Table of Contents
Advertisement
Quick Links
Advertisement
Chapters
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for SonicWALL NSA E7500
Summary of Contents for SonicWALL NSA E7500
- Page 1 NSA E7500 Getting Started Guide PROTECTION AT THE SPEED OF BUSINESS ™...
-
Page 2: Table Of Contents
SonicWALL NSA E7500 Getting Started Guide This Getting Started Guide provides instructions for basic installation and configuration of the SonicWALL Network Security Appliance (NSA) E7500 running SonicOS Enhanced. After you complete this guide, computers on your Local Area Network (LAN) will have secure Internet access. -
Page 3: Sonicwall Nsa E
SonicWALL NSA E7500 Note: Always observe proper safety and regulatory guidelines when removing administrator-serviceable parts from the SonicWALL NSA E7500. Proper guidelines can be found in the Product Safety and Regulatory Information section, on page 67 of this guide. Page 2... -
Page 4: Pre-Configuration Tasks
Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your SonicWALL NSA E7500. Check Package Contents • - page 4 Obtain Configuration Information • - page 5 The Front Panel • - page 6 The Back Panel •... -
Page 5: Check Package Contents
Check Package Contents Before setting up your SonicWALL NSA E7500, verify that your package contains the following parts: Any Items Missing? If any items are missing from your package, please contact SonicWALL support. SonicWALL NSA E7500 Global Support Service Guide A listing of the most current support options is available online at: DB9 ->... -
Page 6: Obtain Configuration Information
ISP that DNS 3 (optional): assigns a static IP address. Note: If you are not using one of the network configurations above, refer to the SonicOS Enhanced Administrator’s Guide <http://www.sonicwall.com/us/support.html>. SonicWALL NSA E7500 Getting Started Guide Page 5... -
Page 7: The Front Panel
Press and hold the button for a few seconds to manually reset the appliance. LED (from left to right) Power LED (2): Indicates the SonicWALL NSA E7500 is powered on. Blue: Indicates power supplies are operating correctly. Yellow: Indicates an unconnected power supply or failure. -
Page 8: The Back Panel
The SonicWALL NSA E7500 includes two fans for system temperature control. Power Supply (2) As shipped from the factory, the SonicWALL NSA E7500 includes two power supplies for redundant AC power and added reliability. A field conversion is available to convert to DC mains. DC power supplies use different input connector and power cables. -
Page 9: Front Bezel Control Features
Front Bezel Control Features Note: Using the front bezel for configuration purposes prior to The SonicWALL Network Security Appliance E-Class is completing initial setup will bypass the Setup Wizard’s equipped with a front panel bezel interface that allows an automatic launch at startup. - Page 10 Status List. Use the Up and Down button to select the menu you wish to enter and click the Right button to enter it. SonicWALL NSA E7500 Getting Started Guide Page 9...
- Page 11 After entering a new value for a setting in the configuration Configure menu, you are asked if you want to commit changes. Using the The Configure Menu allows you to configure specific aspects of 4-way D-pad, press the Right button for yes or the Left button the appliance.
- Page 12 Right button to confirm. The appliance will change to • Restore defaults SafeMode. Once SafeMode is enabled, the SonicWALL NSA E7500 must be controlled from the Web management interface. The X1 Mode can be set to Static (default option) or to DHCP. If...
-
Page 13: Front Bezel Configuration Example
Press Right. Front Bezel Configuration Example LAN IP Configuration The SonicWALL NSA E7500 is assigned the default LAN IP of Press Down until X1 IP is selected (four times). 192.168.168.168. Complete the following steps to change it to Press Right to configure X1 IP. -
Page 14: Registering Your Appliance
• - page 18 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of SonicWALL security services, firmware updates, and technical support. SonicWALL NSA E7500 Getting Started Guide Page 13... - Page 15 Security Services licenses with your primary SonicWALL. Note: Your SonicWALL NSA E7500 does not need to be powered on during account creation or during the mysonicwall.com registration and licensing process.
- Page 16 Registration Next Steps • - page 18 Product Registration You must register your SonicWALL security appliance on mysonicwall.com to enable full functionality. Login to your mysonicwall.com account. If you do not have an account, you can create one at <http://www.sonicwall.com>.
- Page 17 • Support Services: at a later time. • Dynamic Support 24x7 The following products and services are available for the • Software and Firmware Updates SonicWALL NSA E7500: • Consulting Services: • Service Bundles: • Implementation Service • Client/Server Anti-Virus Suite •...
- Page 18 Management page. A 30-day free trial is immediately Products page, check the Applicable Services table for activated. The Status page displays relevant services that your SonicWALL appliance is already licensed for. Your initial purchase may have included information including the activation status, expiration...
- Page 19 HA Primary unit listed in the Parent Product section, as well as a Status value of 0 in the Associated Products / second SonicWALL with the first in a high availability (HA) pair. Child Product Type section. You can associate the two appliances as part of the registration Although the Stateful High Availability Upgrade and all the process on mysonicwall.com.
-
Page 20: Sonicwall Nsa E7500 Getting Started Guide
Click Register. • - page 38 Tip: Obtain Configuration Information Before completing this section, fill out the information in - page 5. You will need to enter this information during the Setup Wizard. SonicWALL NSA E7500 Getting Started Guide Page 19... -
Page 21: Selecting A Deployment Scenario
Current Gateway Configuration New Gateway Configuration Use Scenario No gateway appliance Single SonicWALL NSA as a primary gateway. A - NAT/Route Mode Gateway Pair of SonicWALL NSA appliances for high B - NAT with State Sync Pair availability. -
Page 22: Scenario A: Nat/Route Mode Gateway
SonicWALL NSA E7500 is replacing the existing network SonicWALL NSA E-Class gateway. ISP 1 Network Security Appliance In this scenario, the SonicWALL NSA E7500 is configured in Internet NAT/Route mode to operate as a single network gateway. Two Internet sources may be routed through the SonicWALL SonicPoint appliance for load balancing and failover purposes. - Page 23 SonicWALL redundant high-availability networking. HA/Failover Pair E7500 In this scenario, one SonicWALL NSA E7500 operates as the HA Link primary gateway device and the other SonicWALL NSA E7500 SonicWALL NSA E-Class 1 is in passive mode. All network connection information is...
-
Page 24: Scenario C: L2 Bridge Mode
Scenario C: L2 Bridge Mode For network installations where the SonicWALL NSA E7500 is Third Party Gateway running in tandem with an existing network gateway. Internet or L2 Bridge Link LAN Segment 2 In this scenario, the original gateway is maintained. The... -
Page 25: Initial Setup
Initial Setup Accepted Browser Version This section provides initial configuration instructions for Browser Number connecting your SonicWALL NSA E7500. Follow these steps if Internet Explorer 6.0 or higher you are setting up Scenario A, B, or C. Firefox 2.0 or higher... - Page 26 When the Power LEDs are lit and the Test LED is no longer lit, The Link LED above the X0 (LAN) port will light up in green the SonicWALL NSA E7500 is ready for configuration. This or amber depending on the link throughput speed,...
- Page 27 Accessing the Management Interface Using the Setup Wizard If you cannot connect to the SonicWALL NSA E7500 or the The computer you use to manage the SonicWALL NSA E7500 Setup Wizard does not display, verify the following must be set up to accept a dynamic IP address, or it must have configurations: an unused IP address on the 192.168.168.x/24 subnet, such as...
- Page 28 LAN port. However, if a DHCP server is • Restart your Management Station to accept new already active on your LAN, the SonicWALL will disable its own network settings from the DHCP server in the DHCP server to prevent conflicts.
- Page 29 It is available on mysonicwall.com at the top your licensed services from within the SonicOS user interface: of the Service Management page for your SonicWALL appliance. • Activate licenses To activate licenses in SonicOS: •...
- Page 30 SonicWALL security appliance configuration settings. The backup feature saves a copy of the current configuration Obtaining the Latest Firmware settings on your SonicWALL security appliance, protecting all • - page 29 your existing settings in the event that it becomes necessary to Saving a Backup Copy of Your Preferences •...
- Page 31 Upgrading the Firmware Using SafeMode to Upgrade Firmware Perform the following steps to upload new firmware to your If you are unable to connect to the SonicWALL security SonicWALL appliance and use your current configuration appliance’s management interface, you can restart the settings upon startup.
- Page 32 After successfully booting the firmware, the login screen is displayed. If you booted with factory default settings, enter the default user name and password (admin / password) to access the SonicWALL management interface. SonicWALL NSA E7500 Getting Started Guide Page 31...
-
Page 33: Initial High Availability Setup
Before you begin the configuration of HA on the Primary SonicWALL security appliance, perform the following setup: This section provides instructions for configuring a pair of SonicWALL NSA E7500 appliances for high availability (HA). • On the bottom panel of the Backup SonicWALL security... -
Page 34: Configuring High Availability
1000 milliseconds. Less than this may cause unnecessary You can find the serial number on the back of the SonicWALL failovers, especially when the SonicWALL is under a heavy security appliance, or in the System > Status screen of the load. - Page 35 The Election Delay Time is the number of seconds allowed for internal processing between the two units in the HA pair before one of them takes the primary role. The Dynamic Route Hold-Down Time setting is used when a failover occurs on a HA pair that is using either RIP or OSPF dynamic routing.
-
Page 36: Synchronizing Settings
From your management workstation, test connectivity through message at the bottom of the management interface page. Also the Backup SonicWALL by accessing a site on the public note that the management interface displays Logged Into: Internet – note that the Backup SonicWALL, when active,... -
Page 37: Adjusting High Availability Settings
• Election Delay Time – This timer can be used to specify an amount of time the SonicWALL will wait to consider an interface up and stable, and is useful when dealing with switch ports that have a spanning-tree delay set. -
Page 38: Ha License Configuration Overview
You can configure HA license synchronization by associating provided before the failover. To enable HA, you can use the two SonicWALL security appliances as HA Primary and HA SonicOS UI to configure your two appliances as a HA pair in Secondary on mysonicwall.com. -
Page 39: Associating Pre-Registered Appliances
To associate two already-registered SonicWALL security This section provides instructions to configure the SonicWALL appliances so that they can use HA license synchronization, NSA E7500 appliance in tandem with an existing Internet perform the following steps: gateway device. This section is relevant to users following deployment scenario C. - Page 40 Connection Overview Configuring the Secondary Bridge Interface Connect the X1 port on your SonicWALL NSA E7500 to the Complete the following steps to configure the SonicWALL LAN port on your existing Internet gateway device. Then appliance: connect the X0 port on your SonicWALL to your LAN.
- Page 41 Note: Do not enable Never route traffic on the bridge-pair unless your network topology requires that all packets entering the L2 Bridge remain on the L2 Bridge segments. You may optionally enable the Block all non-IPv4 traffic setting to prevent the L2 bridge from passing non-IPv4 traffic.
-
Page 42: Additional Deployment Configuration
Creating a NAT Policy • - page 45 Enabling Security Services in SonicOS • - page 48 Applying Security Services to Zones • - page 48 Troubleshooting Diagnostic Tools • - page 49 SonicWALL NSA E7500 Getting Started Guide Page 41... - Page 43 Deny enforced by binding a zone to one or more physical interfaces (such as, X0, X1, or X2) on the SonicWALL UTM appliance. The X1 and X0 interfaces are preconfigured as WAN and LAN respectively. The remaining ports can be configured to meet the...
- Page 44 The access rules are sorted from the most specific at the top to the least specific at the bottom of the table. At the bottom of the table is the Any rule. SonicWALL NSA E7500 Getting Started Guide Page 43...
- Page 45 Comments field. • Specify the number of connections allowed as a percent of maximum number of connections allowed by the SonicWALL security appliance in the Number of connections allowed (% of maximum connections) field. • Select Create a reflexive rule if you want to create a...
- Page 46 Address Objects as a defining criterion. You can create multiple NAT policies on a SonicWALL running SonicOS Enhanced for the same object – for instance, you can Since there are multiple types of network address expressions,...
- Page 47 • Default Address Objects - displays Address Objects and netmask in the Network and Netmask fields. configured by default on the SonicWALL security If you selected MAC, enter the MAC address and appliance. netmask in the Network and MAC Address field.
- Page 48 IPs 12. Select the Create a reflexive policy checkbox if you want are translated from the IP address of the SonicWALL security a matching NAT Policy to be automatically created in the appliance WAN port to the IP address of the internal web opposite direction.
- Page 49 DMZ or Wireless LAN (WLAN), you must apply the security services to the network zones. For example, you can configure SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more security for Intrusion Prevention internal network traffic.
- Page 50 The Packet Capture screen has buttons for starting and stopping a packet capture. If you simply click Start without any configuration, the SonicWALL appliance will capture all packets except those for internal communication, and will stop when the buffer is full or when you click Stop.
- Page 51 The SonicOS user interface provides three windows to display Click the Configure button to customize the settings for the different views of the captured packets: capture. Once the configuration is complete, click Start to begin capturing packets. The settings available in the five main areas •...
- Page 52 Systems > Diagnostics page. The Ping test bounces a packet off a machine on the Internet and returns it to the sender. This test shows if the SonicWALL security appliance is able to contact the remote host. If users on...
- Page 53 Page 52 Troubleshooting Diagnostic Tools...
-
Page 54: Support And Training Options
Support and Training Options In this Section: This section provides overviews of customer support and training options for the SonicWALL NSA E7500. Customer Support • - page 54 Knowledge Portal • - page 54 User Forums • - page 55 Training •... -
Page 55: Customer Support
SonicWALL documents based on the following types Support Contract. Please review our Warranty Support Policy of search tools: for product coverage. SonicWALL also offers a full range of • Browse consulting services to meet your needs, from our innovative •... -
Page 56: User Forums
User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •... -
Page 57: Training
Training SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications. SonicWALL Training provides the following resources for its customers: •... -
Page 58: Related Documentation
SonicWALL ViewPoint 4.1 Administrator’s Guide • SonicWALL GAV 2.1 Administrator’s Guide • SonicWALL IPS 2.0 Administrator’s Guide • SonicWALL Anti-Spyware Administrator’s Guide • SonicWALL CFS Administrator’s Guide For further information, visit: <http://www.sonicwall.com/us/support/289.html> SonicWALL NSA E7500 Getting Started Guide Page 57... -
Page 59: Dynamic Tooltips
SonicWALL Live Product Demos SonicOS features a dynamic tooltips that appear over various The SonicWALL Live Demo Site provides free test drives of elements of the GUI when the mouse hovers over them. SonicWALL security products and services through interactive... - Page 60 SonicWALL NSA E7500 Getting Started Guide Page 59...
- Page 61 Page 60 SonicWALL Live Product Demos...
-
Page 62: Rack Mounting Instructions
Rack Mounting Instructions In this Section: This section provides illustrated rack mounting instructions for the SonicWALL NSA E7500. Rack Mounting Instructions • - page 62 SonicWALL NSA E7500 Getting Started Guide Page 61... - Page 63 Rack Mounting Instructions Page 62 Rack Mounting Instructions...
- Page 64 SonicWALL NSA E7500 Getting Started Guide Page 63...
- Page 65 Page 64 Rack Mounting Instructions...
- Page 66 SonicWALL NSA E7500 Getting Started Guide Page 65...
- Page 67 Page 66 Rack Mounting Instructions...
-
Page 68: Product Safety And Regulatory Information
- page 70 CISPR 22 (EN 55022) Class A • - page 70 Regulatory Information for Korea • - page 70 Copyright Notice • - page 71 Trademarks • - page 71 SonicWALL NSA E7500 Getting Started Guide Page 67... -
Page 69: Safety And Regulatory Information
• Four mounting screws, compatible with the rack design, must be used and may not be replaced by the user. The SonicWALL must be returned to a hand tightened to ensure secure installation. Choose a mounting location where all four mounting holes line up with those of the mounting bars of the SonicWALL authorized service center for replacement with the same or 19-inch rack mount cabinet. - Page 70 Bringen Sie die SonicWALL waagerecht im Rack an, um Geräten in Innenräumen. Schließen Sie an die Anschlüsse der mögliche Gefahren durch ungleiche mechanische Belastung SonicWALL keine Kabel an, die aus dem Gebäude in dem sich das zu vermeiden. Gerät befindet ,herausgeführt werden.
-
Page 71: Fcc Part 15 Class A Notice
Caution: Modifying this equipment or using this equipment for purposes not shown National Deviations: AR, AT, AU, BE, BR, CA, CH, CN, CZ, in this manual without the written consent of SonicWALL, Inc. could void the user’s DE, DK, FI, FR, GB, GR, HU, IL, IN, IT, JP, KE, authority to operate this equipment. -
Page 72: Copyright Notice
Specifications and descriptions subject to change without notice. Trademarks SonicWALL is a registered trademark of SonicWALL, Inc. Microsoft Windows 98, Windows Vista, Windows 2000, Windows XP, Windows Server 2003, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation. - Page 73 Notes Page 72...
- Page 74 Notes SonicWALL NSA E7500 Getting Started Guide Page 73...
- Page 75 Notes Page 74...
- Page 76 PROTECTION AT THE SPEED OF BUSINESS PN: 232-001050-52 Rev A 06/09 ©2009 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice.
Need help?
Do you have a question about the NSA E7500 and is the answer not in the manual?
Questions and answers