SonicWALL ECLASS NSA E5500 Getting Started Manual
  1. Manuals
  2. Brands
  3. SonicWALL Manuals
  4. Network Hardware
  5. ECLASS NSA E5500
  6. Getting started manual

SonicWALL ECLASS NSA E5500 Getting Started Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
NSA_E5500_GSG.book Page 1 Monday, January 17, 2011 4:58 PM
NSA E5500 Getting Started Guide
PROTECTION AT THE SPEED OF BUSINESS

Advertisement

Chapters

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ECLASS NSA E5500 and is the answer not in the manual?

Questions and answers

Related Manuals for SonicWALL ECLASS NSA E5500

Summary of Contents for SonicWALL ECLASS NSA E5500

  • Page 1 NSA_E5500_GSG.book Page 1 Monday, January 17, 2011 4:58 PM NSA E5500 Getting Started Guide PROTECTION AT THE SPEED OF BUSINESS ™...
  • Page 2 SonicWALL NSA E5500 Getting Started Guide This Getting Started Guide provides instructions for basic installation and configuration of the SonicWALL Network Security Appliance (NSA) E5500 running SonicOS Enhanced. After you complete this guide, computers on your Local Area Network (LAN) will have secure Internet access.
  • Page 3 WEEE Weight 17.30 lbs/7.9 kg Note: Always observe proper safety and regulatory guidelines when removing administrator-serviceable parts from the SonicWALL NSA E5500. Proper guidelines can be found in the Safety and Regulatory Information section, on page 66 of this guide.
  • Page 4 NSA_E5500_GSG.book Page 3 Monday, January 17, 2011 4:58 PM Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your SonicWALL NSA E5500. • Check Package Contents - page 4 • Obtain Configuration Information - page 5 •...
  • Page 5 NSA_E5500_GSG.book Page 4 Monday, January 17, 2011 4:58 PM Check Package Contents Before setting up your SonicWALL NSA E5500, verify that your Any Items Missing? package contains the following parts: If any items are missing from your package, please contact SonicWALL support.
  • Page 6 SonicWALL appliance. Obtain Internet Service Provider (ISP) Information Authentication Code: Record the authentication code found on the bottom panel of your SonicWALL Record the following information about your current Internet service: appliance. If You connect Please record...
  • Page 7 Press and hold the button for a few seconds to manually reset the appliance. LED (from left to right) Power LED: Indicates the SonicWALL NSA E5500 is powered on. Test LED: Flickering: Indicates the appliance is initializing. Steady blinking: Indicates the appliance is in SafeMode.
  • Page 8 NSA_E5500_GSG.book Page 7 Monday, January 17, 2011 4:58 PM The Back Panel Icon Feature Description Expansion Bay Future extension. Fans (2) The SonicWALL NSA E5500 includes two fans for system temperature control. Power Supply The SonicWALL NSA E5500 power supply. SonicWALL NSA E5500 Getting Started Guide Page 7...
  • Page 9 Front Bezel Control Features Note: Using the front bezel for configuration purposes prior to The SonicWALL Network Security Appliance E-Class is completing initial setup will bypass the Setup Wizard’s equipped with a front panel bezel interface that allows an automatic launch at startup.
  • Page 10 Configure menu. If their value is still 0.0.0.0 (default value), they will not appear in the Status List. Use the Up and Down button to select the menu you wish to enter and click the Right button to enter it. SonicWALL NSA E5500 Getting Started Guide Page 9...
  • Page 11 NSA_E5500_GSG.book Page 10 Monday, January 17, 2011 4:58 PM Configure After entering a new value for a setting in the configuration menu, you are asked if you want to commit changes. Using the The Configure Menu allows you to configure specific aspects of 4-way D-pad, press the Right button for yes or the Left button the appliance.
  • Page 12 Right button to confirm. The appliance will change to • Restore defaults SafeMode. Once SafeMode is enabled, the SonicWALL NSA E5500 must be controlled from the Web management interface. The X1 Mode can be set to Static (default option) or to DHCP. If...
  • Page 13 Front Bezel Configuration Example Press Right. LAN IP Configuration The SonicWALL NSA E5500 is assigned the default LAN IP of Press Down until X1 IP is selected (four times). 192.168.168.168. Complete the following steps to change it to Press Right to configure X1 IP.
  • Page 14 Registering a Second Appliance as a Backup - page 18 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of SonicWALL security services, firmware updates, and technical support. SonicWALL NSA E5500 Getting Started Guide...
  • Page 15 Security Services licenses with your primary SonicWALL. Note: Your SonicWALL NSA E5500 does not need to be powered on during account creation or during the mysonicwall.com registration and licensing process.
  • Page 16 Registration Next Steps • - page 18 Product Registration You must register your SonicWALL security appliance on mysonicwall.com to enable full functionality. Login to your mysonicwall.com account. On the main page, in the Register A Product field, type the appliance serial number and then click Next.
  • Page 17 • Support Services: at a later time. • Dynamic Support 24x7 The following products and services are available for the • Software and Firmware Updates SonicWALL NSA E5500: • Consulting Services: • Service Bundles: • Implementation Service • Client/Server Anti-Virus Suite •...
  • Page 18 Management page. A 30-day free trial is immediately Products page, check the Applicable Services table for activated. The Status page displays relevant services that your SonicWALL appliance is already licensed for. Your initial purchase may have included information including the activation status, expiration...
  • Page 19 HA Primary unit listed in the Parent Product section, as well as a Status value of 0 in the Associated Products / second SonicWALL with the first in a high availability (HA) pair. Child Product Type section. You can associate the two appliances as part of the registration Although the Stateful High Availability Upgrade and all the process on mysonicwall.com.
  • Page 20 Obtain Internet Before completing this section, fill out the information in - page 5, and Service Provider (ISP) Information - page 5. You will need to enter this information during the Setup Wizard. SonicWALL NSA E5500 Getting Started Guide Page 19...
  • Page 21 Current Gateway Configuration New Gateway Configuration Use Scenario No gateway appliance Single SonicWALL NSA as a primary gateway. A - NAT/Route Mode Gateway Pair of SonicWALL NSA appliances for high B - NAT with State Sync Pair availability.
  • Page 22 Network Security Appliance E5500 Internet In this scenario, the SonicWALL NSA E5500 is configured in NAT/Route mode to operate as a single network gateway. Two Internet sources may be routed through the SonicWALL appliance for load balancing and failover purposes. Because...
  • Page 23 HA / Failover Pair Network Security Appliance E5500 In this scenario, one SonicWALL NSA E5500 operates as the HA Link primary gateway device and the other SonicWALL NSA E5500 SonicWALL NSA E-Class 1 is in passive mode. All network connection information is...
  • Page 24 NSA_E5500_GSG.book Page 23 Monday, January 17, 2011 4:58 PM Scenario C: L2 Bridge Mode For network installations where the SonicWALL NSA E5500 is Third Party Gateway running in tandem with an existing network gateway. Internet or In this scenario, the original gateway is maintained. The...
  • Page 25 Initial Setup Accepted Browser Version This section provides initial configuration instructions for Browser Number connecting your SonicWALL NSA E5500. Follow these steps if Internet Explorer 6.0 or higher you are setting up scenario A, B, or C. Firefox 2.0 or higher...
  • Page 26 When the Power LEDs are lit and the Test LED is no longer lit, The Link LED above the X0 (LAN) port will light up in green the SonicWALL NSA E5500 is ready for configuration. This or amber depending on the link throughput speed,...
  • Page 27 NSA_E5500_GSG.book Page 26 Monday, January 17, 2011 4:58 PM Accessing the Management Interface Using the Setup Wizard If you cannot connect to the SonicWALL NSA E5500 or the The computer you use to manage the SonicWALL NSA E5500 Setup Wizard does not display, verify the following...
  • Page 28 LAN port. However, if a DHCP server is • Restart your Management Station to accept new already active on your LAN, the SonicWALL will disable its own network settings from the DHCP server in the DHCP server to prevent conflicts.
  • Page 29 It is available on mysonicwall.com at the top your licensed services from within the SonicOS user interface: of the Service Management page for your SonicWALL appliance. • Activate licenses To activate licenses in SonicOS: •...
  • Page 30 SonicWALL security appliance configuration settings. The backup feature saves a copy of the current configuration Obtaining the Latest Firmware settings on your SonicWALL security appliance, protecting all • - page 29 your existing settings in the event that it becomes necessary to Saving a Backup Copy of Your Preferences •...
  • Page 31 Uploaded Firmware. Using SafeMode to Upgrade Firmware In the confirmation dialog box, click OK. The SonicWALL If you are unable to connect to the SonicWALL security restarts and then displays the login page. appliance’s management interface, you can restart the Enter your user name and password.
  • Page 32 • Uploaded Firmware - New! Use this option to restart the appliance with your Connect your computer to the X0 port on the SonicWALL current configuration settings. appliance and configure your IP address with an address on the 192.168.168.0/24 subnet, such as 192.168.168.20.

  • Page 33: Table Of Contents

    This section provides instructions for configuring a pair of SonicWALL NSA E5500 appliances for high availability (HA). • On the bottom panel of the Backup SonicWALL security This section is relevant to administrators following deployment appliance, locate the serial number and write the number scenario B.

  • Page 34: Configuring High Availability

    Select the Enable Virtual MAC checkbox. Virtual MAC allows the Primary and Backup appliances to share a You can find the serial number on the back of the SonicWALL single MAC address. This greatly simplifies the process of security appliance, or in the System > Status screen of the updating network ARP tables and caches when a failover backup unit.
  • Page 35 Primary and Backup appliances. SonicWALL recommends that you set the interval for at 10. Click Synchronize Firmware if you previously uploaded least 5 seconds. You can set the Probe IP Address(es) on new firmware to your Primary unit while the Secondary unit the High Availability >...

  • Page 36: Synchronize Settings

    From your management workstation, test connectivity through message at the bottom of the management interface page. Also the Backup SonicWALL by accessing a site on the public note that the management interface displays Logged Into: Internet – note that the Backup SonicWALL, when active,...

  • Page 37: Adjusting High Availability Settings

    • Election Delay Time – This timer can be used to specify an amount of time the SonicWALL will wait to consider an interface up and stable, and is useful when dealing with switch ports that have a spanning-tree delay set.

  • Page 38: Ha License Configuration Overview

    You can configure HA license synchronization by associating provided before the failover. To enable HA, you can use the two SonicWALL security appliances as HA Primary and HA SonicOS UI to configure your two appliances as a HA pair in Secondary on mysonicwall.com.

  • Page 39: Associating Pre-Registered Appliances

    On the My Product - Associated Products page, in the text boxes under Associate New Products, type the serial To associate two already-registered SonicWALL security number and the friendly name of the appliance that you appliances so that they can use HA license synchronization, want to associate as the child/secondary/backup unit.
  • Page 40 Configuring L2 Bridge Mode Connection Overview This section provides instructions to configure the SonicWALL Connect the X1 port on your SonicWALL NSA E5500 to the NSA E5500 appliance in tandem with an existing Internet LAN port on your existing Internet gateway device. Then gateway device.
  • Page 41 NSA_E5500_GSG.book Page 40 Monday, January 17, 2011 4:58 PM Configuring the Secondary Bridge Interface Note: Complete the following steps to configure the SonicWALL Do not enable Never route traffic on the bridge-pair appliance: unless your network topology requires that all packets entering the L2 Bridge remain on the L2 Bridge Navigate to the Network >...
  • Page 42 Creating Network Access Rules • - page 42 Enabling Security Services in SonicOS • - page 48 Applying Security Services to Zones • - page 48 Deployment Configuration Reference Checklist • - page 51 SonicWALL NSA E5500 Getting Started Guide Page 41...
  • Page 43 Deny enforced by binding a zone to one or more physical interfaces (such as, X0, X1, or X2) on the SonicWALL UTM appliance. The X1 and X0 interfaces are preconfigured as WAN and LAN respectively. The remaining ports can be configured to meet the...
  • Page 44 The access rules are sorted from the most specific at the top to the least specific at the bottom of the table. At the bottom of the table is the Any rule. SonicWALL NSA E5500 Getting Started Guide Page 43...
  • Page 45 Comments field. • Specify the number of connections allowed as a percent of maximum number of connections allowed by the SonicWALL security appliance in the Number of connections allowed (% of maximum connections) field. • Select Create a reflexive rule if you want to create a...
  • Page 46 Address Objects as a defining criterion. You can create multiple NAT policies on a SonicWALL running SonicOS Enhanced for the same object – for instance, you can Since there are multiple types of network address expressions,...
  • Page 47 • Default Address Objects - displays Address Objects and netmask in the Network and Netmask fields. configured by default on the SonicWALL security If you selected MAC, enter the MAC address and appliance. netmask in the Network and MAC Address field.
  • Page 48 IP address of interfaces of the SonicWALL security appliance – just replace the SonicWALL security appliance WAN port, and not from the the Original Source with the subnet behind that interface, internal private IP address.
  • Page 49 DMZ or Wireless LAN (WLAN), you must apply the security services to the network zones. For example, you can configure SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more security for Intrusion Prevention internal network traffic.
  • Page 50 Troubleshooting Diagnostic Tools The Ping test bounces a packet off a machine on the Internet and returns it to the sender. This test shows if the SonicWALL SonicOS provides a number of diagnostic tools to help you security appliance is able to contact the remote host. If users on maintain your network and troubleshoot problems.
  • Page 51 The SonicOS user interface provides three windows to display different views of the captured packets. The SonicWALL security appliance maintains an Event log for tracking potential security threats. You can view the log in the Log > View page, or it can be automatically sent to an email address for convenience and archiving.
  • Page 52 Setting logging levels Configuring Log Categories (“Logging Level” section) Configuring threat prevention on all used zones Configuring Zones (“Enabling SonicWALL Security Services on Zones” section) Configuring Web filtering protection Configuring SonicWALL Content Filtering Service Changing administrator login Configuring Administration Settings ("Administrator Name &...
  • Page 53 NSA_E5500_GSG.book Page 53 Monday, January 17, 2011 4:58 PM Support and Training Options In this Section: This section provides overviews of customer support and training options for the SonicWALL NSA E5500. Customer Support • - page 54 Knowledge Portal •...

  • Page 54: Customer Support

    SonicWALL documents based on the following types Support Contract. Please review our Warranty Support Policy of search tools: for product coverage. SonicWALL also offers a full range of • Browse consulting services to meet your needs, from our innovative •...

  • Page 55: User Forums

    NSA_E5500_GSG.book Page 55 Monday, January 17, 2011 4:58 PM User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: •...

  • Page 56: Training

    NSA_E5500_GSG.book Page 56 Monday, January 17, 2011 4:58 PM Training SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications.

  • Page 57: Related Documentation

    SonicWALL ViewPoint 4.1 Administrator’s Guide • SonicWALL GAV 2.1 Administrator’s Guide • SonicWALL IPS 2.0 Administrator’s Guide • SonicWALL Anti-Spyware Administrator’s Guide • SonicWALL CFS Administrator’s Guide For further information, visit: <http://www.sonicwall.com/us/support/289.html> SonicWALL NSA E5500 Getting Started Guide Page 57...
  • Page 58 SonicWALL Live Product Demos SonicOS features a dynamic tooltips that appear over various The SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. SonicWALL security products and services through interactive...
  • Page 59 NSA_E5500_GSG.book Page 59 Monday, January 17, 2011 4:58 PM Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the SonicWALL NSA E5500. • Rack Mounting Instructions - page 60 SonicWALL NSA E5500 Getting Started Guide...
  • Page 60 NSA_E5500_GSG.book Page 60 Monday, January 17, 2011 4:58 PM Rack Mounting Instructions Page 60 Rack Mounting Instructions...
  • Page 61 NSA_E5500_GSG.book Page 61 Monday, January 17, 2011 4:58 PM SonicWALL NSA E5500 Getting Started Guide Page 61...
  • Page 62 NSA_E5500_GSG.book Page 62 Monday, January 17, 2011 4:58 PM Page 62 Rack Mounting Instructions...
  • Page 63 NSA_E5500_GSG.book Page 63 Monday, January 17, 2011 4:58 PM SonicWALL NSA E5500 Getting Started Guide Page 63...
  • Page 64 NSA_E5500_GSG.book Page 64 Monday, January 17, 2011 4:58 PM Page 64 Rack Mounting Instructions...
  • Page 65 - page 68 • Complies with CISPR 22 (EN 55022) Class A - page 68 • Regulatory Information for Korea - page 68 • Copyright Notice - page 69 • Trademarks - page 69 SonicWALL NSA E5500 Getting Started Guide Page 65...

  • Page 66: Safety And Regulatory Information

    The Lithium Battery used in the SonicWALL Internet security appliance greater than room ambient. Therefore, consideration should may not be replaced by the user. The SonicWALL must be returned to a be given to installing the equipment in an environment com-...

  • Page 67: Weitere Hinweise Zur Montage

    Achten Sie darauf, daß die Umgebungstemperatur nicht Geräten in Innenräumen. Schließen Sie an die Anschlüsse der mehr als 40° C beträgt. SonicWALL keine Kabel an, die aus dem Gebäude in dem sich das Gerät befindet ,herausgeführt werden. SonicWALL NSA E5500 Getting Started Guide...

  • Page 68: Fcc Part 15 Class A Notice

    EN 61000-3-2 (2006) Caution: Modifying this equipment or using this equipment for purposes not shown EN 61000-3-3 (2008) in this manual without the written consent of SonicWALL, Inc. could void the user’s EN 60950-1 (2006) +A11 authority to operate this equipment.

  • Page 69: Copyright Notice

    Specifications and descriptions subject to change without notice. Trademarks SonicWALL is a registered trademark of SonicWALL, Inc. Microsoft Windows 98, Windows Vista, Windows 2000, Windows XP, Windows Server 2003, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation.
  • Page 70 NSA_E5500_GSG.book Page 70 Monday, January 17, 2011 4:58 PM Notes Page 70...
  • Page 71 NSA_E5500_GSG.book Page 71 Monday, January 17, 2011 4:58 PM Notes SonicWALL NSA E5500 Getting Started Guide Page 71...
  • Page 72 NSA_E5500_GSG.book Page 72 Monday, January 17, 2011 4:58 PM Notes Page 72...
  • Page 73 PROTECTION AT THE SPEED OF BUSINESS ™ PN: 232-001052-54 Rev A 01/11 ©2011 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice.

Table of Contents