Manuals
/
Brands
/
Computer Equipment
/
Network Router
/
SonicWALL
/
Computer Equipment
/
Network Router
SonicWALL
Internet Security Appliances
- page 287
1
287
293
293
Download
293 pages, 5.43 Mb
Page 288 SonicWALL Internet Security Appliance Administrator’s Guide
Notes
Contents
Main
Contents
Page
Page
Page
Page
Page
Page
Page
Copyright Notice
LIMITED WARRANTY
About this Guide
Organization of this Guide
SonicWALL Technical Support
Firmware Version
Icons Used in this Manual
1 Introduction
Your SonicWALL Internet Sec urity Appliance
SonicWALL Internet Security Appliance Functional Diagram
SonicWALL Internet Security Appliance Features
Internet Security
Content Filtering
Logging and Reporting
Dynamic Host Configuration Protocol (DHCP)
Easy Installation and Configuration
IPSec VPN
2 Configuring the Network Mode on the SonicWALL
Standard Mode
Network Address Tra nslation (NAT) Enabled
NAT with PP PoE Client
NAT with DHCP Client
Configuring the SonicWALL in Standard Mode
Configuring the SonicWALL in NAT Enabled Mode
Accessing the Wizard
Page
Page
Page
Page
Page
Restarting
Configuring NAT with PPPoE Client
Page
Page
Page
Page
Page
Configuring NAT with DHCP Client
Accessing the Installation Wizard
Setting the Passwo rd
Page
Page
Configuring LAN Network Settings
Configuring the SonicWALL DHCP Server
Page
Restarting
Configuring NAT with L2TP Client
Configuring NAT with PPTP Client
Setting the Password
Page
Page
Page
Page
Page
Logging into the SonicWALL Management Interface
Page
3 Registering at mySonicWALL.com
Creating a New User Account
Account Information
Personal Information
Page
Page
Problems Creating a MysonicWALL.com User Account?
User Name and Password Functions
Registering Your SonicWALL Internet Security Applia nce
Click Here Registration
Quick Registration
Status and Options
Page
Transferring a SonicWALL Product
Page
Page
Activating Services Using mySonicWALL.com
Page
4 Configuring the TELE3 SP Modem Connection
Configuring the TELE3 SP WAN Failover Feature
Page
ISP Settings
Location Settings
Page
TELE3 SP Modem Configuration
Modem Settings
Primary Interface
Failover Settings
Probing on the TELE3 SP
Configuring a Modem Profile for Manual Dial-Up
ISP Settings
Location Settings
Configure Modem Settings
Configuring Your TELE3 SP in Modem Only Mode Configuring the Network Settings
Configuring the Modem Settings
Tested Internet Service Providers
Status
Modem Status
Chat Scripts
Custom Chat Scripts
5 Managing Your SonicWALL Internet Security Appliance
HTTPS Management
Status
Page
CLI Support and Remote Management
6 General and Network Settings
Network Settings
Network Addressing Mode
LAN Settings
Multiple LAN Subnet Mask Support
WAN Settings
DNS Settings
Standard Configuration
NAT Enabled Configuration
Page
NAT with DHCP Client Configuration
NAT with PPPoE Configuration
Page
NAT with L2TP Client Configuration
Page
NAT with PPTP Client Configuration
Page
Setting the Time and Date
NTP Settings
Configuring the Admini strator Settings
Administrator Name
Change the Administrator Password
Setting the Administrator Inactivity Timeout
Login Failure Handling
7 Logging and Alerts
View Log
SonicWALL Log Messages
Log Settings
Configure the following settings:
Page
Log Categories
Alerts/SNMP Traps
Reports
Web Site Hits
Bandwidth Usage by IP Address
Bandwidth Usage by Service
SonicWALL ViewPoint
8 Content Filtering and Blocking
Configuring SonicWALL Content Filtering
URL List
List Status
List Updates
Download Automatically every
Settings
Select Categories to Block
Customizing the Content Filtering List
Custom Filter
Time of Day
Filter Block Action
Consent
Mandatory Filtered IP Addresses
Configuring N2H2 Internet Filtering
Page
Page
Configuring the Websense Enterprise Content Fil t er
Page
Configuring the Websense Content Filter List
Websense Server Status
Settings
Server Host Name or IP Address
Server Port
URL Cache
Model Cache Size
9 Web Management Tools
Page
Page
Updating Firmware
Updating Firmware Manually
Upgrade Features
Page
Find Network Path
Ping
Packet Trace
Tech Support Report
Page
Trace Route
10 Network Access Rules
Viewing Network Access Rules
Services
LAN Out
DMZ In (Optional)
LAN In
Page
Add Service
Add a Known Service
Add a Custom Service
Enable Logging
Delete a Service
Rules
Maximum Number of Rules by Product
Network Access Rule Logic Li st
Bandwidth Management
Add A New Rule
Page
Add New Rule Examples
Blocking LAN Access for Specific Services
Enabling Ping
Current Network Access Rules Table
Edit a Rule
Delete a Rule
Enable/Disable a Rule
Restore the Default Network Access Rules
Understanding the Access Rule Hierarchy
Users
Global User Settings
Users
Adding and Removing a User
Page
User Login
RADIUS
RADIUS Servers
RADIUS Users
RADIUS Client Test
Management SonicWALL SNMP Support
Configuration of the Log/Log Settings for SNMP
Configuration of the Service and Rules Pages
SonicWALL Management Protocol
Additional Management
Page
11 Advanced Features
Proxy Relay Web Proxy Forwarding
Configuring Web Proxy Relay
Bypass Proxy Servers Upon Proxy Failure
Intranet
Installation
Intranet Configuration
Intranet Settings
VPN Single-Armed Mode (stand-alone VPN gateway)
Configuring a SonicWALL for VPN Single Armed Mode
Routes
LAN Route Advertisement
RIPv2 Authentication
DMZ Route Advertisement
DMZ Addresses
DMZ in Standard Mode
DMZ in NAT Mode
Delete a DMZ Addres s R an g e
HomePort Configuration
HomePort in Standard Mode
HomePort in NAT Mo de
Delete a HomePort Address Range
One-to-One NAT
One-to-One NAT Configuration Example
Ethernet
WAN Link Settings
Enable Bandwidth Management
DMZ/WorkPort Link Se tti n g s
LAN/HomePort Link Se tt in g s
Proxy Management workstation ethernet address on WAN
MTU Settings
SonicWALL Bandwidth Management
How SonicWALL Bandwidth Management Works
Page
12 DHCP Server
Setup
Allow DHCP Pass Through in Standard Mode
Configuring the SonicWALL DHCP Server
Deleting Dynamic Ranges and Static Entries
DHCP over VPN
DHCP Relay Mode
Configuring the Central Gateway for VPN over DHCP
Configuring the Remote Gate wa y for VP N over DHCP
LAN IP Addresses
LAN Device Configuration
DHCP Status
Page
Configuring the SonicWALL DHCP Server
Deleting Dynamic Ranges and Static Entries
DHCP Status
13 SonicWALL VPN
VPN Management Interface Summary Tab
Global VPN Settin gs
Page
SonicWALL NAT Traversal Support
AES (Advanced Encryption Standard) Support
Configure Tab Add/Modify IPSec Security Associations
Disabling Security Associations
Security Policy Settings
Security Policy Settings for Group VPN
Security Policy Settings for IKE using Pre-shared Secret
Page
Security Policy Settings using Manual Key
Destination Networks
Adding Destination Networks
Modifying and Deleting Existing Security Associations
Accessing Remote Resources across a Virtual Private Network
Advanced Settings
Enable Keep Alive
Try to bring up all possible SAs
Require authentication of local users
Require authentication of remote users
Enable Windows Networking (NetBIOS) broadcast
Apply NAT and firewall rules
Forward Packets to Remote VPNs
Route all internet traffic through this SA
Enable Perfect Forward Secrecy
Phase 2 DH Group
Default LAN Gateway
Page
Advanced Settings for VPN Configurations
Configuring SonicWALL VPN
Group VPN Configuration for the SonicWALL and VPN Client Configuring Group VPN on the SonicWALL
Page
Group VPN Client Setup
Installing the VPN Client Software
Group VPN Client Configuration
Page
Page
Page
Manual Key Configuration for the SonicWALL and VPN Client Configuring the SonicWALL
Configuring the VPN Client
Installing the VPN Client Software
Launching the SonicWALL VPN Client
Configuring VPN Security and Remote Identity
Page
Configuring VPN Client Key Exchange Proposal
Page
Page
IKE and Manual Key Configuration for Two SonicWALLs
Manual Key for Two SonicWALLs
Page
Configuring the Second SonicWALL Appliance
Example of Manual Key Configuration for Two SonicWALLs
To configure the main office PRO 300, use the following steps:
Configuring the Remote SonicWALL
Page
IKE Configuration for Two SonicWALLs
Page
Example of IKE Configuration for Two SonicWALLs
Configuring a SonicWALL PRO 200 in Chicago
Configuring a SonicWALL TELE3 in San Francisco
Page
SonicWALL Third Party Digital Certificate Support
Overview of Third Party Digital Certificate Support
X.509 Version 3 Certificate Standard
Importing CA Certificates into the SonicWALL
Certificate Details
Importing Certificate with private key
Certificate Details
Certificate Revocation List (CRL )
Creating a Certificate Signing Request
Importing a Signed Local Certificate
Configuring a VPN Security Association using IKE and a Third Party Certificate
SonicWALL Enhanced VPN Logging
Testing a VPN Tunnel Connection Us ing PING
Configuring Windows Networking
Page
Page
14 High Availability
Before Configuring High Availability
Network Configuration for High Availability Pair
Configuring High Availability on the Primary SonicWALL
Synchronize Now
Page
Configuration Changes
Page
High Availability Status Window
E-mail Alerts Indicating Status Change
View Log
Forcing Transitions
Configuration Notes
15 SonicWALL Options and Upgrades
SonicWALL VPN Client
SonicWALL Network Anti-Virus
Content Filter List Subscription
Vulnerability Scanning Service
SonicWALL Authentication Service
SonicWALL ViewPoint Reporting
SonicWALL Global Management System
Contact Your Reseller or SonicWALL
16 Hardware Descriptions
SonicWALL PRO 230 and PRO 330 Front Panel
SonicWALL PRO 230 and PRO 330 Front Panel Description
SonicWALL PRO 230 and PRO 330 Rear Panel Description
SonicWALL PRO 200 and PRO 300 Front Panel
SonicWALL PRO 200 and PRO 300 Front Panel Description
SonicWALL PRO 200 and PRO 300 Back Panel
SonicWALL PRO 200 and PRO 300 Back Panel Description
SonicWALL PRO 100 Front Panel
SonicWALL PRO 100 Front Panel Description
SonicWALL PRO 100 Back Panel
SonicWALL PRO 100 Back Panel Description
SonicWALL TELE3 SP Front Panel
SonicWALL TELE3 SP Front Panel Description
SonicWALL TELE3 SP Back Panel
The SonicWALL TELE3 SP Back Panel Description
SonicWALL TELE3 TZ Front Panel
SonicWALL TELE3 TZ Front Panel Description
SonicWALL TELE3 TZ Back Panel
SonicWALL TELE3 TZ Back Panel Description
SonicWALL TELE3 TZX Front Panel
SonicWALL TELE3 TZX Front Panel Description
SonicWALL TELE3 TZX Back Panel l
SonicWALL TELE3 TZX Back Panel Description
SonicWALL SOHO3 and TELE3 Front Panel
SonicWALL SOHO3 and TELE3 Front Panel Description
SonicWALL SOHO3 and TELE3 Back Panel
SonicWALL SOHO3 and TELE3 Back Panel Description
SonicWALL GX 250 and GX 650 Front Panel
SonicWALL GX250 and GX 650 Front Panel Description
SonicWALL GX250 Front Panel
SonicWALL GX 650 Front Panel
SonicWALL GX 250 and GX 650 Back Panel Description
17 Troubleshooting Guide
The Link LED is off
A computer on the LAN cannot access the Internet
The SonicWALL does not establish authenticated sessions
The SonicWALL does not save changes that you have made
Duplicate IP address errors
Machines on the WAN are not reachable
VPN tunnel problems
Page 256 SonicWALL Internet Security Appliance Administrators Guide
18 Appendices
Appendix A - Technical Specifications
SonicWALL Hardware and Performance
TELE3 SOHO3 PRO 100 PRO 200 PRO 230 PRO 300 PRO 330
TELE3 SP TELE3 TZ TELE3 TZX GX250 GX650
Page
SonicWALL Support 24X7
SonicWALL Support Services Features and Benefits
Warranty Support -
North America
Warranty Support -
International
SonicWALL Support 24X7
SonicWALL Support 8X5
Appendix C - Introduction to Networking
Network Hardware Components
Network Types
Firewalls
Gateways
Network Protocols
IP Addressing
IP Address
Subnet Mask
Default Gateway
Network Address Translation (NAT)
Nodes
Page
Appendix D - IP Port Numbers
Well Known Port Numbers
Registered Port N u mb e rs
Appendix E - Configuring TCP/IP Settings
Windows 98
Windows NT
Windows 2000
Windows XP
Macintosh OS 10
Appendix F - Basic VPN Terms and Concepts
Page
Page
Page
Appendix G- Erasing the Firmware
Locating the Reset button on your SonicWALL
Erasing the Firmware for all Models
Appendix H- Mounting the SonicWALL PRO 200 and PRO 300
Appendix I - Configuring RADIUS and ACE Servers
Steel Belted RADIUS (Funk Software)
Tab le 1:
Configuring User Privileges
ACE Serve r (RSA)
ACS Server (Cisco)
Internet Authentication Service (Windows NT/2000 Server)
Page
Page
Page
Page
Page
Page
Page
Index
A
B
C
D
E
F
G
H
I
M
N
O
P
R
T
U
V
W
X