SonicWALL NSA E6500 Getting Started Manual
  1. Manuals
  2. Brands
  3. SonicWALL Manuals
  4. Firewall
  5. NSA E6500
  6. Getting started manual

SonicWALL NSA E6500 Getting Started Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
NSA E6500 Getting Started Guide
PROTECTION AT THE SPEED OF BUSINESS

Advertisement

Chapters

Table of Contents
loading

Related Manuals for SonicWALL NSA E6500

Summary of Contents for SonicWALL NSA E6500

  • Page 1 NSA E6500 Getting Started Guide PROTECTION AT THE SPEED OF BUSINESS ™...

  • Page 2: Table Of Contents

    SonicWALL NSA E6500 Getting Started Guide This Getting Started Guide provides instructions for basic installation and configuration of the SonicWALL Network Security Appliance (NSA) E6500 running SonicOS Enhanced. After you complete this guide, computers on your Local Area Network (LAN) will have secure Internet access.
  • Page 3 Back WEEE Weight 17.30 lbs/7.9 kg Note: Always observe proper safety and regulatory guidelines when removing administrator-serviceable parts from the SonicWALL section, on page 69 NSA E6500. Proper guidelines can be found in the Product Safety and Regulatory Information of this guide.

  • Page 4: Pre-Configuration Tasks

    Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your SonicWALL NSA E6500. Check Package Contents • - page 4 Obtain Configuration Information • - page 5 The Front Panel • - page 6 The Back Panel •...

  • Page 5: Check Package Contents

    Check Package Contents Before setting up your SonicWALL NSA E6500, verify that your package contains the following parts: Any Items Missing? If any items are missing from your package, please contact SonicWALL support. SonicWALL NSA E6500 Release Notes A listing of the most current support options is available online at: DB9 ->...

  • Page 6: Support And Training Options

    ISP that DNS 3 (optional): assigns a static IP address. Note: If you are not using one of the network configurations above, refer to the SonicOS Enhanced Administrator’s Guide <http://www.sonicwall.com/us/support.html> SonicWALL NSA E6500 Getting Started Guide Page 5...

  • Page 7: The Front Panel

    Press and hold the button for a few seconds to manually reset the appliance. LED (from left to right) Power LED: Indicates the SonicWALL NSA E6500 is powered on. Test LED: Flickering: Indicates the appliance is initializing. Steady blinking: Indicates the appliance is in SafeMode.

  • Page 8: The Back Panel

    The Back Panel Icon Feature Description Expansion Bay Future extension. Fans (2) The SonicWALL NSA E6500 includes two fans for system temperature control. Power Supply The SonicWALL NSA E6500 power supply. SonicWALL NSA E6500 Getting Started Guide Page 7...

  • Page 9: Front Bezel Control Features

    Front Bezel Control Features Note: Using the front bezel for configuration purposes prior to The SonicWALL Network Security Appliance E-Class is completing initial setup will bypass the Setup Wizard’s equipped with a front panel bezel interface that allows an automatic launch at startup.
  • Page 10 Status List. Use the Up and Down button to select the menu you wish to enter and click the Right button to enter it. SonicWALL NSA E6500 Getting Started Guide Page 9...
  • Page 11 After entering a new value for a setting in the configuration Configure menu, you are asked if you want to commit changes. Using the The Configure Menu allows you to configure specific aspects of 4-way D-pad, press the Right button for yes or the Left button the appliance.
  • Page 12 Right button to confirm. The appliance will change to • Restore defaults SafeMode. Once SafeMode is enabled, the SonicWALL NSA E6500 must be controlled from the Web management interface. The X1 Mode can be set to Static (default option) or to DHCP. If...

  • Page 13: Front Bezel Configuration Example

    Press Right. Front Bezel Configuration Example LAN IP Configuration The SonicWALL NSA E6500 is assigned the default LAN IP of Press Down until X1 IP is selected (four times). 192.168.168.168. Complete the following steps to change it to Press Right to configure X1 IP.

  • Page 14: Registering Your Appliance

    • - page 15 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of SonicWALL security services, firmware updates, and technical support. SonicWALL NSA E6500 Getting Started Guide Page 13...
  • Page 15 Security Services licenses with your primary SonicWALL. Note: Your SonicWALL NSA E6500 does not need to be powered on during account creation or during the mysonicwall.com registration and licensing process.
  • Page 16 Registration Next Steps • - page 18 Product Registration You must register your SonicWALL security appliance on mysonicwall.com to enable full functionality. Login to your mysonicwall.com account. If you do not have an account, you can create one at www.mysonicwall.com.
  • Page 17 • Support Services: at a later time. • Dynamic Support 24x7 The following products and services are available for the • Software and Firmware Updates SonicWALL NSA E6500: • Consulting Services: • Service Bundles: • Implementation Service • Client/Server Anti-Virus Suite •...
  • Page 18 Management page. A 30-day free trial is immediately Products page, check the Applicable Services table for activated. The Status page displays relevant services that your SonicWALL appliance is already licensed for. Your initial purchase may have included information including the activation status, expiration...
  • Page 19 HA Primary unit listed in the Parent Product section, as well as a Status value of 0 in the Associated Products / second SonicWALL with the first in a high availability (HA) pair. Child Product Type section. You can associate the two appliances as part of the registration Although the Stateful High Availability Upgrade and all the process on mysonicwall.com.

  • Page 20: Deployment Scenarios

    Configuring L2 Bridge Mode • - page 39 Tip: Obtain Configuration Information Before completing this section, fill out the information in - page 5. You will need to enter this information during the Setup Wizard. SonicWALL NSA E6500 Getting Started Guide Page 19...
  • Page 21 Current Gateway Configuration New Gateway Configuration Use Scenario No gateway appliance Single SonicWALL NSA as a primary gateway. A - NAT/Route Mode Gateway Pair of SonicWALL NSA appliances for high B - NAT with State Sync Pair availability.
  • Page 22 SonicWALL NSA E-Class gateway. ISP 1 Internet In this scenario, the SonicWALL NSA E6500 is configured in NAT/Route mode to operate as a single network gateway. Two Internet sources may be routed through the SonicWALL SonicPoint appliance for load balancing and failover purposes. Because...
  • Page 23 SonicWALL redundant high-availability networking. HA / Failover Pair E6500 In this scenario, one SonicWALL NSA E6500 operates as the HA Link primary gateway device and the other SonicWALL NSA E6500 is in passive mode. All network connection information is synchronized between the two devices so that the backup...
  • Page 24 Scenario C: L2 Bridge Mode For network installations where the SonicWALL NSA E6500 is Network Gateway running in tandem with an existing network gateway. Internet or L2 Bridge Link LAN Segment 2 In this scenario, the original gateway is maintained. The...

  • Page 25: Ethernet Cable

    Initial Setup Accepted Browser Version This section provides initial configuration instructions for Browser Number connecting your SonicWALL NSA E6500. Follow these steps if Internet Explorer 6.0 or higher you are setting up scenario A, B, or C. Firefox 2.0 or higher...
  • Page 26 When the Power LEDs are lit and the Test LED is no longer lit, The Link LED above the X0 (LAN) port will light up in green the SonicWALL NSA E6500 is ready for configuration. This or amber depending on the link throughput speed,...
  • Page 27 Accessing the Management Interface Accessing the Setup Wizard If you cannot connect to the SonicWALL NSA E6500 or the The computer you use to manage the SonicWALL NSA E6500 Setup Wizard does not display, verify the following must be set up to accept a dynamic IP address, or it must have configurations: an unused IP address on the 192.168.168.x/24 subnet, such as...
  • Page 28 LAN port. However, if a DHCP server is • Restart your Management Station to accept new already active on your LAN, the SonicWALL will disable its own network settings from the DHCP server in the DHCP server to prevent conflicts.
  • Page 29 It is available on mysonicwall.com at the top your licensed services from within the SonicOS user interface: of the Service Management page for your SonicWALL appliance. • Activate licenses To activate licenses in SonicOS: •...
  • Page 30 SonicWALL security appliance configuration settings. The backup feature saves a copy of the current configuration Obtaining the Latest Firmware settings on your SonicWALL security appliance, protecting all • - page 29 your existing settings in the event that it becomes necessary to Saving a Backup Copy of Your Preferences •...
  • Page 31 Upgrading the Firmware Using SafeMode to Upgrade Firmware Perform the following steps to upload new firmware to your If you are unable to connect to the SonicWALL security SonicWALL appliance and use your current configuration appliance’s management interface, you can restart the settings upon startup.
  • Page 32 (admin / password) to access the SonicWALL management interface. If You Are Following Proceed to Section: Scenario... A - NAT/Route Mode Additional Deployment Gateway Configuration - page 41 SonicWALL NSA E6500 Getting Started Guide Page 31...

  • Page 33: Configuring A State Sync Pair In Nat/Route Mode

    38 NAT/Route Mode This section provides instructions for configuring a pair of SonicWALL NSA E-Class 2 SonicWALL SonicWALL NSA E6500 appliances for high availability (HA). HA / Failover Pair E6500 This section is relevant to administrators following deployment HA Link scenario B.

  • Page 34: Configuring High Availability

    • Connect the HA ports on the Primary SonicWALL and You can find the serial number on the back of the SonicWALL Backup SonicWALL appliances with a CAT6-rated security appliance, or in the System > Status screen of the crossover cable (red crossover cable). The Primary and backup unit.
  • Page 35 SonicWALL is under a heavy Click the Include Certificates/Keys checkbox to have the load. appliances synchronize all certificates and keys. Set the Probe Level for the interval in seconds between Click Synchronize Settings to synchronize the settings communication with upstream or downstream systems.
  • Page 36 From your management workstation, test connectivity through message at the bottom of the management interface page. Also the Backup SonicWALL by accessing a site on the public note that the management interface displays Logged Into: Internet – note that the Backup SonicWALL, when active,...

  • Page 37: Adjusting High Availability Settings

    • Election Delay Time – This timer can be used to specify an amount of time the SonicWALL will wait to consider an interface up and stable, and is useful when dealing with switch ports that have a spanning-tree delay set.

  • Page 38: Ha License Configuration Overview

    You can configure HA license synchronization by associating provided before the failover. To enable HA, you can use the two SonicWALL security appliances as HA Primary and HA SonicOS UI to configure your two appliances as a HA pair in Secondary on mysonicwall.com.

  • Page 39: Associating Pre-Registered Appliances

    On the My Product - Associated Products page, in the text Associating Pre-Registered Appliances boxes under Associate New Products, type the serial To associate two already-registered SonicWALL security number and the friendly name of the appliance that you appliances so that they can use HA license synchronization, want to associate as the child/secondary/backup unit.
  • Page 40 • - page 40 Connection Overview Connect the X1 port on your SonicWALL NSA E6500 to the LAN port on your existing Internet gateway device. Then connect the X0 port on your SonicWALL to your LAN. SonicWALL NSA E6500 Getting Started Guide...
  • Page 41 Configuring the Secondary Bridge Interface Note: Complete the following steps to configure the SonicWALL Do not enable Never route traffic on the bridge-pair unless your network topology requires that all packets appliance: entering the L2 Bridge remain on the L2 Bridge Navigate to the Network >...

  • Page 42: Additional Deployment Configuration

    Enabling Security Services in SonicOS • - page 48 Applying Security Services to Zones • - page 48 Troubleshooting Diagnostic Tools • - page 49 Deployment Configuration Reference Checklist • - page 53 SonicWALL NSA E6500 Getting Started Guide Page 41...
  • Page 43 Deny enforced by binding a zone to one or more physical interfaces (such as, X0, X1, or X2) on the SonicWALL UTM appliance. The X1 and X0 interfaces are preconfigured as WAN and LAN respectively. The remaining ports can be configured to meet the...
  • Page 44 The access rules are sorted from the most specific at the top to the least specific at the bottom of the table. At the bottom of the table is the Any rule. SonicWALL NSA E6500 Getting Started Guide Page 43...
  • Page 45 Comments field. • Specify the number of connections allowed as a percent of maximum number of connections allowed by the SonicWALL security appliance in the Number of connections allowed (% of maximum connections) field. • Select Create a reflexive rule if you want to create a...
  • Page 46 Address Objects as a defining criterion. You can create multiple NAT policies on a SonicWALL running SonicOS Enhanced for the same object – for instance, you can Since there are multiple types of network address expressions,...
  • Page 47 • Default Address Objects - displays Address Objects If you selected Network, enter the network IP address configured by default on the SonicWALL security and netmask in the Network and Netmask fields. appliance. If you selected MAC, enter the MAC address and netmask in the Network and MAC Address field.
  • Page 48 IPs a matching NAT Policy to be automatically created in the are translated from the IP address of the SonicWALL security opposite direction. This will create the outbound as well as appliance WAN port to the IP address of the internal web the inbound policies.
  • Page 49 DMZ or Wireless LAN (WLAN), you must apply the security services to the network zones. For example, you can configure SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more security for Intrusion Prevention internal network traffic.
  • Page 50 The Packet Capture screen has buttons for starting and stopping a packet capture. If you simply click Start without any configuration, the SonicWALL appliance will capture all packets except those for internal communication, and will stop when the buffer is full or when you click Stop.
  • Page 51 The Ping test bounces a packet off a machine on the Internet capture. Once the configuration is complete, click Start to begin and returns it to the sender. This test shows if the SonicWALL capturing packets. The settings available in the five main areas security appliance is able to contact the remote host.
  • Page 52 Destination Port, Protocol, Src Interface and Dst Interface. exportable (plain text or CSV), filterable views of all connections Enter your filter criteria in the Active Connections Monitor to and through the SonicWALL security appliance. This tool is Settings table. available on the Systems > Diagnostics page.
  • Page 53 Using Log > View The SonicWALL security appliance maintains an Event log for tracking potential security threats. You can view the log in the Log > View page, or it can be automatically sent to an email address for convenience and archiving. The log is displayed in a table and can be sorted by column.
  • Page 54 Setting logging levels Configuring Log Categories (“Logging Level” section) Configuring threat prevention on all used zones Configuring Zones (“Enabling SonicWALL Security Services on Zones“ section) Configuring Web filtering protection Configuring SonicWALL Content Filtering Service Changing administrator login Configuring Administration Settings ("Administrator Name &...
  • Page 55 Page 54 Deployment Configuration Reference Checklist...

  • Page 56: Support And Training Options

    Support and Training Options In this Section: This section provides overviews of customer support and training options for the SonicWALL NSA E6500. Customer Support • - page 56 Knowledge Portal • - page 56 User Forums • - page 57 Training •...

  • Page 57: Customer Support

    SonicWALL documents based on the following types Support Contract. Please review our Warranty Support Policy of search tools: for product coverage. SonicWALL also offers a full range of • Browse consulting services to meet your needs, from our innovative •...

  • Page 58: User Forums

    User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •...

  • Page 59: Training

    Training SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications. SonicWALL Training provides the following resources for its customers: •...

  • Page 60: Related Documentation

    SonicWALL ViewPoint 4.1 Administrator’s Guide • SonicWALL GAV 2.1 Administrator’s Guide • SonicWALL IPS 2.0 Administrator’s Guide • SonicWALL Anti-Spyware Administrator’s Guide • SonicWALL CFS Administrator’s Guide For further information, visit: <http://www.sonicwall.com/us/support/289.html> SonicWALL NSA E6500 Getting Started Guide Page 59...

  • Page 61: Dynamic Tooltips

    SonicWALL Live Product Demos SonicOS features a dynamic tooltips that appear over various The SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. SonicWALL security products and services through interactive...
  • Page 62 SonicWALL NSA E6500 Getting Started Guide Page 61...
  • Page 63 Page 62 SonicWALL Live Product Demos...

  • Page 64: Rack Mounting Instructions

    Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the SonicWALL NSA E6500. Rack Mounting Instructions • - page 64 SonicWALL NSA E6500 Getting Started Guide Page 63...
  • Page 65 Rack Mounting Instructions Page 64 Rack Mounting Instructions...
  • Page 66 SonicWALL NSA E6500 Getting Started Guide Page 65...
  • Page 67 Page 66 Rack Mounting Instructions...
  • Page 68 SonicWALL NSA E6500 Getting Started Guide Page 67...
  • Page 69 Page 68 Rack Mounting Instructions...

  • Page 70: Product Safety And Regulatory Information

    - page 72 CISPR 22 (EN 55022) Class A • - page 72 Regulatory Information for Korea • - page 72 Copyright Notice • - page 73 Trademarks • - page 73 SonicWALL NSA E6500 Getting Started Guide Page 69...

  • Page 71: Safety And Regulatory Information

    • Use the mounting hardware recommended by the rack manu- may not be replaced by the user. The SonicWALL must be returned to a facturer and ensure that the rack is adequate for the applica- SonicWALL authorized service center for replacement with the same or tion.
  • Page 72 Achten Sie darauf, das sich die Netzwerkkabel nicht in der un- Geräten in Innenräumen. Schließen Sie an die Anschlüsse der mittelbaren Nähe von Stromleitungen, Leuchtstoffröhren und SonicWALL keine Kabel an, die aus dem Gebäude in dem sich das Gerät befindet ,herausgeführt werden. Störquellen wie Funksendern oder Breitbandverstärkern be- finden.

  • Page 73: Fcc Part 15 Class A Notice

    Caution: Modifying this equipment or using this equipment for purposes not shown National Deviations: AR, AT, AU, BE, BR, CA, CH, CN, CZ, in this manual without the written consent of SonicWALL, Inc. could void the user’s DE, DK, FI, FR, GB, GR, HU, IL, IN, IT, JP, KE, authority to operate this equipment.

  • Page 74: Copyright Notice

    Specifications and descriptions subject to change without notice. Trademarks SonicWALL is a registered trademark of SonicWALL, Inc. Microsoft Windows 98, Windows Vista, Windows 2000, Windows XP, Windows Server 2003, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation.
  • Page 75 Notes Page 74...
  • Page 76 Notes SonicWALL NSA E6500 Getting Started Guide Page 75...
  • Page 77 Notes Page 76...
  • Page 78 PROTECTION AT THE SPEED OF BUSINESS PN: 232-001051-52 Rev A 06/09 ©2009 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice.

Table of Contents