Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/newdedyk/domains/bkmanuals.com/public_html/includes/pages/manual_inc.php on line 26
SonicWALL 3 manuale d’uso - BKManuals

SonicWALL 3 manuale d’uso

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348

Vai alla pagina of

Un buon manuale d’uso

Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso SonicWALL 3. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica SonicWALL 3 o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.

Che cosa è il manuale d’uso?

La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso SonicWALL 3 descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.

Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.

Quindi cosa dovrebbe contenere il manuale perfetto?

Innanzitutto, il manuale d’uso SonicWALL 3 dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo SonicWALL 3
- nome del fabbricante e anno di fabbricazione SonicWALL 3
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature SonicWALL 3
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti

Perché non leggiamo i manuali d’uso?

Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio SonicWALL 3 non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti SonicWALL 3 e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio SonicWALL in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche SonicWALL 3, come nel caso della versione cartacea.

Perché leggere il manuale d’uso?

Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo SonicWALL 3, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.

Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso SonicWALL 3. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.

Sommario del manuale d’uso

  • Pagina 1

    C OM P REHENSIVE INTERN ET S ECURI TY ™ SSSS S S o n i c W A L L S e c u r i t y A p p l i a n c e S onicOS Standard 3 . 0 Administrator's Guid e[...]

  • Pagina 2

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE i Chapter : T able of Content s T able of Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Copyright Notice . .[...]

  • Pagina 3

    ii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Registering Your SonicWALL Security Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Before You Register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Creating a mySonicWALL.com [...]

  • Pagina 4

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE iii Ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Process Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 7 Reverse Name[...]

  • Pagina 5

    iv S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Chapter 13: Configuring S t atic Rout es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Network > Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Static Routes . . . . . . .[...]

  • Pagina 6

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE v P ART 5: Wireless Chapter 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Y our WLAN127 Considerations for Using Wireless Connec tions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Optimal Wireless Performance Reco mmend ations . . . . . . . . .[...]

  • Pagina 7

    vi S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Customize Login Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Custom Post Authentication Re direct Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 Maximum Concurrent Guests . . [...]

  • Pagina 8

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE vii VPN > Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 0 2 VPN Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 VPN Policies . . [...]

  • Pagina 9

    viii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents P ART 9: Users Chapter 41: Viewing User S tat us and Configuring User Authentication . . . . 249 User Level Aut hentication Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 Users > Status . . . . . . . . . . . . . [...]

  • Pagina 10

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE ix Configuring SonicWALL Ne twork Anti-Virus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 Chapter 46: Managing SonicW ALL Gateway A nti-Virus Service. . . . . . . . . . 279 SonicWALL Gateway Anti-Virus Overv[...]

  • Pagina 11

    x S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Table of Contents Appendix A:Using the SonicS etup Diagnostic and Recovery T ool . . . . . . . 313 SonicSetup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Introduction and Discovery . . . . . . . . . . . .[...]

  • Pagina 12

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xi Chapter : Chapter : Preface Copyright Notice © 2004 SonicWAL L, Inc. All rights rese rved. Under the copyrigh t laws, this manual or the software descr ibed within, can not be cop ied, in whole or part, without the written consen t of the manufacturer, except in the normal use of t[...]

  • Pagina 13

    xii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Limited W arranty SonicWALL, Inc. warrants that commencing from the delivery date to Customer (but in any case commencin g not more than nine ty (90) day s after th e original sh ipment by SonicWALL), and continuing for a period of twelve (1 2) months, that the product will[...]

  • Pagina 14

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xiii About this Guide About this Guide Welcome to the SonicWALL SonicOS Standard 3 .0 Administra tor’s Guide . This manual provides the information you ne ed to successfully activate, confi gure, and administer SonicOS Standa rd 3.0 on th e following Sonic WALL security appliance: So[...]

  • Pagina 15

    xiv S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Organization of this Guide The SonicOS Standard 3.0 Administr ator’s Guide orga nization is structured in to the following parts that parallel the top-level me nu items o f SonicWAL L Web -based mana gemen t interface. Within the se parts, indiv idual chap ters corres pon[...]

  • Pagina 16

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xv About this Guide Part 9 Users This part explains ho w to cre ate and manag e a user data ba se on the So nicWALL se curity ap plian ce. and how to integrate the SonicWALL security applianc e with a RADIUS server for user auth entication. Part 10 Security Services This part includes [...]

  • Pagina 17

    xvi S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Guide Conventions The following Conventions used in this guide are as follows: Icons Used in this Manual These spe cial message s refer to note worthy information, and include a symbol for quick identification: S Alert: Important information that cautions abo ut feat ures a[...]

  • Pagina 18

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE xvii SonicWALL Technical Support SonicW ALL T echnical Support For timely resolution of tech nical support questions, visit SonicWALL on the Internet at <http://www.sonicwall.com/ services/support.html> . Web-based resources are available to help you resolve most t echnical issue[...]

  • Pagina 19

    xviii S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Preface Current Document ation Check the SonicWALL documentation Web site for that latest versio ns of this manual and all other SonicWALL p roduct documentation. http://www.sonicwall.com/services/documenta tion.html[...]

  • Pagina 20

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 1 P ART 1 Part 1 Introduction[...]

  • Pagina 21

    2 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 22

    3 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1 Chapter 1: Introduction What’ s New in SonicOS S t andard 3.0 • Real-time Gatew a y An ti Virus (GA V) - Provides per packet virus scanning using a Dee p Packet Inspection version 2.0 engine. The Rea l-time GA V f eature provides over 4,50 0 signatures on the Son- icW [...]

  • Pagina 23

    4 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction  Note: Registration Admission Status (R AS) and In te rnet Locator Service (ILS) LDAP for H.323 is not supported on Soni cOS Standard 3.0. For H.323 RAS and ILS LDAP support on the Son icWALL TZ 170 Series, upgr ade your firmware to SonicOS En hanced 3.0 ([...]

  • Pagina 24

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 5 SonicWALL Management Interface Navigating the Management Interface Navigating the SonicWALL man agement interface includes a hierarchy of menu buttons on the navigation bar (left side of your browser window). When you click a menu butto n, related mana gement fu nctions are di splaye[...]

  • Pagina 25

    6 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction Stat u s B a r The Status bar at the bottom of the management interf ace window displays t he status of actions executed in the SonicWALL management inter face. Applying Changes Click the Apply button at the top right corner of the SonicWALL manageme nt inter[...]

  • Pagina 26

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 7 SonicWALL Management Interface The table navigation bar includ es bu ttons for moving throug h table pages. Common Icons in the Management Int erface The following descri be the functions o f common ico ns used in the SonicWALL ma nagement interf ace: Clicking on the edit icon displa[...]

  • Pagina 27

    8 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 1: Introduction[...]

  • Pagina 28

    9 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2 Chapter 2: Basic SonicW ALL Security Appliance Setup SonicW ALL Security Appliance Configuration S tep s The chapter provides in structions for basic insta llation of the SonicW ALL security a ppliance running SonicOS Standard 3.0. After you co mplete this chapter, compute[...]

  • Pagina 29

    10 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup If Y ou Have DSL Your ISP is probably using PPPoE to dynamically authenticate your login an d assign an addr ess to your computer. You will need: User Name:  Note: Your ISP may require your user name to include the “@” symb[...]

  • Pagina 30

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 11 Accessing the SonicWALL Security Appliance Management Interface Accessing the SonicW ALL Security Appliance Management Interface To access the Web- based manag ement interf ace of the SonicWAL L security appliance: 1 On the computer you have conn ected to a network port, start your [...]

  • Pagina 31

    12 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup SonicW ALL TZ 50 Wireless/TZ 150 W ireless/TZ 170 Wir ele ss If you are configuring the SonicWALL TZ 50 Wi reless/TZ 150 Wireless/TZ 70 Wireless, the Setup Wizard includes additional modem con figuration pages for configuring the [...]

  • Pagina 32

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 13 Using the SonicWALL Setup Wizard 4 Choose Static IP and click Next . 5 Enter the information provided by yo ur ISP in the following fields: SonicWALL WAN IP Address , WAN Subnet Mask , WAN Gateway (Router) Address , and DNS Server Addresses . Click Next . 6 The LAN Settings page all[...]

  • Pagina 33

    14 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup 9 Tip : The SonicWALL security appliance LAN IP address, di splayed in the URL field of the Setup Wizard Complete page, is used to log in and mana ge the SonicWALL secu rity app liance. 9 Click Restart to restart the SonicWALL sec[...]

  • Pagina 34

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 15 Using the SonicWALL Setup Wizard 3 Select your local time zone from the Time Zone menu. Click Next .  Note: Set the time zone correctly before you re gister your SonicWAL L security appliance. 4 Select PPPoE . Click Next . 5 Enter the user name and passwo rd provided by your ISP [...]

  • Pagina 35

    16 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup 3 Select your local time from the Time Zone menu. Click Next . 4 Select PPTP . Click Next . 5 Enter the PPTP server IP address in th e PPTP Server IP Address field. 6 Enter the user name and password provide d by your ISP into the[...]

  • Pagina 36

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 17 Using the SonicWALL Setup Wizard Configuring the TZ 170 SP using the Setup Wizard Configuring the SonicWALL TZ 17 0 SP security appliance using the Setup Wizard includes two additional pages for configur ing the SonicWALL TZ 170 SP’s mo dem. Thes es pages are displaye d after the [...]

  • Pagina 37

    18 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Configuring the TZ 50 Wireless/TZ 150 W ireless/170 Wireless using the Setup W izard The Setup Wizard provides the following four wireless de ployment scenar ios for the SonicWALL TZ 50 Wireless/TZ 150 Wir eless/TZ 170 Wir eless s[...]

  • Pagina 38

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 19 Using the SonicWALL Setup Wizard Configuring W AN Settings 7 If you selected Static IP address , you must have your IP address information from your ISP to fill in the WAN Network Mode field s: Enter the public IP address provided b y your ISP in the SonicWALL WAN IP Address , then [...]

  • Pagina 39

    20 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Configuring the TZ 50 Wirele ss/TZ 150 W ireless/TZ 170 Wireless as a Secure Access Point Use the SonicWALL TZ 5 0 Wireless/TZ 150 Wireless/TZ 170 Wireless as a secure access poin t to add secure wireless access to an existing wir[...]

  • Pagina 40

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 21 Using the SonicWALL Setup Wizard Configuring WiFiSec - VPN Client User Authentication 8 WiFiSec and Group VPN are automatically enab le d on the security applian ce using the default settings associated with each featur e. To add a user with VPN Client privileges, type a user name a[...]

  • Pagina 41

    22 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup  PPPoE , if your ISP provided you with client software, a user name, and a passwor d.  PPTP , if your ISP provided you with a server IP address, a user name, and password. 6 Choose the correct n etworking mode and click Next[...]

  • Pagina 42

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 23 Using the SonicWALL Setup Wizard Changing the Password 3 Type a new password in the New Password field. The passwor d should be a uniq ue combinatio n of letters, or number, or symbols, or a combination of all three fo r the most secure password. Avoid names, birthdays, or an y obvi[...]

  • Pagina 43

    24 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup Congratulations! When the settings are applied to the security ap pliance, the Congratula tions page is displayed. Click Restart to complete the configura tio n. Registering Y our SonicW ALL Security Appliance Once you have es tab[...]

  • Pagina 44

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 25 Registering Your SonicWALL Security Appliance 1 In the Security Services section on the System > Status page, click the Register link in Your SonicWALL is not registered. Click here to Regis ter your SonicWALL . 2 Click the here link in If you do not have a mySo nicWALL ac count,[...]

  • Pagina 45

    26 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 2: Basic SonicWALL Security Appliance Setup  Network Anti -Viru s - protects computers o n your ne twork from v iruses  Premium Content Filtering Service - protects your network and impro ves prod uctivity by limiting access to un p ro duct ive and inappr op r iate We[...]

  • Pagina 46

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 27 P ART 2 Part 2 System[...]

  • Pagina 47

    28 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 48

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 29 System > Status C HAPTER 3 Chapter 3: V iewing System S t atus Information System > S t atus The Status page contains five sections : System Messages, System Informati on, Latest Alerts, Security Services, and Network Interfa ces .[...]

  • Pagina 49

    30 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 3: Viewing System Status Information Wizards The Wizards button on the Sy stem > Status page prov ides access to th e SonicWALL Configuration Wizard . This wizard allows you to easily configure the SonicWALL security appliance using the following wizards: • Setup Wizar[...]

  • Pagina 50

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 31 System > Status • Registration Code - the registration code is ge nerated when your SonicW ALL secu rity appliance is registered a t <https://www .mysonicwall.com> . Security Services If your SonicWALL security applian ce is not regi stered at mySonicWALL.co m, the follow[...]

  • Pagina 51

    32 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 3: Viewing System Status Information Network Interfaces The Network Inte rfaces displa ys the IP address an d link information for interfaces on your SonicWALL security appliance. The available inte rfaces disp layed in this section depends on the SonicWALL security applian[...]

  • Pagina 52

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 33 System > Licenses C HAPTER 4 Chapter 4: System > Licenses System > Licenses The System > Licenses page provides links to activate, upgr ade, or renew SonicWALL Security Services and upgrade s.[...]

  • Pagina 53

    34 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses Node License S t atus Node licensing can be monitore d and controlled from the System > Licenses page. Th e Node License Status section displays the number of licensed nodes, and th e number of nodes curre ntly in use. To prevent nodes from co ns [...]

  • Pagina 54

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 35 System > Licenses You can clicking on the icon in the Exclude colu mn of the Currently Licensed Nodes t able to automatically add the entr y to the Node License Exclus ion List . Clicking the icon displays an alert explaining that the host to be excluded and added to the exclusio[...]

  • Pagina 55

    36 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses Manage Security Services Online To activate, upgrade, or renew services, click the link in To Activate, Upgrade, or Rene w services, click here . Click the link in To synchronize licenses with mySon icWALL.com click here to synchronize your mySonicWA[...]

  • Pagina 56

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 37 System > Licenses From a Computer Conn ected to the Internet 1 Make sure yo u have an account a t http://www.m ysonicwall.c om and yo ur SonicWAL L security appliance is registered to the account befor e proceeding. 2 After logging into www.mysonicwall.com, click on your register[...]

  • Pagina 57

    38 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 4: System > Licenses[...]

  • Pagina 58

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 39 System > Administration C HAPTER 5 Chapter 5: Using System Administration System > Administration The System > Administration page pr ovide s settings for the configuration of SonicWALL security appliance for secure and remote ma nagement. You can manag e the SonicWALL secu[...]

  • Pagina 59

    40 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration Firewall Name The Firewall Name uniquely identifies the SonicWALL secur i ty appliance and defau lts to the serial number of the SonicWALL security applian ce. The se rial numbe r is also the MAC addr ess of the unit. The Firewall Name is main[...]

  • Pagina 60

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 41 System > Administration W eb Management Settings The SonicWALL security applia nce can be managed using HTTP or HT TPS and a Web browser. Both HTTP and HTTPS are en ab le d by default. The default port for HTTP is port 80, but you can configure access throug h another port. Enter[...]

  • Pagina 61

    42 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration Advanced Management Enable SNMP SNMP (Simple Network Ma nagement Proto col) is a network protocol used over User Datagram Protocol (UDP ) tha t allo ws netw ork administr at or s to monitor the status of the SonicWALL security appliance and re[...]

  • Pagina 62

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 43 System > Administration Enable Management Using SonicW ALL GMS To enable the SonicW ALL security ap plia n ce to be managed by SonicWALL Global Management System (GMS). Sele ct th e Enable Management using GMS checkbox, then click Configure . The Configure GMS Settings window is [...]

  • Pagina 63

    44 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 5: Using System Administration[...]

  • Pagina 64

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 45 System > Time C HAPTER 6 Chapter 6: Setting System T ime System > T ime The System > Time page defines the time and d ate se tt ings to time stamp log events, to automatically update SonicWAL L Security Se rvices, a nd for other internal purp oses. By default, the SonicWALL[...]

  • Pagina 65

    46 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 6: Setting System Time Setting the SonicW ALL S ecurity Appliance Ti me To select your time zone and automatically up date the time, choose th e time zone from the Time Zone menu. The Set time auto matically u sing NTP set ting is activated by default to use the NTP (Networ[...]

  • Pagina 66

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 47 System > Settings C HAPTER 7 Chapter 7: Configuring System Settings System > Settings The System > Settings pa ge includes features for ma nagi ng the SonicWALL security applian ce firmware and your custom pr eferences. Settings Import Settings To import a previously save d[...]

  • Pagina 67

    48 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 7: Configuring System Settings Export Settings To export configuration settings from the SonicWAL L security app liance, us e the instructio ns below: 1 Click Export Settings . 2 Click Export . 3 Click Save , and then select a location to save the file. The file is named ?[...]

  • Pagina 68

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 49 System > Settings Firmware Management Settings The Firmware Manage ment table has the following columns: • Firmware Image - In this column, types of firmware images are listed:  Current Firmware , firmware currently loaded on the SonicWALL security applian ce.  Current Fi[...]

  • Pagina 69

    50 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 7: Configuring System Settings Firmware Management The Firmware Management tabl e has th e following columns: • Firmw are Im age - In this column, fiv e types of firmware images are listed:  Current Firmware , firmware currently loaded on the SonicWALL security applian[...]

  • Pagina 70

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 51 System > Diagnostics C HAPTER 8 Chapter 8: Performing Diagnostic T est s and Rest arting the SonicW ALL Security Appliance System > Diagnostics The System > Diagnostics pa ge provides several diagnostic tools which help troubleshoot network problems as well as CPU and Proce[...]

  • Pagina 71

    52 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance T ech Support Report The Tech Support Report generates a detailed re port of the SonicWAL L security appliance configuration and status, and saves it to the local hard disk using the Down load Re[...]

  • Pagina 72

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 53 System > Diagnostics Diagnostic T ools You select the diagnostic tool from the Diagnostic Tools menu in the Diagnostic Tool secti on of the System > Diagnos tics page. The following diagnostic tools ar e available: • Active Connec tions Monitor •C P U M o n i t o r • DNS[...]

  • Pagina 73

    54 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance Check the Group box next to any two or more criter ia to combine th em with a logical OR . For example, if you enter values for Source IP , Destin ation IP , and Protocol , an d check Group next [...]

  • Pagina 74

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 55 System > Diagnostics 2 The SonicWALL security applia nce queries the DNS Server and displays the result in the Result section. It also displays th e IP ad dr es s of th e D NS Ser ve r used to perform the query. The DNS Name Lookup section also displays the IP addresses of the DN[...]

  • Pagina 75

    56 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance To 204.71.200.74 / 80 (02:00:cf:58:d3:6a) The SonicWA LL security ap pliance receives SYN from LA N client. 2 TCP sent on WAN [SYN] From 207.88.211.116 / 1937 (00 :40:10:0c:01:4e) To 204.71.200.7[...]

  • Pagina 76

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 57 System > Diagnostics Ping The Ping test bounces a packet off a ma chine on the Inter net and return s it to the sender. This test shows if the SonicWALL security appliance is able to contact the remote host. If user s on the LAN are having problems accessing services on the Inter[...]

  • Pagina 77

    58 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 8: Performing Diagnostic Tests and Restarting the SonicWALL Security Appliance System > Rest art Click Restart to display the Syst em > Restart page . The SonicWALL security appliance can be restarted from the Web Management interface. Click Restart SonicWAL L and the[...]

  • Pagina 78

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 59 P ART 3 Part 3 Network[...]

  • Pagina 79

    60 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 80

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 61 Network > Settings C HAPTER 9 Chapter 9: Configuring Network Settings Network > Settings The Network > Settings page allows you to configure the yo ur network and Internet connectivity settings in the Interface table.[...]

  • Pagina 81

    62 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Setup Wizard The Setu p Wizard button accesses the SonicWALL Setup Wizar d . offers a easy-to-use method for configuring your SonicWAL L security appliance for th e most co mmon Intern et conne ct ivity op tions. If you are un sure about conf[...]

  • Pagina 82

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 63 Network > Settings Interface Options by Soni cW ALL Security Appliance DNS Settings DNS (Domain Name System) is a hierarchical system for identifying hosts on the Int ernet or on a private, corpor ate TCP/IP inte rnetwork. It is a m eth od for identifying hosts wit h friendly nam[...]

  • Pagina 83

    64 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring the W AN Interface The Mode menu in the Inter faces table for the WAN interface determines the network addre ss scheme of your SonicWALL security appliance. It includes six options: • T ranspar ent Mode enab les the SonicW ALL s[...]

  • Pagina 84

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 65 Configuring the WAN Interface Configuration Example Your ISP has given you a public IP address o f 66.2 17.71.191 and a range o f public IP addre ss from 66.217.71.192 to 66.21 7.71.200. To configure th e SonicWALL security appliance in Transpa rent Mode, select Transparent Mode fro[...]

  • Pagina 85

    66 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring NA T Enabled If your ISP provides a static IP addre ss for your Internet connection, use the NAT Enabled . 1 Select NAT Enabled fr om the drop-down menu in the Mode column of th e Interfaces ta ble. 2 Click on the edit icon in the[...]

  • Pagina 86

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 67 Configuring the WAN Interface Configuring NA T with PPPoE Client The SonicWALL security applia nce can use Point-to-P oint Protocol over Ether ne t to connect to the Internet. If your ISP requires the installation of desktop software as well as a user name an d password to a ccess t[...]

  • Pagina 87

    68 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring NA T with PPTP Client If your Internet connection is provide d through a PPTP server, you mu st configure the SonicWALL security appliance to use NAT with PPTP Client. Log into the SonicWALL security appliance, and click Network .[...]

  • Pagina 88

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 69 Configuring the WAN Interface The WAN Interfa ce Settings information at the top of the Ethernet page is the Ethernet address of the WAN interface on th e SonicWALL security ap pliance. Auto Negotiate is selected by default because the Ethern et links automatically negotiate the spe[...]

  • Pagina 89

    70 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring the LAN Interface Basic LAN Configuration 1 Click on the edit icon in the Configure column of the LAN information. The LAN Pr operties window is displa yed. 2 In the General Settings section, enter a valid pr ivate IP address in t[...]

  • Pagina 90

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 71 Configuring the OPT Interface Configuring Ethernet Settings The Ethernet tab in the LAN Properties window allows you to manage the Ethe rn et settings of LAN interface. Fo r most ne tworks, you do not n eed to make any chan ges on this page. The LAN Interface Settings info rmation a[...]

  • Pagina 91

    72 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring T ransp arent Mode Transpare nt Mode requires valid IP addresses for all computers on your networ k, and allows remote access to authenticated users. To enable Transparent Mode : 1 Click the Edit Icon in the line for the OPT inte [...]

  • Pagina 92

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 73 Configuring the DMZ Interface Configuring NA T Mode NAT Enabled mode gives the OPT inte rf ac e a single IP address an d a su bn et of ava ilab le IP address. The IP addresse s of devices connecting to the OPT interface ar e translated to the single OPT interface IP ad dr es s. 1 Cl[...]

  • Pagina 93

    74 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Configuring T ransp arent Mode Transpare nt Mode requires valid IP addresses for all computers on your networ k, and allows remote access to authenticated users. To enable Transparent Mode : 1 Click the Edit Icon in the line for the DM Z inte[...]

  • Pagina 94

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 75 Configuring the Modem Interface (TZ 170 SP) Configuring NA T Mode NAT Mode gives the DMZ interfa ce a single IP address and a subnet of available IP address. The IP addresses of devices connecting to the DMZ interf ace ar e translated to the single DMZ interface IP address. 1 Click [...]

  • Pagina 95

    76 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings Settings Modem Settings Speaker Volume - choose On or Of f for your modem speaker volume. Th e default is On . Modem Initialization - You can specify the country to initialize your modem by choosing Initialize Modem For Use In and specifying [...]

  • Pagina 96

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 77 Configuring the Modem Interface (TZ 170 SP) Failover The Failover page in the Modem Setting window inclu des the same settings on the Modem > Failover page. If you con figured the failover setti ngs on the Modem > Fail over page, they are displayed in the Fa ilover page. If yo[...]

  • Pagina 97

    78 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings value. In this case, the WAN failover only o ccurs when loss of the physical WAN Ethernet connection occurs on the SonicWALL secur ity appliance. 8 Enter the number of missed pr ob es requ ire d for th e WAN failo ver to occur in the Failover[...]

  • Pagina 98

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 79 Configuring WLAN Properties (TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless) Configuring WLAN Properties (TZ 50 Wireless/TZ 150 W ireless/TZ 170 Wireless) The SonicWALL T Z 50 Wireless/TZ 1 50 Wireless/TZ 170 Wireless includes the WLAN interface in the Interfaces table on the Networ[...]

  • Pagina 99

    80 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 9: Configuring Network Settings • SSID : Enter a recognizable str i ng for the SSI D for the SonicWAL L TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless security applianc e. This is the name that w ill appear in clients’ lists of available wireless connections. • Radio [...]

  • Pagina 100

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 81 Network > One-to-One NAT C HAPTER 10 Chapter 10: Configuring One-to-One NA T Network > One-to-One NA T One-to-One NAT maps valid, external addresses to private addresses hidden b y NAT. Computers on your private LAN or OPT inte rface are accessed on the Internet at the corresp[...]

  • Pagina 101

    82 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 10: Configuring One-to-One NAT 4 Enter the beginn i ng IP add re ss of the va lid ad dr e ss rang e be in g ma pp e d in the Public Range Begin field. This address sh ould be assigned by your ISP and be in the same logica l subnet as the NAT public IP address. S Alert: Do n[...]

  • Pagina 102

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 83 Network > One-to-One NAT 10 Configure the following settings: • Allow • Service - HTTP • Source - W AN • Destination - LAN 192.1 68.1.10 - 192.168.1.12 In the Options tab, select always from the Apply this Rule menu. 11 Click OK . Requests for <ht tp :// 20 8. 1. 2. 4&[...]

  • Pagina 103

    84 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 10: Configuring One-to-One NAT[...]

  • Pagina 104

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 85 Network > Web Proxy C HAPTER 11 Chapter 11: Configuring W eb Proxy Settings Network > W eb Proxy A Web proxy server inter cepts HTTP requ ests and de te rmines if it has store d copies of the r equested Web pages. If it does not, the prox y completes the r equest to th e serve[...]

  • Pagina 105

    86 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 11: Configuring Web Proxy Settings Configuring Automatic W eb Proxy Forwarding S Alert: The prox y server mu st be locate d on the WAN ; it can no t be locate d on the LAN. To configure a Proxy Web sever, select the Network > Web Proxy page. 1 Connect your Web proxy serv[...]

  • Pagina 106

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 87 Network > Intranet C HAPTER 12 Chapter 12: Configuring Intranet Settings Network > Intranet The SonicWALL se curity appl iance can be configured as an Intrane t firewall to prevent networ k users from accessing sensitive servers. By default, users on your LAN can access the In[...]

  • Pagina 107

    88 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 12: Configuring Intranet Settings Inst allation 1 Connect the LAN Ethernet po rt on the back of t he SonicWALL secu rity appliance to the network segment to be protected again st unauthorized access. S Alert: Devices connected to the WAN port do not have fire wall protectio[...]

  • Pagina 108

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 89 Network > Routing C HAPTER 13 Chapter 13: Configuring S tatic Routes Network > Routing If you have routers on your LAN o r WAN, you c an co nfigure static routes on the SonicWALL security appliance using the settings on the Network > Routing page. Static routing means confi[...]

  • Pagina 109

    90 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 13: Configuring Static Routes S t atic Routes Static Routes are configured wh en network traffic is directed to subnets located behind routers on your network. For in stance, you have a r outer on your netwo rk with the IP address of 192.168.168.254, an d there is another s[...]

  • Pagina 110

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 91 Network > Routing If you have an Intern al (L AN) ro ut er on your ne t work with th e IP addre ss of 192.168.168.254, and there is another subnet on your network with IP address range of 10.0.5.0 - 10.0.5.254 with a subnet mask of 255.255.255.0 . To configure a static rout e to [...]

  • Pagina 111

    92 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 13: Configuring Static Routes 2 Select one of the following types of RIP Advertisements:  RIPv1 Enabl ed - RIPv1 is the first version of Routing Inform ation Pro tocol.  RIPv2 Enabled (multicast) - to send route advertisements using mu lticasting (a single data packet[...]

  • Pagina 112

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 93 Network > ARP C HAPTER 14 Chapter 14: Configuring Address Resolution Protocol Settings Network > ARP The ARP (Address Resolution Protocol) Cache stores IP or logical addresse s received from ARP replies in order to minimize the numbe r of ARP broadcasts on a network. ARP broad[...]

  • Pagina 113

    94 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings S t atic ARP Entries The Static ARP featur e allows for static mappi ngs to be created between la yer 2 MAC addr esses and layer 3 IP addresses, but also pr ovides the following capabilities: • Publish Entry - Enabling [...]

  • Pagina 114

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 95 Network > ARP Consider the followin g ne tw ork example : With SonicOS Standard, although it is not possible to create a NAT rule for a secondar y subnet on the DMZ (or OPT) interface, it is poss ible to support the secondary subnet in a routed configuration. To support the abov [...]

  • Pagina 115

    96 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings Navigate to the Network > Routing page, an d add a sta tic route for the 19 2.168.50 .0/24 netw ork as follows: The entry will appear in the table as follows: To allow the traffic to reach the 192.168.50.0/24 su bnet, [...]

  • Pagina 116

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 97 Network > ARP After adding the static ARP en try for the router, ma rk the checkbox next to the WAN interface in the 'Prohibit dynamic ARP en tries' area. Click the OK button in the alert dial og to proceed. The setting will not take effect until the Apply button at the[...]

  • Pagina 117

    98 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 14: Configuring Address Resolution Protocol Settings[...]

  • Pagina 118

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 99 Network > DHCP Server C HAPTER 15 Chapter 15: Configuring the DHCP Server Network > DHCP Server The SonicWALL security applia nce DHCP Server distributes IP addre sses, subnet masks, gateway addresses, and DNS server ad dresses to the computers on yo ur network. You can use th[...]

  • Pagina 119

    100 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 15: Configuring the DHCP Server DHCP Server Lease Scopes The DHCP Server Lease Scope s table displays the cur rently config ured DHCP IP r anges. Th e table shows: • Ty p e : Dynamic or Stat i c • Lease Scope : The IP addre ss range, fo r examp le 172. 16 .3 1 . 2 - 17[...]

  • Pagina 120

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 101 Network > DHCP Server 10 Click the DNS/WINS tab to continue configuring the DHCP server. 11 If you have a domain name for the DNS Server, en ter it in the Domain Name field. 12 Inherit DNS Settings Dynamically from the SonicWAL L’s DNS Settings is selected by default. When sel[...]

  • Pagina 121

    102 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 15: Configuring the DHCP Server 4 Enter the device IP address in the Static IP Ad dress field. 5 Enter the device Ethernet (MAC) address in the Etherne t Address field. 6 Enter the numbe r of m inu te s an IP addr e ss is use d before it is issued another IP address in the[...]

  • Pagina 122

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 103 Network > Dynamic DNS C HAPTER 16 Chapter 16: Configuring Dynamic DNS Network > Dynamic DNS Dynamic DNS (DDNS) is a service provided by vari ous companies and organizations that allo ws for dynamic changing IP addresses to automatically upda te DNS re co rds without ma nua l [...]

  • Pagina 123

    104 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS Additional Services offere d by Dynamic DNS Providers Some common additional services offered by Dynamic DNS providers include : • Wildcards - allows for wildcard referenc es to sub-domains. For exampl e, if you register yourdo- main.dyndns.or[...]

  • Pagina 124

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 105 Network > Dynamic DNS Configuring Dynamic DNS Using any Dynamic DNS service begi ns with settings up an account with the DDNS service provider (or provide rs) of your cho ice. It is p ossible to us e multiple providers simultane ously. Refer to the links for the various provider[...]

  • Pagina 125

    106 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS Specify IP Address manually - Allows fo r the IP address to be registered to be manua lly specified and asserted. 11 The Off-line Settings sectio n control s w hat IP Addre ss is registered with the dynamic DNS service provider if the dynamic DN[...]

  • Pagina 126

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 107 Network > Dynamic DNS Dynamic DNS Settings T able The Dynamic DNS Settings table provides a table view of configured DDNS profiles. Dynamic DNS Settings tab le includes the following columns: • Profile Name - The name assigned to the DDNS entry duri ng its creation. This ca n [...]

  • Pagina 127

    108 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 16: Configuring Dynamic DNS[...]

  • Pagina 128

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 109 P ART 4 Part 4 Modem[...]

  • Pagina 129

    110 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 130

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 111 Modem > Status C HAPTER 17 Chapter 17: V iewing Modem S t atus Modem > S t atus The Status page displays dialup connection infor mation when the modem is active. You create modem dialup profiles in the Modem Profile Configuration window, which you access from the Modem>Dia[...]

  • Pagina 131

    112 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 17: Viewing Modem Status Modem S t atus In the Modem Status section, the current a ctive network information from your ISP is displayed when the modem is active: • W AN Gat eway (Router) Address • W AN IP (NA T Public) Address • W AN Su bnet Mask • DNS Server 1 •[...]

  • Pagina 132

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 113 Modem > Settings C HAPTER 18 Chapter 18: Configuring Modem Settings Modem > Settings The Modem > Settings page lets you selec t from a lis t of modem profiles, select the volume of the modem, and also configur e AT commands for modem initialization.[...]

  • Pagina 133

    114 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 18: Configuring Modem Settings Configuring Profile and Modem Settings To configure the SonicWALL security ap plia nce modem settings, perform the following steps: 1 Select the volume of the mode m from the Speaker Volume menu . The defa ult value is M edium . 2 Select Init[...]

  • Pagina 134

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 115 Modem > Failover C HAPTER 19 Chapter 19: Configuring Modem Failover Modem > Failover To improve the operational availability of networks and ensure fast recovery fr om network failures , the Modem > Failover page allows you to configure th e SonicWALL security appliance mo[...]

  • Pagina 135

    116 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 19: Configuring Modem Failover Before you configure your Modem Failov er Settings , create your dial up profiles in the Modem Profile Configuration window, which you access from th e Modem > Di alup Prof iles page. S Alert: The SonicWALL security appliance modem can onl[...]

  • Pagina 136

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 117 Modem > Advanced C HAPTER 20 Chapter 20: Configuring Advanced Modem Settings Modem > Advanced The Modem > Adva nced page allows you to configur e the modem to be remotely tr iggered to dialout. Check the Enable Remotely Triggered Dial-out box to enable this featur e. If yo[...]

  • Pagina 137

    118 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 20: Configuring Advanced Modem Settin gs[...]

  • Pagina 138

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 119 Modem > Dialup Profiles C HAPTER 21 Chapter 21: Configuring Modem Dialup Properties Modem > Dialup Profiles The Modem > Dialup Profiles page allows you to configure modem profiles on the SonicWALL security applianc e using your dial-up ISP inform ation for the co nnection.[...]

  • Pagina 139

    120 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties Configuring a Dialup Profile In the Modem > Dia lup Profiles page, click th e Add button. The Modem Prof ile Configuration window is displayed for configuring a dia lup profile. Modem > Dialup Profiles > Modem Profile Config[...]

  • Pagina 140

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 121 Modem > Dialup Profiles > Modem Profile Configuration 8 Click the ISP Address tab. 9 In the ISP Address Setting secti on, sel ect Obtain an IP Address Au tomatically if you do not have a permanent dialup IP addre ss from your ISP. If you have a permanent dialup IP address fro[...]

  • Pagina 141

    122 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties • Dial on Dat a - Using Dial on Dat a require s that outbound data is detected before t he modem dials the ISP . Outbound dat a does not need to originate from comp uters on the LAN, but can also be packet s generate d by the Sonic[...]

  • Pagina 142

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 123 Modem > Dialup Profiles > Modem Profile Configuration 20 Click on the Schedule tab. 21 Select Limit Times for Dialup Profile to specify the scheduled times the mo dem is allowed to make connections. 22 Specify the days in the Day of Week column, and enter the time se ttings i[...]

  • Pagina 143

    124 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 21: Configuring Modem Dialup Properties The next line has OK as the expected string, and the interpret ers waits for OK to be returned in response to the previous comman d, ATV1 , before continuing the scr ipt. If OK is not returned within the default time period of 50 sec[...]

  • Pagina 144

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 125 P ART 5 Part 5 W i reless[...]

  • Pagina 145

    126 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 146

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 127 C HAPTER 22 Chapter 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Yo u r W L A N The SonicWALL T Z 50 Wireless/TZ 1 50 Wireless/TZ 70 Wireless support two wireless protocols called IEEE 802.11b and 802.1 1g, commonly known as Wi-Fi, and sends data via radio trans[...]

  • Pagina 147

    128 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Considerations for Using Wireless Connections • Mobility - if the majority of your network is laptop co mpu ters, wirele ss is mo re por t able than wire d connections. • Convenience - wireless [...]

  • Pagina 148

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 129 Optimal Wireless Performance Recommendations Optimal Wireless Performance Recommendations • Place the TZ 50 Wireless/TZ 150 Wireless/TZ 1 70 Wireless near the ce nter of your intended net- work. This can also reduce the possibility of eavesdropping by neigh boring wireless networ[...]

  • Pagina 149

    130 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Wireless Node Count Enforcement Users on the WLAN are not counted to wards the nod e enforcement on the Son icWALL. Only users on the LAN are counted towa rds the node limit. MAC Filter List The Son[...]

  • Pagina 150

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 131 Using the Wireless Wizard Using the Wireless W izard You can use the Wireless Wizard to quickly an d eas ily set up your wireless network. Log into th e TZ 50 Wireless/TZ 150 Wireless/TZ 17 0 Wireless, and click Wireless on the menu bar. Click Wireless Wizard to launch the wizard a[...]

  • Pagina 151

    132 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN WLAN 802.1 1b Settings 3 Type a unique identifier for the TZ 50 Wirele ss /TZ 150 Wireless/TZ 17 0 Wireless in the SSID field. It can be up to 32 alphanumeric char acters in le ngth and is case-sens[...]

  • Pagina 152

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 133 Using the Wireless Wizard WiFiSec - VPN Client User Authentication 5 Create a new user with VPN Client privileges by typing a user name and password in the User Name and Password fields. S Alert: Selecting WiFiS ec autom atically enab les the SonicWALL Group VPN feature and its def[...]

  • Pagina 153

    134 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN Wireless Configuration Summary 7 Review your wireless setting s for accuracy. If you want to make changes, click Back until the settings are disp la ye d. Then click Next until you reach the Summary[...]

  • Pagina 154

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 135 Wireless > Status Congratulations 9 Congratulations! Yo u have successfully c ompleted configur ation of your wireless s ettings. Click Finish to exit the Wizard. Configuring Additional Wireless Features The SonicWALL TZ 50 Wireless /TZ 150 Wir eless/TZ 170 Wireless has the foll[...]

  • Pagina 155

    136 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN WLAN Settings In addition to providing different status views for Access Poin t and Wireless Bridge modes, two new functions have been added to the Wireless > Status page: Hyperlinked WL AN Setti[...]

  • Pagina 156

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 137 Wireless > Status WLAN S t atistics S t ation St atus The Station Status table displays in formation about wirele s s connections associated with the TZ 50 Wireless/TZ 150 Wirele ss/TZ 170 Wireles s. • Stat io n - the name of the connecti on used by the MAC addr ess • MAC Ad[...]

  • Pagina 157

    138 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 22: Setting Up the WLAN Using the Wireless Wizard and Monitoring Your WLAN • Associ ated - status of 802.1 1b association • AID - assigned by the SonicWALL • Signal - freque ncy in Mbp s • Timeout - number of seconds left on the session • Delete - delete the entr[...]

  • Pagina 158

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 139 Wireless > Settings C HAPTER 23 Chapter 23: Configuring Wireless Settings Wireless > Settings The Wireless > Settings page allows you to configur e your wireless settin gs.  Note: The SonicWALL TZ 50 Wireless an d TZ 150 Wireless does not supp ort wireless bridging mode[...]

  • Pagina 159

    140 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings  Note: WPA support is only available in Access Point Mode. WPA suppor t is not available in Bridge Mode. Wireless Settings Enable WLAN Radio : Enable the TZ 50 Wireless/TZ 15 0 Wire less/TZ 170 Wireless radio for wir eless connections. [...]

  • Pagina 160

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 141 Wireless > Settings • 802.1 1g Only - If your wireless network consist s only of 802.1 1g clients, you may select this m ode for increased 802.1 1g performance. Y ou may also se lect this mode if you wish to prevent 802.1 1b clients from associating. • 802.1 1b Only - Select[...]

  • Pagina 161

    142 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings Configuring a Secure Wireless Bridge When switching from Access Point mode to Wireless Bridge mode, all clients are disconnected, and the navigation panel on the left changes to reflect the new mode of operation. To configure a secure wire[...]

  • Pagina 162

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 143 Wireless > Settings Network Settings for the Example Network Wireless Bridging (without W iFiSec) To provide compatibility with other non-WiFiSec wireless access poin ts, the TZ 170 Wire less supports a non-secure form of wirel ess bridging, but in secure wireless communications[...]

  • Pagina 163

    144 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings Referring to our example network, the Access Point TZ 170 Wireless has the following two VPN Policies defined: Advanced Configuration for both VPN Policies 1 Click Advanced . 2 Select Enable Keep Alive and Try to bring up all possible tunn[...]

  • Pagina 164

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 145 Wireless > Settings 7 Click OK to close t he window , and then click Apply for the settings to tak e effect on the SonicWALL. Wireless Bridge VPN Policy The Wireless Bridge VPN Polic y is configured a s follows: 1 Click VPN , then Configure . 2 Select IKE using Preshared Secret [...]

  • Pagina 165

    146 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 23: Configuring Wireless Settings[...]

  • Pagina 166

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 147 Wireless > WEP/WP A Encryption C HAPTER 24 Chapter 24: Configuring WEP and WP A Encryption Wireless > WEP/WP A Encryption Wired Equivalent Prot ocol (WEP) can be used to protect data as it is transmitted over the wireless network, but it provides no protecti on past the Sonic[...]

  • Pagina 167

    148 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 24: Configuring WEP and WPA Encryption WEP Encryption Settings Open-system auth en tication is th e only m ethod r equired by 802.11b. In op en- system au thentication, the SonicWALL allows the wireless client access without verifying its identity. Shared-key authenticatio[...]

  • Pagina 168

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 149 Wireless > WEP/WP A Encryption WP A-PSK Settings Encryption Mode : In the Authenticat ion Type field, select WPA-PSK . WPA Settings : • Cypher T ype : s elect TKIP . T emporal Key Integr ity Protoco l (TKIP) is a protocol for enforcing key integrity on a per-packet basis. • [...]

  • Pagina 169

    150 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 24: Configuring WEP and WPA Encryption WP A Settings: • Cypher T ype : select TKIP . T emporal Key Integrity Protocol (TKIP) is a protocol for enforcin g ke y integrity on a per-p acket basis. • Group Key Up d ate : Select the how to determ ine when to update the key .[...]

  • Pagina 170

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 151 Wireless > Advanced C HAPTER 25 Chapter 25: Configuring Advanced Wireless Settings Wireless > Advanced To access Advanced co nfiguratio n setting s for th e T Z 50 Wir eless/T Z 150 Wirele ss/TZ 170 Wir eless, log into the SonicWALL, click Wireless , and then Advanced . Beaco[...]

  • Pagina 171

    152 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 25: Configuring Advanced Wireless Settings Wireless Client Communications 1 Enter the number of clients to associate with the TZ 50 Wireless/TZ 150 Wir eless/TZ 170 Wireless in the Maximum Client Associations field. The defa ult value is 32 which means 32 users can access [...]

  • Pagina 172

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 153 Wireless > Advanced antenna should then be co nnected to the RP-T NC type connector near the power- socket. This antenna is not used exclusively for transmitting a nd receiving. Select High from the Transmit Power menu to se nd the strongest si g nal on the WLAN. For example, se[...]

  • Pagina 173

    154 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 25: Configuring Advanced Wireless Settings[...]

  • Pagina 174

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 155 Wireless > MAC Filter List C HAPTER 26 Chapter 26: Configuring the MAC Filter List Wireless > MAC Filter List Wireless networking provides nati ve MAC filtering capab ilities which prevents wireless clients from authenticating and asso ciating with the TZ 50 Wireless/TZ 150 W[...]

  • Pagina 175

    156 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 26: Configuring the MAC Filter List 5 Click OK to add the MAC address. Once the MAC addr ess is added to th e MAC Address List , you can select Allow or Block next to the entry. For example, if the user with the wire l ess card is not always in the office, you can select B[...]

  • Pagina 176

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 157 Wireless > IDS C HAPTER 27 Chapter 27: Configuring Wireless IDS Wireless > IDS Wireless Intrusion Detectio n Services (WIDS) greatly increase t he security capabilities of the TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless by enabling it to recognize and even take countermeas[...]

  • Pagina 177

    158 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 27: Configuring Wir eless IDS Access Point IDS When the Radio Role of the TZ 50 Wireless/TZ 150 Wi reless/TZ 170 Wireless is set to Access Point mode, all three types of WIDS services are availa ble, but Rogu e Access Poin t detection, by default, acts in a passive mode (p[...]

  • Pagina 178

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 159 Wireless > IDS Active scanning occurs wh en the TZ 5 0 Wireless/TZ 150 Wirel ess/TZ 170 Wireless starts up, and at any time Scan Now is clicked on the Wireless > IDS page. When the TZ 50 Wir eless/TZ 150 Wireless/TZ 170 Wireless is op erating in a Bridge Mode, the Scan Now fe[...]

  • Pagina 179

    160 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 27: Configuring Wir eless IDS[...]

  • Pagina 180

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 161 P ART 6 Part 6 W ireless Guest Services[...]

  • Pagina 181

    162 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 182

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 163 WGS > Status C HAPTER 28 Chapter 28: V iewing Wireless Guest Services S tatus Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN . WGS > S t atus The WGS > Status page disp l[...]

  • Pagina 183

    164 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 28: Viewing Wireless Guest Services Status[...]

  • Pagina 184

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 165 WGS > Settings C HAPTER 29 Chapter 29: Configuring Wireless Guest Services Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN . WGS > Settings The WGS > Settings page allows [...]

  • Pagina 185

    166 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services Byp ass Guest Authentication Bypass Guest Authentica tion allows a TZ 50 Wireless/TZ 15 0 Wireless/TZ 170 Wireless running WGS to integrate into environ ments already using some form of user-level authenticatio n. This feature automa[...]

  • Pagina 186

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 167 WGS > Settings Enable SMTP Redirect Enable SMTP Redirect causes SMTP traffic coming in from a guest account to be redirected to the SMTP server you specify. Chec k Enable SMTP Redirect and click the Configure button in the sa me line. In the SMTP Redirect Sett ings window , ente[...]

  • Pagina 187

    168 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services supernetting (e .g. enteri ng 192. 168.0.0/255.255 .240.0 to cove r individual class C networks 192.168.0.0/24 throug h 192.168.15.0/24). 1 Select Enable IP Address Deny List for Authenti cated Users . 2 Click Configure . 3 Click Add[...]

  • Pagina 188

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 169 WGS > Settings 4 Select Specify URLs for custom conte nt if you have graphics or text available on a web server to use at the header and foot er of the login pag e. Enter the URLs for the content in the Custom Header URL and Custom Footer URL fields. 5 Select Enter simple text f[...]

  • Pagina 189

    170 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 29: Configuring Wireless Guest Services  Enable Account : Check this for all guest accounts gene rate d from this profile to be enabled upon creation.  Auto-Prune Ac count : Check this to have the account removed from the da tabase after its lifetime expires.  Enf[...]

  • Pagina 190

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 171 WGS > Accounts C HAPTER 30 Chapter 30: Managing Wireless Guest Account s Wireless Guest Services (WGS) allow you to c reate access accounts for temporary use that allow wireless clients to connect fr om the WLAN to the WAN . WGS > Account s The task of generating a new WGS ac[...]

  • Pagina 191

    172 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts Automatically Generating Guest Account s You can generate a specifie d number of guest accounts. 1 Under the list of accounts, click Generate . 2 In the Auto Gener ate Guest Acco unt window, conf igure the settin gs for all the accounts[...]

  • Pagina 192

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 173 WGS > Accounts Manually Configuring Wireless Guest s To configure new wireless guest accoun ts, click Add . The Add Guest Account window is displayed. • Account Profile : • The following settings are enabled by default: • Enable Account : When sele cted, the wireless guest[...]

  • Pagina 193

    174 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts Flexible Default Route Previously, network traffic from the LAN and WLAN was directed to the WAN interface. With the release of Soni cOS Standard, the Default Route can be the WAN, LAN, or WLAN allowing flexible configuration of the TZ [...]

  • Pagina 194

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 175 WGS > Accounts To configure routing on the TZ 50 Wirele ss/TZ 150 Wireless/TZ 170 Wireless to suppor t the above example, clic k Network and then Routing . 1 Under Default Ro ute , click Configure . The Edit Default Route window is displayed. 2 Enter the IP address in the De fau[...]

  • Pagina 195

    176 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 30: Managing Wireless Guest Accounts The example above describes a moderately com plex network configur ation where the TZ 50 Wireless/TZ 150 Wireless/TZ 170 Wireless offers both WiFiSec and WGS access via a default route on LAN. A s the blue ( WiFiSec) an d green (W GS) t[...]

  • Pagina 196

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 177 P ART 7 Part 7 Firewall[...]

  • Pagina 197

    178 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 198

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 179 Network Access Rules Overview C HAPTER 31 Chapter 31: Configuring Network Access Rules Network Access Rules Overview Network Access Rules are managemen t tools that allow you to defi ne inbound and ou tb ound access policy, configure user auth entication, and en able remote managem[...]

  • Pagina 199

    180 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules Using Bandwid th Management with Access Rules Bandwidth management allows you to assign guaranteed and maxim um bandwidth to service s and also set priorities for outbound traffic. Bandwidth management only applies to outbound tra ffic [...]

  • Pagina 200

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 181 Firewall > Access Rules Navigating and Sorting the Access Rules T able Entries The Access Rules table pr ovides easy pagination for vie wing a large number of VPN policies. You can navigate a larg e number o f VPN policies listed in the Ac cess Rules table by using the navigatio[...]

  • Pagina 201

    182 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules 3 You can add an optional text in the Comment field. This informatio n is displayed in the Options column of the Access Rules table. Click Next . 4 Select the type of service for the ru le from the Servi ce m enu. In this example, sele [...]

  • Pagina 202

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 183 Firewall > Access Rules 5 Select Allow action to allow the service to the network , or select Deny to disallow the service to the network. 6 Enter a value in minutes in the Inactivity Time out (minutes) field. The defa ult value is 5 minute s. Click Next . 7 Select the source in[...]

  • Pagina 203

    184 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules address, enter “*” in th e IP Addr ess Begin field. By typing “ * ” in the field, all traffic using the service is either allowe d or denied to all comp uters on the network. Click Next . 10 The rule is always active unless you [...]

  • Pagina 204

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 185 Firewall > Access Rules 5 If you want to define the source IP addresses that are af fe cted by the rule, such as restricting certain users from accessing the Internet, enter th e sta rting IP addresses of the address ra nge in the Address Range Begin field and the ending IP addr[...]

  • Pagina 205

    186 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules 14 Click th e Bandwidth tab. 15 Select Bandwidth Management , and enter the Gu aranteed Bandwidth in Kbps. 16 Enter the maximum amount of bandwidth ava ilable to the Rule at any time in the Maximum Bandwidth field. 9 Tip : Rules using B[...]

  • Pagina 206

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 187 Firewall > Access Rules Rule Examples The following examples illustrate methods for creating Network Access Rules. Blocking LAN Access for Specific Services This examp le shows h ow to block L AN acces s to NNTP servers on the Internet during business hours. 1 Click Add to launc[...]

  • Pagina 207

    188 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 31: Configuring Network Access Rules[...]

  • Pagina 208

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 189 Access Rules > Advanced C HAPTER 32 Chapter 32: Configuring Advanced Rule Options Access Rules > Advanced Click Advanced underneath Access Rules.The Advanced Rule Options page is displayed. Windows Networking (NetBIOS) Broadcast Pass Through Computers running Microsoft Win do[...]

  • Pagina 209

    190 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 32: Configuring Advanced Rule Options Detection Prevention Enable Stealth Mode By default, the SonicWALL security appliance resp ond s to incoming connection requests as eithe r “blocked” or “open”. If you enable Stealth Mode , your SonicWALL securi ty appliance do[...]

  • Pagina 210

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 191 Firewall > Services C HAPTER 33 Chapter 33: Configuring Custom Services Firewall > Services Services are anything a server pr ovides to o ther computers. A service can be as simple as the computer asking a server for the correct time (NTP ) and the server returns a response. [...]

  • Pagina 211

    192 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 33: Configuring Custom Services 1 Click Add . The Add Service window is displa yed. 2 Enter the name of th e ser vic e in the Name field. 3 Enter the port number or number s that apply to the service in the Port Range fields. A list of well know port numbers can be fo und [...]

  • Pagina 212

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 193 Firewall > VoIP C HAPTER 34 Chapter 34: Configuring V oIP Firewall > V oIP The SonicWALL security applia nce supports the mo st widely used VoIP st andard protocols and the most commonly used VoIP vendors and systems on the ma rket. Providing full VoIP support on th e SonicWA[...]

  • Pagina 213

    194 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 34: Configuring VoIP H.323 H.323 is a comprehensive suite of pro tocols for voice, vide o, and data communications betwe en computer s, terminals, network d evices, an d network s ervices. H.3 23 is des igned to en able users to make point-to-point mult imedia phon e calls[...]

  • Pagina 214

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 195 Firewall > VoIP Configuring the V oIP Settings The SonicWALL security applia nce allows VoIP p hone and applications to be deplo ye d behind the firewall. The Firewall > VoIP page includes the settings for suppo rting VoIP traffic on the SonicWALL security appliance. SIP Sett[...]

  • Pagina 215

    196 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 34: Configuring VoIP[...]

  • Pagina 216

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 197 Firewall > Connections Monitor C HAPTER 35 Chapter 35: Monitoring Active Firewall Connections Firewall > Connections Monitor The Firewall > Connections Monito r page provides you the filterin g controls to query log even t messages based on your configu red filter logic.[...]

  • Pagina 217

    198 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 35: Monitoring Active Firewall Connections Setting Filter Logic By default, the SonicOS filter logic is set to “P riority && Category && S ource && Destination.” The double ampersand symbols (&&) indicate the boole an expression “and.?[...]

  • Pagina 218

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 199 P ART 8 Part 8 VPN[...]

  • Pagina 219

    200 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 220

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 201 SonicWALL VPN Options Overview C HAPTER 36 Chapter 36: Configuring VPN Settings SonicW ALL VPN Options Overview The SonicWALL security applia nce can be configured to support remote VPN clients and/or site -to- site VPN connections between offices. SonicW ALL VPN is based on the in[...]

  • Pagina 221

    202 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings VPN > Settings The VPN > Settings page provides the SonicWALL fe atures for configuring site-to-site VPN connections and clie nt VPN connectio ns. The GroupVPN policy is automaticall y enabled and ready to use for supporting re mote Sonic[...]

  • Pagina 222

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 203 Configuring GroupVPN Policy on the SonicWALL Navigating and Sorting the VPN Policies Entries The VPN Policies table provides easy pagina tion for vie wing a large number of VPN policies. You can navigate a large number o f VPN policies listed in the VPN Policies table by using th e[...]

  • Pagina 223

    204 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Configuring IKE Preshared Secret To edit the default settings for GroupVPN, follow these ste ps: 1 Click the edit icon in the GroupVPN entry. The VPN Policy window is displayed. 2 In the General tab, IKE using Preshared Secret is the default se[...]

  • Pagina 224

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 205 Configuring GroupVPN Policy on the SonicWALL In the IKE (Phase 1) Proposal section, select the following settings: Group 2 from the DH Group menu. 3DES from the Encryption menu SHA1 from the Authentication menu Leave the default setting, 28800, in the Life Time ( secs) field. This [...]

  • Pagina 225

    206 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings  Forward Packets to Remote VPNs - allows the remote VPN t unnel to participate in the SonicWALL routing table. Inboun d traffic is decrypt ed and can be forwarded to a remote site via another VPN tunnel. Normally, inb ound traffic is decrypt[...]

  • Pagina 226

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 207 Configuring GroupVPN Policy on the SonicWALL  Single Session - The user will be prompted for us ername and password each time the connection is enabled and will be valid until the connection is disabled . This username and password is used through IKE phase 1 re key.  Always [...]

  • Pagina 227

    208 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Configuring GroupVPN with IKE 3rd Party Certificates To configure your GroupVPN policy with IKE 3rd Party Certificates , follow these steps: S Alert: Before configur ing GroupVPN with IKE u sing 3rd Party Certificates, your certificates must be[...]

  • Pagina 228

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 209 Configuring GroupVPN Policy on the SonicWALL 6 Click on the Proposals tab. 7 In the IKE (Phase 1) Proposal section, select the following settings: Group 2 from the DH Group menu. 3DES from the Encryption menu. SHA1 from the Authentication menu. Leave the default setting, 28800 , in[...]

  • Pagina 229

    210 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 9 Click on the Advanced tab and select any of the following opt io nal settings that you want to apply to your Gro upVPN policy:  Enable Windows Networking (Net BIOS) broadca st - to allow access to remote ne two rk resources by br owsing th[...]

  • Pagina 230

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 211 Configuring GroupVPN Policy on the SonicWALL  VPN Terminated at the LAN, OPT/ DMZ/WLAN, or LAN/OPT/DMZ/WLAN - Selecting this option allows you to terminate a VPN tunnel on a specific destination in stead of allowing the VPN tunnel to terminate on the entire Son icWALL netwo rk. [...]

  • Pagina 231

    212 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings  DHCP Lease or Manual Configurat ion - When the G VC connec ts to the SonicWALL, the policy from the So nicWALL instructs the GVC to use a Virtual Adapte r, but the DHCP messages are suppressed if th e Virtual Adapter has bee n manually conf[...]

  • Pagina 232

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 213 Site to Site VPN Configurations Export a GroupVPN Client Policy If you want to export the Gl obal VPN Client configuration settings to a file for users to import into their Global VPN Clients, follo w these instructions: S Alert: The GroupVPN SA must be enabled on the SonicWALL to [...]

  • Pagina 233

    214 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings • Branch Office (Gateway to Gateway) - A SonicW ALL is configured to connect to another Son- icW ALL via a VPN tunnel. Or , a SonicW ALL is conf igured to connect via IPSec to anoth er manu- facturer’s firewall. • Hub and S poke Design - [...]

  • Pagina 234

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 215 Site to Site VPN Configurations If Preshared Secret, Shared Secret:__________ _________ Phase 1 DH - 1 2 5 SA Lifetime 28800 or _________ ___ Phase 1 Enc/Auth DES 3DES AES- 128 AES-256 MD5 SHA1 (circle) Phase 2 Enc/Auth DES 3DES AES- 128 AES-256 MD5 SHA1 (circle) ARC NULL Configuri[...]

  • Pagina 235

    216 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Creating a T ypical IKE Preshared Secret VPN Policy You can create a Typical VPN policy using the VPN Policy W izard to configure an IPSec VPN security associ ation betwe en two So nicWALL appliances. 1 Click VPN Policy Wizard on the VPN > S[...]

  • Pagina 236

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 217 Site to Site VPN Configurations Qualified Domain Name of th e remote destinati on in the IPSec Gateway Name or Addre ss field. Click Next . 4 Enter the IP address of the network pr otected by the remote Soni cWALL in the Remote Network field. This is a private IP address on the rem[...]

  • Pagina 237

    218 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Qualified Domain Name of th e remote destination in the IPSec Gateway Name or Address field. Click Next . 4 Enter the IP addres s of the network protected b y the remote SonicWALL in the Remote Network field. This is a private IP address on the[...]

  • Pagina 238

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 219 Site to Site VPN Configurations Qualified Domain Name of th e remote destinati on in the IPSec Gateway Name or Addre ss field. Click Next . 4 Enter the IP address of the network pr otected by the remote Soni cWALL in the Remote Network field. This is a private IP address on the rem[...]

  • Pagina 239

    220 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings Select an encryption method from the Enc ryption list for the VPN tunnel. If netw ork speed is preferred, then se lect DES . If network security is preferred, select 3DES . To compromise between network speed and netw ork security, select DES .[...]

  • Pagina 240

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 221 Site to Site VPN Configurations Configuring a VPN Policy IKE with Preshared Secret To manually configu re a VPN Policy using IKE with Preshared Secr et, follow the steps below: 1 In the VPN > Settings page, click Add . The VPN Policy window is displayed. 2 In the General tab , I[...]

  • Pagina 241

    222 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 8 Click th e Proposals tab. 9 In the IKE (Phase 1) Propos al section, the default setti ngs offer a secure connection configurat ion , ho we ve r, th e set tin gs can be modif ied to reflect y our pr ef er en ce s. In add itio n to 3DES, AES-12[...]

  • Pagina 242

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 223 Site to Site VPN Configurations 11 Click the Advanced tab. Select any optional configuration options you want to apply to your VPN policy in the Advanced Settings section.  Enable Keep Alive - Select this setting if you want to maintain the current connection by listening for tr[...]

  • Pagina 243

    224 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings VPNs check box.Traffic can travel from a branch office to a bran ch office via the corpor ate office.  Default LAN Gateway - used a t a central site in conjunction with a remote site using the Route all internet traf fic through this SA chec[...]

  • Pagina 244

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 225 Site to Site VPN Configurations can be used as a valid key. I f this key is used, it must also be entered in the Authentication Ke y field in the remote SonicWALL. If authentication is not used, this field is ignored. 11 Click on the Advanced tab. Select the optional configur ation[...]

  • Pagina 245

    226 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings 3 Type a Name for the Security Associat ion in the Name field. 4 Type the IP address or Fully Qualified Do main Name (FQDN) of the primar y remote SonicWALL in the IPSec Primary Gatewa y Name or Address field. If you have a secondar y remote So[...]

  • Pagina 246

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 227 Site to Site VPN Configurations 11 Click the Advanced tab. Select any optional configuration options you want to apply to your VPN policy in the Advanced Settings section.  Enable Keep Alive - Select this setting if you want to mainta in the current connection by listening for t[...]

  • Pagina 247

    228 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 36: Configuring VPN Settings[...]

  • Pagina 248

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 229 VPN > Advanced C HAPTER 37 Chapter 37: Configuring Advanced VPN Settings VPN > Advanced The VPN > Advanced page includes optional settings that affect all VPN policies. Advanced VPN Settings • Disable all VPN Windows Networking (Net BIOS) Broadcast s - Computers running [...]

  • Pagina 249

    230 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 37: Configuring Advanced VPN Settings keep alive that act s as a “hea rtbea t” se nt by the VPN de vice behind the NA T or NAPT device. The “keepalive” is silently discarded by the IPSec peer . Selecting Enable NAT Traversal allows VPN tun nels to support this p ro[...]

  • Pagina 250

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 231 VPN > Advanced VPN Bandwid th Management Bandwidth management is a means of allocating ban d width resources to critical applications on a network. The VPN Bandwidth Management section allows you to define th e amount of outboun d VPN traffic allowed from the SonicWALL. Tra ffic[...]

  • Pagina 251

    232 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 37: Configuring Advanced VPN Settings[...]

  • Pagina 252

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 233 VPN > DHCP ov er VPN C HAPTER 38 Chapter 38: Configuring DHCP Over VPN VPN > DHCP over VPN The VPN > DHCP over VPN page allows a Host (DHCP Client ) behind a SonicWALL obtain an IP address lease from a DHCP server a t the other end of a VPN tunnel. In some network deployme[...]

  • Pagina 253

    234 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 38: Configuring DHCP Over VPN Configuring the Central Ga teway for DHCP Over VPN To configure DHCP over VPN for the Central Gateway , use the follow ing steps: 1 On the DHCP over VPN page, sele ct Central Gateway from the DHCP Relay Mode menu. 2 Click Configure . T he DHCP[...]

  • Pagina 254

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 235 VPN > DHCP ov er VPN Configuring DHCP over VPN Remote Gateway 1 Select Remote Gateway from the DHCP Relay Mode menu. 2 Click Configure . The DHCP over VPN Configuration window is displayed. 3 Select the VPN Security Ass ociation to be used for the VPN tunnel from th e Relay DHCP[...]

  • Pagina 255

    236 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 38: Configuring DHCP Over VPN Device Configuration 1 To configure devices on your LAN, click the Devices tab. 2 To configure Static Device s on LAN , click Add to d isplay th e Add LAN Device Entry window, and type the IP address of the de vice in the IP Address field and [...]

  • Pagina 256

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 237 VPN > L2TP Server C HAPTER 39 Chapter 39: Configuring L2TP Server Settings VPN > L2TP Server You can use Layer 2 Tunne ling Protocol (L2TP) to create VPN over public networks su ch as the Internet. L2TP provides interopera bility between different VPN vendors that protocols s[...]

  • Pagina 257

    238 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 39: Configuring L2TP Server Settings To enable L2TP Server functionality on the SonicWALL , select Enable L2TP Serv er . Then click Configure to display the L2TP Server Configur ation window. L2TP Server Settings Configure the following settings: 1 Enter the numbe r of se [...]

  • Pagina 258

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 239 VPN > L2TP Server Currently Active L2TP Sessions • User Name - the user name assig ned in the local user dat abase or the RADIUS user dat abase. • PPP IP - the source IP addr ess of the connection. • Interface - the enter of interface used to access the L2TP Server , wheth[...]

  • Pagina 259

    240 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 39: Configuring L2TP Server Settings[...]

  • Pagina 260

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 241 Digital Certificates Overview C HAPTER 40 Chapter 40: Managing Certificates Digit al Certificates Overview A digital certificate is an electron ic means to ve rify identity by a trusted third party known as a Certificate Authority (CA). X.50 9 v3 certificate standard is a specifica[...]

  • Pagina 261

    242 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates VPN > Local Certificates After a certificate is signed by th e CA and returned to you, you can impor t the certificate into the SonicWALL to be used as a Local Certificate for a VPN Security Association. 9 Tip : After you import a local certifi[...]

  • Pagina 262

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 243 VPN > Local Certificates Delete This Certificate To delete the certificate, click Delete This Certificate . You can delete a certificate if it has expired or if you decide not to use third party certificates for VPN auth entication. Generating a Certificate Signing Request To ge[...]

  • Pagina 263

    244 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates VPN > CA Certificates Importing CA Certificates into the SonicW ALL After your CA service has validat ed your CA Certif icate , you can import it into the So nicWALL and use it to validate Local Certificates for VPN Security Associations. To im[...]

  • Pagina 264

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 245 VPN > CA Certificates Certificate Revocation List (CRL) A Certificat e Revocation List (CRL) is a way to check the validity of an existing certificate. A certificate may be inva lid for several reasons: • It is no longer needed. • A cer tificate was stolen or compromis ed. ?[...]

  • Pagina 265

    246 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 40: Managing Certificates[...]

  • Pagina 266

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 247 P ART 9 Part 9 Users[...]

  • Pagina 267

    248 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 268

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 249 User Level Authentication Overview C HAPTER 41 Chapter 41: V iewing User S t atus and Configuring User Authentication User Level Authentication Overview The SonicWALL security applia nce provides a mech anism for user level a uthentication that gives users access to the LAN from re[...]

  • Pagina 269

    250 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication Active User Sessions The Active User Sessions table lists the User Name , the IP Address of the user, the Session Time , Time Remaining of the session, and the Inactivity Remaining time. You can also click the Tr[...]

  • Pagina 270

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 251 Users > Settings Global User Settings The settings listed below ap ply to all users when authenticated thro ugh the SonicWALL security appliance. • Inactivity timeout (minutes) - users ca n be logged out o f the SonicW ALL security appliance after a preconfigured inactivity ti[...]

  • Pagina 271

    252 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication field, then click Add . T o add an IP add ress range, e nter the range st arting IP a ddress in the first field and the length of the ran ge in the next fiel d (up to th e last three numbers o f the IP a ddress. [...]

  • Pagina 272

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 253 Users > Settings Configuring RADIUS Authentication To enable the SonicW ALL security ap plia n ce to use auth e nt icat ion fro m a RADI US ser ve r, fo llow these steps: 1 Select Use RADIUS for user authentication . 2 Select Allow only users listed locall y if only the users li[...]

  • Pagina 273

    254 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication 11 Click th e RADIUS Users tab. 12 Select the default privileges for a ll RADIUS users in this section. Access to the Intern et (when access is restricted) - If you have selected Allow only authenticated user s t[...]

  • Pagina 274

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 255 Users > Settings 14 Type in a valid user name in the User field, and the password in the Password field. 15 Click Test . If the validation is successful, the Status messages changes to Success . If the validation fails, the Status message cha nges to Failure . 16 Click OK . Once[...]

  • Pagina 275

    256 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 41: Viewing User Status and Configuring User Auth entication[...]

  • Pagina 276

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 257 Users > Local Users C HAPTER 42 Chapter 42: Configuring Local Users Users > Local Users Add local users to the SonicWALL securi ty appliance internal datab ase. Click Add User to display the Add User configuration window.[...]

  • Pagina 277

    258 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 42: Configuring Local Users Adding a Local User 1 Create a user name and type it in the User Name field. 2 Create a password for th e user and type it in the Password field. Passwords are case-sensitive and should consist of a combin ation of letters and numbers rath er th[...]

  • Pagina 278

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 259 P ART 10 Part 10 Security Services[...]

  • Pagina 279

    260 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 280

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 261 SonicWALL Security Services C HAPTER 43 Chapter 43: Managing SonicW ALL Security Services SonicW ALL Security Services SonicWALL, In c. offers a v ariety of subscription-based security serv ices to provide layered se cu rity for your networ k. Son icW ALL security ser vice s ar e d[...]

  • Pagina 281

    262 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 43: Managing SonicWALL Security Services mySonicW ALL.com mySonicWALL.com delivers a convenient , one-stop resource for registra tion, activation, and management of your SonicWALL products and serv ices. Your mySonicWALL.com account pr ovides a single profile to do the fol[...]

  • Pagina 282

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 263 Security Services > Summary Security Services > Summary The Security Services > Summary page lists th e available SonicWALL secu rity services and upgrades available fo r your SonicWALL secu rity appliance and pro vides access to mySonicWALL.com to activate services. Secur[...]

  • Pagina 283

    264 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 43: Managing SonicWALL Security Services If Y our SonicW ALL Security Appliance is Not Registered If your SonicWALL security appliance is not registered, the Security Services > Summary page does not include the Services Summary table. Your SonicWALL security applian c [...]

  • Pagina 284

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 265 SonicWALL Content Filtering Service C HAPTER 44 Chapter 44: Configuring SonicW ALL Content Filtering Service SonicW ALL Content Filtering Service SonicWALL Content Filter ing Service (CFS) enforc es protection and productivity policies for businesses, schools and libraries, a s wel[...]

  • Pagina 285

    266 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Security Services > Content Filter The Security Servic es > Content Filter page allows yo u to configure the SonicWAL L security appliance Restrict Web Fea tures and Trusted Do mains se ttings, which are included wi[...]

  • Pagina 286

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 267 Security Services > Content Filter 1 Click the SonicWALL Content Filtering Subscr iption link on the Security Ser vices > Content Filtering page. The mySonicWALL.com Login page is displayed. 2 Enter your mySonicWALL.com accoun t username and password in the User Name and Pass[...]

  • Pagina 287

    268 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Content Filter T ype There are three types of content filte ring ava ilable on the SonicWALL security ap pliance. • SonicW ALL CFS - Selecting SonicW ALL CFS as the Conten t Filter T ype allows you to use th e SonicW AL[...]

  • Pagina 288

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 269 Configuring SonicWALL Filter Properties T rusted Domains Trusted Domains can be added to ena ble content from specific domains to be exemp t from Restrict Web Features . If you trust content on specific domain s an d wa nt them exe m pt from Restrict Web Features , follow these ste[...]

  • Pagina 289

    270 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Custom List The Custom List page allows you to specify allowed or forbidden domain s and keywords to block. Allowed/Forbidden Domains You can cu stomize your URL list to inc lude Allowed Domains and Forbidden Domains . By[...]

  • Pagina 290

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 271 Configuring SonicWALL Filter Properties Disable all We b traffic e xcept for Allowed Domains When the Disable Web traffic exc ept for Allowed Domains check box is selected, the SonicWALL security appliance only allows Web access to sites on the Allowed Domains list. With careful sc[...]

  • Pagina 291

    272 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service Consent The Consent tab allows you to en force content filtering on d esign ated computer s and provide optional filtering on other computers. Consent can be con figured to require the user to agree to the terms outli ned[...]

  • Pagina 292

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 273 Configuring SonicWALL Filter Properties Mandatory Filtered IP Addresses Consent Page URL (m andatory filtering) When a user opens a Web browser on a co mpu ter using mandatory conten t f iltering, a consent pag e is displayed. You must create the Web page th at appears when the Web[...]

  • Pagina 293

    274 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 44: Configuring SonicWALL Content Filtering Service[...]

  • Pagina 294

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 275 SonicWALL Network Anti-Virus Overview C HAPTER 45 Chapter 45: Managing SonicW ALL Network Anti-V irus and E-Mail Filter Services SonicW ALL Network Anti-V irus Overview The widespread outbreaks of viruses illustra te the problematic nature of virus defense for small offices. Users [...]

  • Pagina 295

    276 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 45: Managing SonicWALL Network Anti-V irus and E-Mail Filter Services Security Services > Anti-V irus If SonicWALL Ne twork Ant i-Virus is not activated, t he Security Services > Anti-Virus pag e indicate s an upgrade is required and provid es links to activa te a So[...]

  • Pagina 296

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 277 Security Services > Anti-Virus S Alert: You must h ave a mySon icWALL.com a ccount an d your Sonic WALL must be register ed to activate SonicWALL Network Anti-Virus. 1 Click the SonicWALL Network Anti-Virus Subsc ription link on the Security Services > Ant i- Virus page. The [...]

  • Pagina 297

    278 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 45: Managing SonicWALL Network Anti-V irus and E-Mail Filter Services Security Services > E-Mail Filter The Security Servic es > E-Mail Fi lter page allows the administrator to selectively delete or disable inbound e-mail attachments as they pass thro ugh the SonicWA[...]

  • Pagina 298

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 279 SonicWALL Gateway Anti-Virus Overview C HAPTER 46 Chapter 46: Managing SonicW ALL Gateway Anti-V irus Service SonicW ALL Gateway Anti-V irus Overview SonicWALL Gateway Anti-V irus is part of the SonicWALL Gateway Anti-Virus/Intrusion Prevention Service solutio n that pro vides com [...]

  • Pagina 299

    280 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e SonicW ALL Gateway Anti-V irus/Intrusion Prevention Features • Real-T ime Anti-V ir us Gateway Sc anning - SonicW ALL Gateway Anti-V irus/Intrusion Prevention Service delivers intelligent file-b ased virus and malici ous[...]

  • Pagina 300

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 281 SonicWALL Gateway Anti-Virus Overview Activating SonicW ALL Gateway Anti-V irus If you do not have SonicWALL Gateway Anti-Virus installe d on your SonicWALL security appliance, the Security Services > Gateway Anti-Virus page indica tes an upgrade is required a nd includes a link[...]

  • Pagina 301

    282 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e Activating SonicW ALL Gateway Anti-V irus If you have an Activation Key for your SonicWALL Gateway Anti- Virus, perf orm these s teps to activa te the service: 1 On the Se curity Services > Gateway Anti- Virus page, cli[...]

  • Pagina 302

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 283 Configuring SonicWALL Gateway Anti-Virus Configuring SonicW ALL Gateway Anti-V irus After activating SonicWALL Gateway Anti-Virus, the Security Services > G ateway An ti-Virus page displays the con figuration settings for managing th e se rvice on your SonicWALL security applia [...]

  • Pagina 303

    284 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 46: Managing SonicWALL Gateway Anti-Virus Servic e[...]

  • Pagina 304

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 285 SonicWALL Intrusion Prevention Service C HAPTER 47 Chapter 47: Managing SonicW ALL Intrusion Prevention Service SonicW ALL Intrusion Prevention Service SonicWALL Intru sion Preven tion Service (Son icWALL IPS) deliv ers a configura ble, high perf ormance Deep Packet Inspection engi[...]

  • Pagina 305

    286 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service maintains a curr en t an d robust signatur e da t abase by inco rp orati ng the latest av ailabl e signa ture s from thousa nds of open source d evelopers an d by continually developing n ew signatures for a ppli- cation [...]

  • Pagina 306

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 287 SonicWALL Intrusion Prevention Service How SonicW ALL ’ s Deep Packet Inspection Architecture Wo r k s Deep Packet Inspection t echnology enables th e firewall to investigate farther into the prot ocol to examine information at the application layer a nd defend agains t attacks t[...]

  • Pagina 307

    288 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service Security Services > Intrusion Prevention The Security Servic es > Intrusion Preventio n page provides the settings for configuring SonicWALL Intrusion Prevention Service. If you do not have SonicWALL IPS activated o[...]

  • Pagina 308

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 289 Security Services > Intrusion Prevention Activating the SonicW ALL IPS FREE TRIAL To try a FREE TRIAL of SonicW ALL IPS, follow these steps: 1 Click the FREE TRIAL link. The mySonicWALL.com Login page is displayed. 2 Enter your mySonicWALL.com accoun t username and password in t[...]

  • Pagina 309

    290 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 47: Managing SonicWALL Intrusion Prevention Service[...]

  • Pagina 310

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 291 SonicWALL Global Security Client C HAPTER 48 Chapter 48: Managing SonicW ALL Global Security Client SonicW ALL Global Security Client The SonicWALL Global Security Client combines gateway enforceme nt, central management, configuration flexibility and softw are deployment to delive[...]

  • Pagina 311

    292 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 48: Managing SonicWALL Global Security Client Global Security Client Features • Multi-Pronged Protect ion - extends the boundar ies of security by protecting the corpor at e net- work and remote/mobile worker s from malicious att acks that occur over the Internet. • En[...]

  • Pagina 312

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 293 SonicWALL Global Security Client Activating SonicW ALL Global Security Client If you have an Activation Key for your SonicWA LL Global Security Client , follow these steps to activate the service: 1 Click the SonicWALL Global Security Client Subscription link on th e Security Servi[...]

  • Pagina 313

    294 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 48: Managing SonicWALL Global Security Client[...]

  • Pagina 314

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 295 P ART 11 Part 11 Log[...]

  • Pagina 315

    296 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE[...]

  • Pagina 316

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 297 SonicOS Log Event Messages Overview C HAPTER 49 Chapter 49: V iewing Log Event s SonicOS Log Event Messages Overview During the operation o f a SonicWA LL security a ppliance, So nicOS softwa re sends lo g event messages to the console . Event logging automa tically begins when th [...]

  • Pagina 317

    298 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 49: Viewing Log Events Log > V i ew The SonicWALL security appliance maintains an Event log which displays potent ial security threats. This log can be viewed with a browser using the So nicWALL Web Managem ent Interface, or it can be automatically sent to an e-mail add[...]

  • Pagina 318

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 299 Log > View SonicOS Log Entries Each log entry contains the da te and time of the ev en t an d a b rief message descr ibin g the eve nt. It is also possible to copy the log entries from the managemen t interface and paste in to a report. The SonicWALL security appliance ma nages [...]

  • Pagina 319

    300 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 49: Viewing Log Events[...]

  • Pagina 320

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 301 Log > Categories C HAPTER 50 Chapter 50: S pecifying Log Categories Log > Categories You can define which log me ssages appear in the Son icWALL security appliance Event Log . Log Categories All Log Categories are enabled by default except Networ k Debug . • Log all Categor[...]

  • Pagina 321

    302 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 50: Specifying Log Categories Logs Java, ActiveX, and Cook ies blocked by the SonicWALL security appliance. • User Activity Logs successful and unsucc essful log in attempts. • VPN TCP S t at s Logs TCP connections over VPN tunnels. • System Environment (PRO 3060) Lo[...]

  • Pagina 322

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 303 Log > Automation C HAPTER 51 Chapter 51: Configuring Log Automation Log > Automation Click Log , and then Automation to begin configuring the Soni cWALL security appliance to se nd log files using e-mail and co nf ig u rin g sys log ser ver s on you r netwo rk .[...]

  • Pagina 323

    304 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 51: Configuring Log Automation E-mail • Mail Server - to e-mail log or alert messa ges, enter the name or IP addre ss of your mail server in the Mail Server field. If this field is left blank, log and ale rt messages are not e-mailed. • Send Log T o - enter your full e[...]

  • Pagina 324

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 305 Log > Automation Syslog Event Redund ancy Filter (seconds) - The Syslog Event Redund ancy Filter setting prevents repetitive messag es from being writte n to Syslog. If duplicate ev ents occur during the period specified in the Syslog Event Redundancy Rat e field, they are not w[...]

  • Pagina 325

    306 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 51: Configuring Log Automation[...]

  • Pagina 326

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 307 Log > Name Resolution C HAPTER 52 Chapter 52: Configuring Name Resolution Log > Name Resolution The Lo g > Name Resolution page includes settings for configuring the name servers u sed to resolve IP addresses and se rver names in the log reports. The security appliance us [...]

  • Pagina 327

    308 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 52: Configuring Name Resolution Selecting Name Resolution Settings The security appliance can use DNS, NetBios, or bo th to resolve IP addre sses and server names. In the Name Re solution Method list, select: • None : The security appliance will not attempt to resolve IP[...]

  • Pagina 328

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 309 Log > Reports C HAPTER 53 Chapter 53: Generating and V iewing Log Report s Log > Report s The SonicWALL security appliance can perform a rolling analysis of th e event log to show the top 25 most frequently accessed Web sites, the top 25 us ers of bandwidth by IP addres s, an[...]

  • Pagina 329

    310 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 53: Generating and Viewing Log Reports Click Reset Da ta to clear the report statis tics and begin a new sample period . The sample period is also reset when data collection is stoppe d or started, and when the Soni cWALL security appliance is rest ar te d. Vi e w D a ta S[...]

  • Pagina 330

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 311 Log > ViewPoint Log > V iewPoint SonicW ALL V i ewPoint SonicWALL ViewPoint is a software solution that creates dynamic, Web-based reports of network activity. ViewPoint generates both real-time and hist orical reports to pr ovide a com plete view of all activity through your[...]

  • Pagina 331

    312 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE C HAPTER 53: Generating and Viewing Log Reports[...]

  • Pagina 332

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 313 SonicSetup A PPENDIX A Appendix BA Using the SonicSetup Diagnostic and Recovery T o ol SonicSetup SonicSetup provides improved diagnostic and in itial setup capabilities for SonicWALL security appliances. It demonstrates that a SonicWALl secu rity appliance is in a functional state[...]

  • Pagina 333

    314 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Introduction and Discovery After establishing a connection between th e Soni cWALL and the management wo rkstation (preferably with a direc t cross-ov er cable con nection), la unch SonicSe tup.exe. SonicSetup pr esents[...]

  • Pagina 334

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 315 Diagnostics Diagnostics Diagnostics include ha rdware and software componen ts, and it runs in two modes: ROM a nd Firmware. Th e transition between the two mo des is autom atically contr olled by Sonic Setup, and is transparent to the ad m i nis tra to r. Diagnostics include (comp[...]

  • Pagina 335

    316 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Diagnostic Result s After the diagno stics have run, the diag nostic results are displayed : Included in the results is the Diagn o stic Code which, in the event of a failure, must be interpreted by SonicWALL Support. T[...]

  • Pagina 336

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 317 SonicOS Recovery If the SonicROM image fails to transfer, a failure notification page is displayed, and the ad ministrator must have the opportu nity to retry the process. Multiple failed attempts r eceive an appropriate response from SonicWALL Supp ort. After the new SonicROM imag[...]

  • Pagina 337

    318 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool Restoring Factory Default s If the SonicWALL fails to startup completely after loading the new So nicOS imag e (and atte mpting to start with the existing configuration/ prefs settings) , a startup-failur e notification[...]

  • Pagina 338

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 319 Address Synchronization Address Synchronization The SonicWALL should be fully operational at this ti me. The administrator is then prompted to p rovide an IP address for the SonicWALL: • Any address may be set, regardless of the current IP address setting (i.e. the address ma y b[...]

  • Pagina 339

    320 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX A: Using the SonicSetup Diagnostic and Recovery Tool[...]

  • Pagina 340

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 321 SonicWALL SafeMode A PPENDIX B Appendix BA Resetting the SonicW ALL Security Appliance Using SafeMode SonicW ALL SafeMode If you are unable to c onnect to th e SonicWAL L secu rity appliance’s manageme nt interface, yo u can restart the SonicWALL security appliance in Safe Mode. [...]

  • Pagina 341

    322 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX B: Resetting the SonicWALL Security Appliance Using SafeMode 3 The Test light starts blinking when the secu rity applianc e has re booted into SafeMode. 4 Connect to the management inter face: Point the Web browser on your Ma nagement Station to 192.168.168.1 68 . The Saf[...]

  • Pagina 342

    S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE 323 Upgrading SonicOS Firmware Upgrading SonicOS Firmware In SafeMode, you can upload newe r versions of the SonicOS firmware to your SonicWAL L security appliance. 1 Connect to <http://www.mysonicwall.com> . If you have already registered your security appliance, you should be a[...]

  • Pagina 343

    324 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE A PPENDIX B: Resetting the SonicWALL Security Appliance Using SafeMode[...]

  • Pagina 344

    325 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE Chapter C: Index Numerics 802.11g 127 A access point stat us 136 access rules bandwidth man agement 180 configuration examples 187 general rule wizard 182 overview 179 public server rule wizard 181 restoring defaults 181 rule wizard 181 account lifet ime 133 accounts wireless guest[...]

  • Pagina 345

    Index 326 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE updating firmware 48 flexible default route 174 fragmentatio n th re sh old 153 fragments 137 G Gateway Anti-Virus 279 application control 280 deep packet inspection 280 features 280 inter-zone scann ing 280 intrusion prev en tio n 280 signatures 280 guest account profiles 16[...]

  • Pagina 346

    Index S ONIC WALL S ONIC OS S TAND ARD 3.0 A DMINISTRATOR ’ S G UIDE 327 secure access point 18 , 20 secure wireless bridge 18 security services activating a free trial of Intrusion Preventio n Service 289 activating Cont en t Filtering Service 266 activating Global Security Client 292 activating Intrusion Prevention Service 288 activating Networ[...]

  • Pagina 347

    Index 328 S ONIC WALL S ONIC OS S TANDARD 3.0 A DMINISTRATOR ’ S G UIDE hexadecimal. 148 WEP key mode 148 WGS, see wireless guest ser vices WiFiSec 127 , 136 WiFiSec enforcement 13 0 , 140 WiFiSec Protected Access 148 EAP 149 PSK 149 wireless guest internet gateway 18 office gateway 18 secure access point 18 secure wireless bridge 18 WPA 148 wire[...]

  • Pagina 348

    © 2 00 4 Soni cWALL, I n c . Soni cWAL L is a reg is tered tr adem ar k of S onic WAL L, I n c . Other produ ct a nd c ompa ny name s men tione d h erei n ma y be t r adem ar ks and/ or re gi stered tr ade m arks of the ir respe cti ve com pan ie s. Speci ficat io ns and desc ripti on s su bject to chang e with out n oti ce. T: 408.745.9600 F: 408[...]