Allowed Domains
Consent
Consent Page URL mandatory filtering
Mandatory Filtered IP Addresses
Adding a New Address
273
274
SonicWALL Network Anti-Virus Overview
SonicWALL Network Anti-Virus Overview
275
Activating SonicWALL Network Anti-Virus
Security Services Anti-Virus
Activating a SonicWALL Network Anti-Virus Free Trial
Security Services Anti-Virus
277
Configuring SonicWALL Network Anti-Virus
Security Services E-Mail Filter
SonicWALL Gateway Anti-Virus Overview
Managing SonicWALL Gateway Anti-Virus Service
SonicWALL Gateway Anti-Virus Overview
279
SonicWALL Gateway Anti-Virus/Intrusion Prevention Features
281
Activating SonicWALL Gateway Anti-Virus
Activating the SonicWALL Gateway Anti-Virus
Activating SonicWALL Gateway Anti-Virus
Configuring SonicWALL Gateway Anti-Virus
Configuring SonicWALL Gateway Anti-Virus
283
284
SonicWALL Intrusion Prevention Service
Managing SonicWALL Intrusion Prevention Service
SonicWALL IPS Features
SonicWALL Intrusion Prevention Service
SonicWALL Deep Packet Inspection
287
How SonicWALL’s Deep Packet Inspection Architecture Works
Activating SonicWALL IPS
Security Services Intrusion Prevention
Activating the SonicWALL IPS Free Trial
Security Services Intrusion Prevention
289
290
SonicWALL Global Security Client
Managing SonicWALL Global Security Client
SonicWALL Global Security Client
291
How SonicWALL Global Security Client Works
Global Security Client Features
SonicWALL Global Security Client Activation
293
Activating SonicWALL Global Security Client
294
295
Log
296
SonicOS Log Event Messages Overview
Viewing Log Events
SonicOS Log Event Messages Overview
297
Navigating and Sorting Log View Table Entries
Log View
Refresh
SonicOS Log Entries
Clear Log
Mail Log
300
Log Categories
Specifying Log Categories
Log Categories
Alerts & Snmp Traps
Log Automation
Configuring Log Automation
Log Automation
303
Syslog Servers
Mail
305
306
Log Name Resolution
Configuring Name Resolution
Log Name Resolution
307
Name Resolution Method list, select
Selecting Name Resolution Settings
Specifying the DNS Server
Generating and Viewing Log Reports
Reset Data
Log Reports
Data Collection
View Data
Bandwidth Usage by Service
Web Site Hits
Bandwidth Usage by IP Address
SonicWALL ViewPoint
Log ViewPoint
Log ViewPoint
311
Generating and Viewing Log Reports
SonicSetup
SonicSetup
313
Device Selection
Introduction and Discovery
Diagnostics
Diagnostics
315
Diagnostic Results
SonicROM Recovery
SonicOS Recovery
SonicOS Recovery
317
Restoring Factory Defaults
Address Synchronization
Address Synchronization
319
320
SonicWALL SafeMode
SonicWALL SafeMode
321
322
Upgrading SonicOS Firmware
Upgrading SonicOS Firmware
323
324
Numerics
Index
326
327
VPN
WPA, see WiFiSec Protected Access
232- 000609- 00 Rev E 02/05
Top
Page
Image
Contents
