SonicWALL SMA 100 Series Deployment Manual
  1. Manuals
  2. Brands
  3. SonicWALL Manuals
  4. Wireless Access Point
  5. SMA 100 Series
  6. Deployment manual

SonicWALL SMA 100 Series Deployment Manual

Hide thumbs Also See for SMA 100 Series:
Table of Contents

Advertisement

Quick Links

Download this manual
Secure Mobile Access 10.2
Deployment Guide
for the SMA 100 Series

Advertisement

Table of Contents
loading

Related Manuals for SonicWALL SMA 100 Series

Summary of Contents for SonicWALL SMA 100 Series

  • Page 1 Secure Mobile Access 10.2 Deployment Guide for the SMA 100 Series...

  • Page 2: Table Of Contents

    Adding a New SMA Custom Zone Testing and Troubleshooting Your Remote Connection Verifying a User Connection from the Internet Policy > Access Rules Matrix View SonicWall Support About This Document SMA 10.2 Deployment Guide for the SMA 100 Series Contents...

  • Page 3: Deployment Scenarios Overview

    Spyware, Content Filtering, Intrusion Prevention Service, and Comprehensive Anti-Spam Service, to scan all incoming and outgoing traffic. The primary interface (X0) on the SonicWall SMA connects to an available segment on the gateway device. The encrypted user session is passed through the gateway to the SMA appliance. The SonicWall SMA appliance decrypts the session and determines the requested resource.

  • Page 4: Sma 210/410 Deployment Scenarios

    NSsp Series NSv Series SMA on LAN None For a full list of the supported SonicWall firewall and firmware versions, see https://www.sonicwall.com/support/product-lifecycle-tables/ The following illustrations provide an overview of each deployment scenario: Overview of Scenario A: SMA on a New DMZ...

  • Page 5: Connecting The Sma On A New Dmz

    1. Connect one end of an Ethernet cable to an unused port on your SonicWall gateway appliance. 2. Connect the other end of the Ethernet cable to the X0 port on the front of your SonicWall Secure Mobile Access 210/410. The X0 Port LED lights up indicating an active connection.
  • Page 6 IP range. Click Next. NOTE: The default IP address is the WAN IP address of your SonicWall security appliance. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SMA appliance.

  • Page 7: Allowing An Sma To Lan Connection

    7. Click Save to create the object. Once added, click Close. 8. On the OBJECT | Match Objects > Addresses page, click the Address Groups tab. SMA 10.2 Deployment Guide for the SMA 100 Series Connecting the SMA on a New DMZ...
  • Page 8 SMA appliance. The SSLVPN zone is intended for use with the more limited SSLVPN features that are included in the firewall products. Continue to Additional Configuration Testing and Troubleshooting Your Remote Connection. SMA 10.2 Deployment Guide for the SMA 100 Series Connecting the SMA on a New DMZ...

  • Page 9: Connecting The Sma On An Existing Dmz

    SonicWall gateway appliance, to a hub, or to a switch on your DMZ. 2. Connect the other end of the Ethernet cable to the X0 port on your SonicWall SMA 210/410. The X0 Port LED lights up indicating an active connection.

  • Page 10: Allowing Dmz To Lan Connection

    IP range. Click Next. NOTE: The default IP address is the WAN IP address of your SonicWall firewall. If you accept this default, all HTTP and HTTPS traffic to this IP address is routed to your SMA appliance.
  • Page 11 13. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Source Zone/Interface Source Destination Source Port Service SMA 10.2 Deployment Guide for the SMA 100 Series Connecting the SMA on an Existing DMZ...
  • Page 12 SMA appliance. The SSLVPN zone is intended for use with the more limited SSLVPN features that are included in the firewall products. Continue to Additional Configuration Testing and Troubleshooting Your Remote Connection. SMA 10.2 Deployment Guide for the SMA 100 Series Connecting the SMA on an Existing DMZ...

  • Page 13: Deploying Sma On The Lan

    To connect the SMA on the LAN: 1. Connect one end of an Ethernet cable to an unused port on your LAN hub or switch. 2. Connect the other end of the Ethernet cable to the X0 port on the front of your SonicWall SMA 210/410.
  • Page 14 13. On the page that displays for SMA to LAN, click +Add. 14. In the Add Rule window, create a rule to allow access to the LAN for the address group you just SMA 10.2 Deployment Guide for the SMA 100 Series Deploying SMA on the LAN...
  • Page 15 SMA appliance. The SSLVPN zone is intended for use with the more limited SSLVPN features that are included in the firewall products. Continue to Additional Configuration Testing and Troubleshooting Your Remote Connection. SMA 10.2 Deployment Guide for the SMA 100 Series Deploying SMA on the LAN...

  • Page 16: Additional Configuration

    , you could set your computer to 10.1.1.10 10.1.1.20 8. Log into the SMA management interface again, using the IP address you just configured for the X0 interface. For example, point your browser to https://10.1.1.10 SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...

  • Page 17: Configuring A Default Route

    Default IPv6 Gateway field. 3. Select X0 as the interface and click Accept. Adding a NetExtender Client Route NetExtender allows remote clients to have seamless access to resources on your local network. SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...
  • Page 18 192.168.168.0 5. Enter the subnet mask of the destination network in the Subnet Mask field. Continuing the example, enter 255.255.255.0 6. Click Submit to finish adding this client route. SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...

  • Page 19: Setting Your Netextender Address Range

    Transparent range, such as , and configure your NetExtender range as 67.115.118.80 . Then, on your gateway device, configure a static route to 192.168.10.100 192.168.10.200 , using 192.168.10.0 67.115.118.80 SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...

  • Page 20: Adding A New Sma Custom Zone

    5. Select Public from the Security Type drop-down menu. 6. Clear the Allow Interface Trust toggle. 7. Select the following check boxes: • Enable Gateway Anti-Virus Service • Enable IPS • Enable Anti-Spyware Service SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...
  • Page 21 13. If you want to allow users to log in to the gateway appliance using this interface, select the desired user login options. 14. Click OK to apply changes. SMA 10.2 Deployment Guide for the SMA 100 Series Additional Configuration...

  • Page 22: Testing And Troubleshooting Your Remote Connection

    Testing and Troubleshooting Your Remote Connection You have now configured your SonicWall gateway appliance and SMA appliance for secure remote access. This section provides information on the following topics: Verifying a User Connection from the Internet Policy > Access Rules Matrix View...

  • Page 23: Policy > Access Rules Matrix View

    2. Click the Configure icon for X2 or the port you assigned as the SMA zone. 3. Select SMA as the Zone from the drop-down menu. 4. Click OK. SMA 10.2 Deployment Guide for the SMA 100 Series Testing and Troubleshooting Your Remote Connection...

  • Page 24: Sonicwall Support

    The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. To access the Support Portal, go to https://www.sonicwall.com/support. The Support Portal enables you to: View knowledge base articles and technical documentation View and participate in the Community forum discussions at https://community.sonicwall.com/technology-and-support.

  • Page 25: About This Document

    Open Source Code SonicWall Inc. is able to provide a machine-readable copy of open source code with restrictive licenses such as GPL, LGPL, AGPL when applicable per license requirements. To obtain a complete machine-readable copy, send your written requests, along with certified check or money order in the amount of USD 25.00 payable to “SonicWall Inc.”, to:...

Table of Contents