COMPREHENSIVE INTERNET SECURITYSonicOS 4.0 EnhancedAdministrator’s GuideSonicWALL Internet Security AppliancesFor the SonicWALL TZ 180 and TZ 190
xSonicOS Enhanced 4.0 Administrator GuideChapter 25: Setting Up Web Proxy Forwarding . . . . . . . . . . . . . . . . . . 305Network > Web Proxy
System > Settings100SonicOS Enhanced 4.0 Administrator GuideSettingsImport Settings To import a previously saved preferences file into the SonicWAL
System > Settings101SonicOS Enhanced 4.0 Administrator Guide • Boot to your choice of firmware and system settings. • Manage system backups. • E
System > Settings102SonicOS Enhanced 4.0 Administrator Guide –Uploaded Firmware - the latest uploaded version from mySonicWALL.com. –Uploaded Fir
System > Settings103SonicOS Enhanced 4.0 Administrator GuideSafeMode - Rebooting the SonicWALL Security Appliance SafeMode allows easy firmware and
System > Settings104SonicOS Enhanced 4.0 Administrator GuideNote Clicking Boot next to any firmware image overwrites the existing current firmware
105SonicOS Enhanced 4.0 Administrator GuideCHAPTER 12 Chapter 12: Using SonicWALL Packet CaptureSystem > Packet CaptureThis chapter contains the fo
System > Packet Capture106SonicOS Enhanced 4.0 Administrator Guide • PPP negotiations detailsYou can configure the packet capture feature in the S
System > Packet Capture107SonicOS Enhanced 4.0 Administrator GuideRefer to the figure below to see a high level view of the packet capture subsyste
System > Packet Capture108SonicOS Enhanced 4.0 Administrator GuideAccessing Packet Capture in the UIThis section describes how to access the packet
System > Packet Capture109SonicOS Enhanced 4.0 Administrator GuideStarting packet captureStep 1 Navigate to the Packet Capture page in the UI. See
xiSonicOS Enhanced 4.0 Administrator GuideChapter 30: Configuring Advanced Wireless Settings . . . . . . . . . . . . .339Wireless > Advanced . .
System > Packet Capture110SonicOS Enhanced 4.0 Administrator Guide • Egress - The SonicWALL appliance interface on which the packet was captured w
System > Packet Capture111SonicOS Enhanced 4.0 Administrator GuideAbout the Packet Detail WindowWhen you click on a packet in the Captured Packets
System > Packet Capture112SonicOS Enhanced 4.0 Administrator Guide • “Configuring Advanced Settings” on page 119 • “Restarting FTP logging” on pa
System > Packet Capture113SonicOS Enhanced 4.0 Administrator GuideYou can specify up to ten Ethernet types separated by commas. Currently, the foll
System > Packet Capture114SonicOS Enhanced 4.0 Administrator GuideTo configure Packet Capture complete the following steps:Step 1 Navigate to the P
System > Packet Capture115SonicOS Enhanced 4.0 Administrator GuideConfiguring Display Filter SettingsThis section describes how to configure packet
System > Packet Capture116SonicOS Enhanced 4.0 Administrator GuideSonicOS Enhanced adds one of four possible packet status values to each captured
System > Packet Capture117SonicOS Enhanced 4.0 Administrator GuideStep 4 In the Interface Name(s) box, type the SonicWALL appliance interfaces for
System > Packet Capture118SonicOS Enhanced 4.0 Administrator GuideIf you configure automatic logging, this supersedes the setting for wrapping the
System > Packet Capture119SonicOS Enhanced 4.0 Administrator Guidemonth, day, and year. For example, packet-log--3-22-08292006.cap. For HTML format
xiiSonicOS Enhanced 4.0 Administrator GuidePart 5: WWANChapter 34: Configuring Wireless WAN (TZ 190 only) . . . . . . . . . . . . . 371WWAN . . . .
System > Packet Capture120SonicOS Enhanced 4.0 Administrator GuideEven when interfaces specified in the capture filters do not match, this option e
System > Packet Capture121SonicOS Enhanced 4.0 Administrator Guide • Red: Capture is stopped • Green: Capture is running and the buffer is not fu
System > Packet Capture122SonicOS Enhanced 4.0 Administrator GuideResetting the Status InformationYou can reset the displayed statistics for the ca
System > Packet Capture123SonicOS Enhanced 4.0 Administrator GuideHTML FormatYou can view the HTML format in a browser. The following is an example
System > Packet Capture124SonicOS Enhanced 4.0 Administrator GuideText File FormatYou can view the text format output in a text editor. The followi
125SonicOS Enhanced 4.0 Administrator GuideCHAPTER 13 Chapter 13: Using Diagnostic Tools & Restarting the ApplianceSystem > DiagnosticsThe Syst
System > Diagnostics126SonicOS Enhanced 4.0 Administrator GuideTech Support ReportThe Tech Support Report generates a detailed report of the SonicW
System > Diagnostics127SonicOS Enhanced 4.0 Administrator Guide • “Active Connections Monitor” on page 127 • “CPU Monitor” on page 128 • “DNS Na
System > Diagnostics128SonicOS Enhanced 4.0 Administrator GuideThe fields you enter values into are combined into a search string with a logical AN
System > Diagnostics129SonicOS Enhanced 4.0 Administrator GuideDNS Name LookupThe SonicWALL security appliance has a DNS lookup tool that returns t
xiiiSonicOS Enhanced 4.0 Administrator GuideChapter 40: Configuring Advanced Access Rule Settings . . . . . . . . . .433Firewall > Advanced . .
System > Diagnostics130SonicOS Enhanced 4.0 Administrator GuidePacket CaptureThe Packet Capture tool tracks the status of a communications stream a
System > Diagnostics131SonicOS Enhanced 4.0 Administrator GuideClient sends a final ACK, and waits for start of data transfer.Step 6 TCP sent on WA
System > Diagnostics132SonicOS Enhanced 4.0 Administrator GuideProcess MonitorProcess Monitor shows individual system processes, their CPU utilizat
System > Diagnostics133SonicOS Enhanced 4.0 Administrator GuideTrace RouteTrace Route is a diagnostic utility to assist in diagnosing and troublesh
System > Restart134SonicOS Enhanced 4.0 Administrator GuideSystem > RestartThe SonicWALL security appliance can be restarted from the Web Manage
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 135PART 3 Network
136 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
137SonicOS Enhanced 4.0 Administrator GuideCHAPTER 14 Chapter 14: Configuring InterfacesNetwork > InterfacesThe Network > Interfaces page includ
Network > Interfaces138SonicOS Enhanced 4.0 Administrator GuideSetup WizardThe Setup Wizard button accesses the Setup Wizard. The Setup Wizard walk
Network > Interfaces139SonicOS Enhanced 4.0 Administrator GuideCaution You cannot change the Zones in the Edit Interface window for the LAN, WAN, M
xivSonicOS Enhanced 4.0 Administrator GuideChapter 45: Managing Quality of Service . . . . . . . . . . . . . . . . . . . . . . . 467Firewall > Qo
Network > Interfaces140SonicOS Enhanced 4.0 Administrator GuidePhysical InterfacesPhysical interfaces must be assigned to a Zone to allow for confi
Configuring Interfaces141SonicOS Enhanced 4.0 Administrator GuideTransparent ModeTransparent Mode in SonicOS Enhanced uses interfaces as the top level
Configuring Interfaces142SonicOS Enhanced 4.0 Administrator GuideNote The administrator password is required to regenerate encryption keys after chang
Configuring Interfaces143SonicOS Enhanced 4.0 Administrator GuideConfiguring Interfaces in Transparent ModeTransparent Mode enables the SonicWALL secu
Configuring Interfaces144SonicOS Enhanced 4.0 Administrator Guide • Range to specify a range of IP addresses by entering beginning and ending value of
Configuring Interfaces145SonicOS Enhanced 4.0 Administrator GuideConfiguring Wireless InterfacesA Wireless interface is an interface that has been ass
Configuring Interfaces146SonicOS Enhanced 4.0 Administrator GuideNote The above table depicts the maximum subnet mask sizes allowed. You can still use
Configuring Interfaces147SonicOS Enhanced 4.0 Administrator GuideCaution If you select a specific Ethernet speed and duplex, you must force the connec
Configuring Interfaces148SonicOS Enhanced 4.0 Administrator Guide • DHCP - configures the SonicWALL to request IP settings from a DHCP server on the
Configuring Interfaces149SonicOS Enhanced 4.0 Administrator GuideEthernet SettingsIf you need to force an Ethernet speed, duplex and/or MAC address, c
xvSonicOS Enhanced 4.0 Administrator GuideChapter 50: Configuring DHCP Over VPN . . . . . . . . . . . . . . . . . . . . . . .587VPN > DHCP over V
Configuring Interfaces150SonicOS Enhanced 4.0 Administrator GuideUse the Bandwidth Management section of the Edit Interface screen to enable or disabl
Configuring Interfaces151SonicOS Enhanced 4.0 Administrator Guide • Subnet Mask: 255.255.255.0 is the defaultStep 3 In the Switch Ports tab, chose wh
Configuring Interfaces152SonicOS Enhanced 4.0 Administrator GuideConfiguring the Wireless WAN InterfaceThe SonicWALL TZ 190 security appliance introdu
Configuring Interfaces153SonicOS Enhanced 4.0 Administrator GuideManaging WWAN ConnectionsTo initiate a WWAN connection, on the Network > Interface
Configuring Interfaces154SonicOS Enhanced 4.0 Administrator GuideFor a detailed explanation of the behavior of the Ethernet with WWAN Failover setting
Configuring Interfaces155SonicOS Enhanced 4.0 Administrator GuideNote To configure the SonicWALL TZ 190 for Connect on Data operation, you must select
Configuring Interfaces156SonicOS Enhanced 4.0 Administrator GuideConfiguring Remotely Triggered Dial-Out on the WWANBefore configuring the Remotely Tr
Configuring Interfaces157SonicOS Enhanced 4.0 Administrator GuideConfiguring the Maximum Allowed WWAN ConnectionsTo configure the maximum number of no
Configuring Interfaces158SonicOS Enhanced 4.0 Administrator Guide • SonicPoint Limit: The maximum number of allowed SonicPoints is configured automat
159SonicOS Enhanced 4.0 Administrator GuideCHAPTER 15 Chapter 15: Configuring PortShield InterfacesSonicWALL PortShield Interfaces SonicWALL PortShiel
xviSonicOS Enhanced 4.0 Administrator GuidePart 11: Security ServicesChapter 54: Managing SonicWALL Security Services . . . . . . . . . . . . . 687So
SonicWALL PortShield Interfaces160SonicOS Enhanced 4.0 Administrator GuideNetwork > SwitchPortsThe Network > SwitchPorts page allows you to mana
SonicWALL PortShield Interfaces161SonicOS Enhanced 4.0 Administrator GuideWhen you create a PortShield interface in Transparent Mode, you create a ran
SonicWALL PortShield Interfaces162SonicOS Enhanced 4.0 Administrator GuideCreating a PortShield Interface from the Interfaces AreaBefore creating and
SonicWALL PortShield Interfaces163SonicOS Enhanced 4.0 Administrator Guide6. Click the Add PortShield Interface button. The Add Port Shield dialog bo
SonicWALL PortShield Interfaces164SonicOS Enhanced 4.0 Administrator Guide8. After you select a zone option, the management software displays a more e
SonicWALL PortShield Interfaces165SonicOS Enhanced 4.0 Administrator GuideNote This option only appears when creating a PortShield interface, not when
SonicWALL PortShield Interfaces166SonicOS Enhanced 4.0 Administrator GuideCreating a New Zone for the PortShield InterfaceYou may want to create a zon
SonicWALL PortShield Interfaces167SonicOS Enhanced 4.0 Administrator Guide4. After selecting the security level for the PortShield interface, click on
SonicWALL PortShield Interfaces168SonicOS Enhanced 4.0 Administrator Guide4. Click the Configure button. The management software displays the Edit Mul
SonicWALL PortShield Interfaces169SonicOS Enhanced 4.0 Administrator GuideCreating Transparent Mode PortShield InterfacesYou may find it useful to cre
xviiSonicOS Enhanced 4.0 Administrator GuideChapter 57: Managing SonicWALL Gateway Anti-Virus Service . . . . .715Security Services > Gateway Anti
SonicWALL PortShield Interfaces170SonicOS Enhanced 4.0 Administrator Guide7. Click on the Transparent Range list box and click on the Create new addre
SonicWALL PortShield Interfaces171SonicOS Enhanced 4.0 Administrator GuideCreating a PortShield Using an Address Object Containing an Address RangeTo
SonicWALL PortShield Interfaces172SonicOS Enhanced 4.0 Administrator Guide2. Click on the Add button in the Address Objects list in the window. SonicO
SonicWALL PortShield Interfaces173SonicOS Enhanced 4.0 Administrator GuideTo select ports and apply them to a previously configured interface, perform
PortShield Deployment Scenario174SonicOS Enhanced 4.0 Administrator Guide6. Click on the PortShield Interface list box as shown in the following figur
PortShield Deployment Scenario175SonicOS Enhanced 4.0 Administrator GuideNote The easiest way to configure this example is to use the PortShield Wizar
PortShield Deployment Scenario176SonicOS Enhanced 4.0 Administrator GuidePortShield InterfacesThe small business example uses two PortShield interface
PortShield Deployment Scenario177SonicOS Enhanced 4.0 Administrator Guide –Name: Residents –Security Type: Wireless. Select Wireless so you can use
PortShield Deployment Scenario178SonicOS Enhanced 4.0 Administrator Guide –SonicPoint Provisioning Profile: Select the SonicPoint profile you configu
PortShield Deployment Scenario179SonicOS Enhanced 4.0 Administrator GuideConfigure the PortShield Interfaces with the PortShield WizardIn this example
xviiiSonicOS Enhanced 4.0 Administrator GuideChapter 59: Activating Anti-Spyware Service . . . . . . . . . . . . . . . . . . . . 745Security Services
PortShield Deployment Scenario180SonicOS Enhanced 4.0 Administrator Guide4. Uncheck the Enable Interface Trust for new PortShield Interface segments c
181SonicOS Enhanced 4.0 Administrator GuideCHAPTER 16 Chapter 16: Setting Up WAN Failover and Load BalancingNetwork > WAN Failover & Load Balan
Network > WAN Failover & Load Balancing182SonicOS Enhanced 4.0 Administrator GuideAbout Source and Destination IP Address BindingWhen you estab
Network > WAN Failover & Load Balancing183SonicOS Enhanced 4.0 Administrator GuideCreating a NAT Policy for the Secondary WAN PortYou need to c
Network > WAN Failover & Load Balancing184SonicOS Enhanced 4.0 Administrator GuideActivating WAN Failover and Selecting the Load Balancing Meth
Network > WAN Failover & Load Balancing185SonicOS Enhanced 4.0 Administrator Guide –Basic Active/Passive Failover: When this setting is select
Network > WAN Failover & Load Balancing186SonicOS Enhanced 4.0 Administrator Guideentry box is required (percentage for Primary WAN) The manage
Network > WAN Failover & Load Balancing187SonicOS Enhanced 4.0 Administrator Guideupstream. If your ISP is experiencing problems in its routing
Network > WAN Failover & Load Balancing188SonicOS Enhanced 4.0 Administrator GuideNote If there is a NAT device between the two devices sending
Network > WAN Failover & Load Balancing189SonicOS Enhanced 4.0 Administrator GuideCaution Before you begin, be sure you have configured a user-
xixSonicOS Enhanced 4.0 Administrator GuideChapter 64: Configuring Syslog Settings . . . . . . . . . . . . . . . . . . . . . . . .775Log > Syslog
Network > WAN Failover & Load Balancing190SonicOS Enhanced 4.0 Administrator Guide
191SonicOS Enhanced 4.0 Administrator GuideCHAPTER 17 Chapter 17: Configuring ZonesNetwork > ZonesA Zone is a logical grouping of one or more inter
Network > Zones192SonicOS Enhanced 4.0 Administrator Guidetunnels, which is a feature that users have long requested. SonicWALL security appliances
Network > Zones193SonicOS Enhanced 4.0 Administrator GuidePredefined ZonesThe predefined zones on your the SonicWALL security appliance depend on t
Network > Zones194SonicOS Enhanced 4.0 Administrator Guide • Trusted: Trusted is a security type that provides the highest level of trust—meaning
Network > Zones195SonicOS Enhanced 4.0 Administrator Guide • Enable Anti-Spyware Service - Enforces anti-spyware detection and prevention on multi
Network > Zones196SonicOS Enhanced 4.0 Administrator Guide • Configure: Clicking the Notepad icon displays the Edit Zone window. Clicking the Tra
Network > Zones197SonicOS Enhanced 4.0 Administrator Guide –Enable Gateway Anti-Virus Service - Enforces gateway anti-virus protection on your Son
Network > Zones198SonicOS Enhanced 4.0 Administrator Guide –Enforce Global Security Clients - Enforces security policies for Global Security Clien
Network > Zones199SonicOS Enhanced 4.0 Administrator Guide –X5 IP Step 8 In the SSL-VPN Service list, select the service or group of services you
xxSonicOS Enhanced 4.0 Administrator GuideChapter 72: Configuring VPN Policies with the VPN Policy Wizard . . 827Wizards > VPN Wizard . . . . . .
Network > Zones200SonicOS Enhanced 4.0 Administrator Guide –Enable Dynamic Address Translation (DAT) - Wireless Guest Services (WGS) provides spur
201SonicOS Enhanced 4.0 Administrator GuideCHAPTER 18 Chapter 18: Configuring DNS SettingsNetwork > DNSThe Domain Name System (DNS) is a distribute
Network > DNS202SonicOS Enhanced 4.0 Administrator GuideTo use the DNS Settings configured for the WAN zone, select Inherit DNS Settings Dynamicall
203SonicOS Enhanced 4.0 Administrator GuideCHAPTER 19 Chapter 19: Configuring Address ObjectsNetwork > Address ObjectsAddress Objects are one of fo
Network > Address Objects204SonicOS Enhanced 4.0 Administrator Guide • MAC Address – MAC Address Objects allow for the identification of a host by
Network > Address Objects205SonicOS Enhanced 4.0 Administrator Guide • All Address Objects - displays all configured Address Objects. • Custom Ad
Network > Address Objects206SonicOS Enhanced 4.0 Administrator GuideDefault Address Objects and GroupsThe Default Address Objects view displays the
Network > Address Objects207SonicOS Enhanced 4.0 Administrator GuideDefault Address Groups • LAN Subnets • Firewalled Subnets • LAN Interface IP
Network > Address Objects208SonicOS Enhanced 4.0 Administrator Guide • X4 Subnet • X5 IP • X5 Subnet • Default Gateway • Secondary Default Gat
Network > Address Objects209SonicOS Enhanced 4.0 Administrator GuideAdding an Address ObjectTo add an Address Object, click Add button under the Ad
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 21PART 1 Introduction
Network > Address Objects210SonicOS Enhanced 4.0 Administrator Guide –If you selected MAC, enter the MAC address and netmask in the Network and MA
Network > Address Objects211SonicOS Enhanced 4.0 Administrator GuideCreating Group Address ObjectsAs more and more Address Objects are added to the
Network > Address Objects212SonicOS Enhanced 4.0 Administrator GuidePublic Server WizardSonicOS Enhanced includes the Public Server Wizard to autom
Network > Address Objects213SonicOS Enhanced 4.0 Administrator GuideSonicOS Enhanced 3.5 redefined the operation of MAC AOs, and introduces Fully Q
Network > Address Objects214SonicOS Enhanced 4.0 Administrator GuideFeature BenefitFQDN wildcard supportFQDN Address Objects support wildcard entri
Network > Address Objects215SonicOS Enhanced 4.0 Administrator GuideEnforcing the use of sanctioned servers on the networkAlthough not a requiremen
Network > Address Objects216SonicOS Enhanced 4.0 Administrator Guide • Create Address Object Groups of sanctioned servers (e.g. SMTP, DNS, etc.)
Network > Address Objects217SonicOS Enhanced 4.0 Administrator GuideBlocking All Protocol Access to a Domain using FQDN DAOsThere might be instance
Network > Address Objects218SonicOS Enhanced 4.0 Administrator GuideStep 2 – Create the Firewall Access Rule • From the Firewall > Access Rules
Network > Address Objects219SonicOS Enhanced 4.0 Administrator GuideThe following illustrates a packet dissection of a typical DNS dynamic update p
22 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
Network > Address Objects220SonicOS Enhanced 4.0 Administrator GuideStep 1 – Create the MAC Address Objects • From Network > Address Objects, s
Network > Address Objects221SonicOS Enhanced 4.0 Administrator GuideBandwidth Managing Access to an Entire DomainStreaming media is one of the most
Network > Address Objects222SonicOS Enhanced 4.0 Administrator GuideStep 2 – Create the Firewall Access Rule • From the Firewall > Access Rules
Network > Address Objects223SonicOS Enhanced 4.0 Administrator Guide • The BWM icon will appear within the Access Rule table indicating that BWM i
Network > Address Objects224SonicOS Enhanced 4.0 Administrator Guide
225SonicOS Enhanced 4.0 Administrator GuideCHAPTER 20 Chapter 20: Configuring RoutesNetwork > RoutingIf you have routers on your interfaces, you ca
Network > Routing226SonicOS Enhanced 4.0 Administrator GuideRoute AdvertisementThe SonicWALL security appliance uses RIPv1 or RIPv2 to advertise it
Network > Routing227SonicOS Enhanced 4.0 Administrator Guide • RIPv2 Enabled (broadcast) - To send route advertisements using broadcasting (a sing
Network > Routing228SonicOS Enhanced 4.0 Administrator GuideA metric is a weighted cost assigned to static and dynamic routes. Metrics have a value
Network > Routing229SonicOS Enhanced 4.0 Administrator GuideYou can enter the policy number (the number listed before the policy name in the # Name
23SonicOS Enhanced 4.0 Administrator GuideCHAPTER 1 Chapter 1: PrefacePrefaceCopyright Notice© 2007 SonicWALL, Inc.All rights reserved.Under the copyr
Network > Routing230SonicOS Enhanced 4.0 Administrator GuideTo test the Telnet policy-based route, telnet to route-server.exodus.net and when logge
Network > Routing231SonicOS Enhanced 4.0 Administrator Guide • Protocol Type – Distance Vector protocols such as RIP base routing metrics exclusiv
Network > Routing232SonicOS Enhanced 4.0 Administrator GuideOSPF does not have to impose a hop count limit because it does not advertise entire rou
Network > Routing233SonicOS Enhanced 4.0 Administrator GuideFor example, if you had 8 class C networks: 192.168.0.0/24 through 192.168.7.0/24, rath
Network > Routing234SonicOS Enhanced 4.0 Administrator Guideused, which is generally discouraged). Area assignment is interface specific on an OSPF
Network > Routing235SonicOS Enhanced 4.0 Administrator GuideLSA’s are then exchanged within LSU’s across these adjacencies rather than between each
Network > Routing236SonicOS Enhanced 4.0 Administrator Guide –Type 4 (AS Summary Link Advertisements) – Sent across areas by ABR’s to describe net
Network > Routing237SonicOS Enhanced 4.0 Administrator Guide • Router Types – OSPF recognizes 4 types of routers, based on their roles: • IR (Int
Network > Routing238SonicOS Enhanced 4.0 Administrator GuideBy default, Advanced Routing Services are disabled, and must be enabled to be made avai
Network > Routing239SonicOS Enhanced 4.0 Administrator GuideRIP Modes • Disabled – RIP is disabled on this interface • Send and Receive – The RIP
About this Guide24SonicOS Enhanced 4.0 Administrator GuideLimited WarrantySonicWALL, Inc. warrants that commencing from the delivery date to Customer
Network > Routing240SonicOS Enhanced 4.0 Administrator GuideRedistribute Connected Networks - Enables or disables the advertising of locally connec
Network > Routing241SonicOS Enhanced 4.0 Administrator GuideThe diagram illustrates an OSPF network where the backbone (area 0.0.0.0) comprises the
Network > Routing242SonicOS Enhanced 4.0 Administrator Guide • Message Digest – An MD5 hash is used to securely identify the OSPF router on this i
Network > Routing243SonicOS Enhanced 4.0 Administrator GuideRedistribute Static Routes – Enables or disables the advertising of static (Policy Base
Network > Routing244SonicOS Enhanced 4.0 Administrator Guide
245SonicOS Enhanced 4.0 Administrator GuideCHAPTER 21 Chapter 21: Configuring NAT PoliciesNetwork > NAT Policies • “NAT Policies Table” on page 24
Network > NAT Policies246SonicOS Enhanced 4.0 Administrator GuideNAT Policies TableThe NAT Policies table allows you to view your NAT Policies by C
Network > NAT Policies247SonicOS Enhanced 4.0 Administrator GuideTip Before configuring NAT Policies, be sure to create all Address Objects associa
Network > NAT Policies248SonicOS Enhanced 4.0 Administrator GuideNAT Policy Settings ExplainedThe following explains the settings used to create a
Network > NAT Policies249SonicOS Enhanced 4.0 Administrator Guide • Translated Service: This drop-down menu setting is what the SonicWALL security
About this Guide25SonicOS Enhanced 4.0 Administrator GuideNote Always check <http//:www.sonicwall.com/services/documentation.html> for the lates
Network > NAT Policies250SonicOS Enhanced 4.0 Administrator Guideto translate all LAN systems to the WAN IP Address, then create a policy saying th
Network > NAT Policies251SonicOS Enhanced 4.0 Administrator GuideThis document details how to configure the necessary NAT, load balancing, health c
Network > NAT Policies252SonicOS Enhanced 4.0 Administrator Guide • Round Robin – Source IP cycles through each live load-balanced resource for ea
Network > NAT Policies253SonicOS Enhanced 4.0 Administrator GuideDetails of Load Balancing AlgorithmsThis appendix describes how the SonicWALL secu
Network > NAT Policies254SonicOS Enhanced 4.0 Administrator GuideCreating NAT PoliciesNAT policies allow you the flexibility to control Network Add
Network > NAT Policies255SonicOS Enhanced 4.0 Administrator Guide • Original Service: Any • Translated Service: Original • Inbound Interface: Op
Network > NAT Policies256SonicOS Enhanced 4.0 Administrator GuideYou can test the dynamic mapping by installing several systems on the LAN interfac
Network > NAT Policies257SonicOS Enhanced 4.0 Administrator GuideCreating a One-to-One NAT Policy for Inbound Traffic (Reflective)This is the mirro
Network > NAT Policies258SonicOS Enhanced 4.0 Administrator GuideFigure 21:1 One-to-Many NAT Load Balancing Topology and ConfigurationTo configure
Network > NAT Policies259SonicOS Enhanced 4.0 Administrator Guide –IP Address: The network IP address for the devices to be load balanced (in the
About this Guide26SonicOS Enhanced 4.0 Administrator Guide • Dynamic DNS - configure the SonicWALL to dynamically register its WAN IP address with a
Network > NAT Policies260SonicOS Enhanced 4.0 Administrator GuideNote Make sure you chose Any as the destination interface, and not the interface t
Network > NAT Policies261SonicOS Enhanced 4.0 Administrator Guide3. Create two NAT entries to allow the two servers to initiate traffic to the publ
Network > NAT Policies262SonicOS Enhanced 4.0 Administrator GuideWhen finished, click on the OK button to add and activate the NAT policies. With t
Network > NAT Policies263SonicOS Enhanced 4.0 Administrator GuideNote With previous versions of firmware, it was necessary to write rules to the pr
Network > NAT Policies264SonicOS Enhanced 4.0 Administrator GuideFigure 1 NAT Load Balancing TopologyPrerequisitesThe examples shown in the Tasklis
Network > NAT Policies265SonicOS Enhanced 4.0 Administrator Guideand activate the changes. For an example, see the screenshot below. Debug logs sho
Network > NAT Policies266SonicOS Enhanced 4.0 Administrator GuideStep 2 Create Address Group -- Now create an address group named www_group and add
Network > NAT Policies267SonicOS Enhanced 4.0 Administrator GuideStep 3 Create Inbound NAT Rule for Group -- Now create a NAT rule to allow anyone
Network > NAT Policies268SonicOS Enhanced 4.0 Administrator GuideNote Before you go any further, check the logs and the status page to see if the r
Network > NAT Policies269SonicOS Enhanced 4.0 Administrator GuideStep 6 Create Firewall Rule for VIP -- Write a firewall rule to allow traffic from
About this Guide27SonicOS Enhanced 4.0 Administrator GuidePart 12 LogThis part covers managing the SonicWALL security appliance’s enhanced logging, al
Network > NAT Policies270SonicOS Enhanced 4.0 Administrator GuideYou can also check the Firewall > NAT Policies page and mouse-over the Statisti
271SonicOS Enhanced 4.0 Administrator GuideCHAPTER 22 Chapter 22: Managing ARP TrafficNetwork > ARP
Network > ARP272SonicOS Enhanced 4.0 Administrator GuideARP (Address Resolution Protocol) maps layer 3 (IP addresses) to layer 2 (physical or MAC a
Network > ARP273SonicOS Enhanced 4.0 Administrator Guideaddress on any other interface. It will also remove any dynamically cached references to th
Network > ARP274SonicOS Enhanced 4.0 Administrator GuideTo support the above configuration, first create a published static ARP entry for 192.168.5
Network > ARP275SonicOS Enhanced 4.0 Administrator GuideTo allow the traffic to reach the 192.168.50.0/24 subnet, and to allow the 192.168.50.0/24
Network > ARP276SonicOS Enhanced 4.0 Administrator GuideNavigating and Sorting the ARP Cache Table EntriesThe ARP Cache table provides easy paginat
277SonicOS Enhanced 4.0 Administrator GuideCHAPTER 23 Chapter 23: Setting Up the DHCP ServerNetwork > DHCP ServerThis chapter contains the followin
Network > DHCP Server278SonicOS Enhanced 4.0 Administrator GuideThe SonicWALL security appliance includes a DHCP (Dynamic Host Configuration Protoc
Network > DHCP Server279SonicOS Enhanced 4.0 Administrator Guideclients on the network, it provides vendor-specific configuration and service infor
About this Guide28SonicOS Enhanced 4.0 Administrator GuideTip Useful information about security features and configurations on your SonicWALL. Note Im
Network > DHCP Server280SonicOS Enhanced 4.0 Administrator GuideHow Does DHCP Server Persistence Work?DHCP server persistence works by storing DHCP
Network > DHCP Server281SonicOS Enhanced 4.0 Administrator GuideConfiguring DHCP Server for Dynamic RangesTo configure DHCP server for dynamic IP a
Network > DHCP Server282SonicOS Enhanced 4.0 Administrator GuideDNS/WINS SettingsStep 9 Click the DNS/WINS tab to continue configuring the DHCP Ser
Network > DHCP Server283SonicOS Enhanced 4.0 Administrator GuideVoIP SettingsStep 14 Click on the VoIP Settings tab. The VoIP Settings tab allows y
Network > DHCP Server284SonicOS Enhanced 4.0 Administrator GuideGeneral SettingsStep 2 In the General tab, make sure the Enable this DHCP Entry is
Network > DHCP Server285SonicOS Enhanced 4.0 Administrator GuideVoIP SettingsStep 15 Click on the VoIP Settings tab. The VoIP Settings tab allows y
Network > DHCP Server286SonicOS Enhanced 4.0 Administrator GuideConfiguring DHCP Option ObjectsTo configure DHCP option objects, perform the follow
Network > DHCP Server287SonicOS Enhanced 4.0 Administrator GuideStep 4 Type a name for the option in the Option Name field.Step 5 From the Option N
Network > DHCP Server288SonicOS Enhanced 4.0 Administrator GuideStep 6 Optionally check the Option Array box to allow entry of multiple option valu
Network > DHCP Server289SonicOS Enhanced 4.0 Administrator GuideStep 7 The option type displays in the Option Type drop-down menu. If only one opti
About this Guide29SonicOS Enhanced 4.0 Administrator GuideCurrent DocumentationCheck the SonicWALL documentation Web site for that latest versions of
Network > DHCP Server290SonicOS Enhanced 4.0 Administrator GuideConfiguring DHCP Option GroupsTo configure DHCP option groups, perform the followin
Network > DHCP Server291SonicOS Enhanced 4.0 Administrator GuideStep 4 Enter a name for the group in the Name field.Step 5 Select an option object
Network > DHCP Server292SonicOS Enhanced 4.0 Administrator GuideConfiguring DHCP Generic Options for DHCP Lease ScopesNote Before generic options f
Network > DHCP Server293SonicOS Enhanced 4.0 Administrator GuideStep 2 Select a DHCP option or option group in the DHCP Generic Option Group drop-d
Network > DHCP Server294SonicOS Enhanced 4.0 Administrator GuideCurrent DHCP LeasesThe current DHCP lease information is displayed in the Current D
Network > DHCP Server295SonicOS Enhanced 4.0 Administrator Guide23 Default IP TTL Default IP time-to-live24 Path MTU Aging TimeoutPath MTU aging ti
Network > DHCP Server296SonicOS Enhanced 4.0 Administrator Guide55 Parameter Request List Parameter request list56 Message DHCP error message57 DHC
Network > DHCP Server297SonicOS Enhanced 4.0 Administrator Guide84 Undefined N/A85 Novell Directory Servers Novell Directory Services servers86 Nov
Network > DHCP Server298SonicOS Enhanced 4.0 Administrator Guide115 Undefined N/A116 Auto Configure DHCP auto-configuration117 Name Service Search
Network > DHCP Server299SonicOS Enhanced 4.0 Administrator Guide147 Undefined N/A148 Undefined N/A149 Undefined N/A150 TFTP Server Address, Etherbo
iiiSonicOS Enhanced 4.0 Administrator GuideTable of ContentsTable of Contents ...
About this Guide30SonicOS Enhanced 4.0 Administrator Guide
Network > DHCP Server300SonicOS Enhanced 4.0 Administrator Guide183 Undefined N/A184 Undefined N/A185 Undefined N/A186 Undefined N/A187 Undefined N
Network > DHCP Server301SonicOS Enhanced 4.0 Administrator Guide220 Subnet Allocation Subnet allocation221 Virtual Subnet AllocationVirtual subnet
Network > DHCP Server302SonicOS Enhanced 4.0 Administrator Guide
303SonicOS Enhanced 4.0 Administrator GuideCHAPTER 24 Chapter 24: Using IP HelperNetwork > IP HelperThe IP Helper allows the SonicWALL security app
Network > IP Helper304SonicOS Enhanced 4.0 Administrator Guide • Enable NetBIOS Support - enables NetBIOS broadcast forwarding with the DHCP reque
305SonicOS Enhanced 4.0 Administrator GuideCHAPTER 25 Chapter 25: Setting Up Web Proxy ForwardingNetwork > Web ProxyA Web proxy server intercepts H
Network > Web Proxy306SonicOS Enhanced 4.0 Administrator GuideTo configure a Proxy Web sever, select the Network > Web Proxy page. Step 1 Connec
307SonicOS Enhanced 4.0 Administrator GuideCHAPTER 26 Chapter 26: Configuring Dynamic DNSNetwork > Dynamic DNSDynamic DNS (DDNS) is a service provi
Network > Dynamic DNS308SonicOS Enhanced 4.0 Administrator Guide • Dyndns.org http://www.dyndns.org - SonicOS requires a username, password, Mail
Network > Dynamic DNS309SonicOS Enhanced 4.0 Administrator GuideTo configure Dynamic DNS on the SonicWALL security appliance, perform these steps:S
31SonicOS Enhanced 4.0 Administrator GuideCHAPTER 2 Chapter 2: Common Criteria GuideCommon CriteriaThe purpose of this chapter is to define the Common
Network > Dynamic DNS310SonicOS Enhanced 4.0 Administrator Guide –Static - A free DNS service for static IP addresses.Step 9 When using DynDNS.org
Network > Dynamic DNS311SonicOS Enhanced 4.0 Administrator GuideDynamic DNS Settings TableThe Dynamic DNS Settings table provides a table view of c
Network > Dynamic DNS312SonicOS Enhanced 4.0 Administrator Guide • Online - When selected, this profile is administratively online. The setting ca
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 313PART 4 Wireless •
314 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
315SonicOS Enhanced 4.0 Administrator GuideCHAPTER 27 Chapter 27: Viewing WLAN Settings, Statistics, and Station StatusWireless OverviewThe SonicWALL
Wireless Overview316SonicOS Enhanced 4.0 Administrator Guide • VPN tunnelConsiderations for Using Wireless Connections • Mobility - if the majority
Wireless Overview317SonicOS Enhanced 4.0 Administrator Guide • Try to place the wireless security appliance in a direct line with other wireless comp
Wireless > Status318SonicOS Enhanced 4.0 Administrator GuideWiFiSec uses the easy provisioning capabilities of the SonicWALL Global VPN client maki
Wireless > Status319SonicOS Enhanced 4.0 Administrator GuideWLAN SettingsThe WLAN Settings table lists the configuration information for the built-
Common Criteria32SonicOS Enhanced 4.0 Administrator Guide • GMS Remote Management • Syslog Logging • SonicPoint • Hardware FailoverBefore installi
Wireless > Status320SonicOS Enhanced 4.0 Administrator GuideWLAN StatisticsThe WLAN Statistics table lists all of the traffic sent and received thr
Wireless > Status321SonicOS Enhanced 4.0 Administrator GuideStation StatusThe Station Status table displays information about wireless connections
Wireless > Status322SonicOS Enhanced 4.0 Administrator Guide
323SonicOS Enhanced 4.0 Administrator GuideCHAPTER 28 Chapter 28: Configuring Wireless SettingsWireless > SettingsThe Wireless > Settings page a
Wireless > Settings324SonicOS Enhanced 4.0 Administrator GuideWireless SettingsEnable WLAN Radio: Check this checkbox to turn the radio on, and ena
Wireless > Settings325SonicOS Enhanced 4.0 Administrator Guidemode. Operating in Wireless Bridge mode, the wireless security appliance connects to
Wireless > Settings326SonicOS Enhanced 4.0 Administrator GuideConfiguring a Secure Wireless BridgeWhen switching from Access Point mode to Wireless
Wireless > Settings327SonicOS Enhanced 4.0 Administrator GuideFor example, in the previous network diagram, the wireless security appliance are con
Wireless > Settings328SonicOS Enhanced 4.0 Administrator Guide • Static routes must be entered on the Access Point TZ 170 Wireless to route back t
Wireless > Settings329SonicOS Enhanced 4.0 Administrator Guide • One policy to the Site_B address object at 10.30.30.0:
Common Criteria33SonicOS Enhanced 4.0 Administrator GuideRelated DocumentsSeveral other SonicWALL documents provide information relating to the Common
Wireless > Settings330SonicOS Enhanced 4.0 Administrator GuideConfiguration for VPN Policies Step 1 Click Network.Step 2 Under Local Networks, sele
Wireless > Settings331SonicOS Enhanced 4.0 Administrator GuideWireless Bridge VPN Policy ConfigurationThe Wireless Bridge VPN Policy is configured
Wireless > Settings332SonicOS Enhanced 4.0 Administrator Guide
333SonicOS Enhanced 4.0 Administrator GuideCHAPTER 29 Chapter 29: Configuring WEP and WPA SecurityWireless > WEP/WPA SecurityNote When the SonicWAL
Wireless > WEP/WPA Security334SonicOS Enhanced 4.0 Administrator GuideAuthentication OverviewBelow is a list of available authentication types with
Wireless > WEP/WPA Security335SonicOS Enhanced 4.0 Administrator GuideWEP Encryption KeysStep 1 Select the key number, 1,2,3, or 4, from the Defaul
Wireless > WEP/WPA Security336SonicOS Enhanced 4.0 Administrator GuideWPA Settings • Cypher Type: select TKIP. Temporal Key Integrity Protocol (TK
Wireless > WEP/WPA Security337SonicOS Enhanced 4.0 Administrator Guide • Radius Server 2 IP and Port: Enter the IP address and port number for you
Wireless > WEP/WPA Security338SonicOS Enhanced 4.0 Administrator GuidePreshared Key Settings (PSK) • Passphrase: Enter the passphrase from which
339SonicOS Enhanced 4.0 Administrator GuideCHAPTER 30 Chapter 30: Configuring Advanced Wireless SettingsWireless > AdvancedTo access Advanced confi
Common Criteria34SonicOS Enhanced 4.0 Administrator Guide
Wireless > Advanced340SonicOS Enhanced 4.0 Administrator GuideBeaconing & SSID Controls1. Select Hide SSID in Beacon. Suppresses broadcasting o
Wireless > Advanced341SonicOS Enhanced 4.0 Administrator Guide • 2: Select 2 to restrict the wireless security appliance to use antenna 2 only. Fa
Wireless > Advanced342SonicOS Enhanced 4.0 Administrator GuideAdvanced Radio SettingsThe following other advanced settings can be configured.Step 1
Wireless > Advanced343SonicOS Enhanced 4.0 Administrator Guideoverlapping SonicPoints. However, it can slow down performance. Auto is probably the
Wireless > Advanced344SonicOS Enhanced 4.0 Administrator Guide
345SonicOS Enhanced 4.0 Administrator GuideCHAPTER 31 Chapter 31: Configuring MAC Filter ListWireless > MAC Filter ListWireless networking provides
Wireless > MAC Filter List346SonicOS Enhanced 4.0 Administrator GuideThe items in the list are address object groups, defined groups of objects tha
347SonicOS Enhanced 4.0 Administrator GuideCHAPTER 32 Chapter 32: Configuring Wireless IDSWireless > IDSWireless Intrusion Detection Services (IDS)
Wireless > IDS348SonicOS Enhanced 4.0 Administrator GuideAccess Point IDSWhen the Radio Role of the wireless security appliance is set to Access Po
Wireless > IDS349SonicOS Enhanced 4.0 Administrator GuideEnable Association Flood Detection is selected by default. The Association Flood Threshold
35SonicOS Enhanced 4.0 Administrator GuideCHAPTER 3 Chapter 3: IntroductionIntroductionSonicOS Enhanced 4.0 is the most powerful SonicOS operating sys
Wireless > IDS350SonicOS Enhanced 4.0 Administrator GuideScanning for Access PointsActive scanning occurs when the wireless security appliance star
351SonicOS Enhanced 4.0 Administrator GuideCHAPTER 33 Chapter 33: Configuring Virtual Access PointsWireless > Virtual Access PointThis chapter desc
Wireless > Virtual Access Point352SonicOS Enhanced 4.0 Administrator GuideSonicPoint VAP OverviewThis section provides an introduction to the Virtu
Wireless > Virtual Access Point353SonicOS Enhanced 4.0 Administrator GuideWireless Roaming with ESSIDAn ESSID (Extended Service Set IDentifier) is
Wireless > Virtual Access Point354SonicOS Enhanced 4.0 Administrator Guide • “Virtual Access Points” section on page 363 • “Virtual Access Point
Wireless > Virtual Access Point355SonicOS Enhanced 4.0 Administrator GuideA network security zone is a logical method of grouping one or more inter
Wireless > Virtual Access Point356SonicOS Enhanced 4.0 Administrator GuideGeneralFeature DescriptionName Create a name for your custom ZoneSecurity
Wireless > Virtual Access Point357SonicOS Enhanced 4.0 Administrator GuideWirelessFeature DescriptionOnly allow traffic generated by a SonicPointRe
Wireless > Virtual Access Point358SonicOS Enhanced 4.0 Administrator GuideGuest ServicesThe Enable Wireless Guest Services option allows the follow
Wireless > Virtual Access Point359SonicOS Enhanced 4.0 Administrator GuideWLAN SubnetsWLAN subnets are used to segment IP address space for use by
Introduction36SonicOS Enhanced 4.0 Administrator Guideappliances have been associated as a hardware failover pair on mysonicwall.com, you can enable t
Wireless > Virtual Access Point360SonicOS Enhanced 4.0 Administrator Guide • Subnet Name: The name of the interface. • IP Address: The first IP a
Wireless > Virtual Access Point361SonicOS Enhanced 4.0 Administrator GuideVirtual Access Points ProfilesA Virtual Access Point Profile allows the a
Wireless > Virtual Access Point362SonicOS Enhanced 4.0 Administrator GuideWPA-PSK / WPA2-PSK Encryption SettingsPre-Shared Key (PSK) is available w
Wireless > Virtual Access Point363SonicOS Enhanced 4.0 Administrator GuideVirtual Access PointsVirtual Access Points are configured from the Wirele
Wireless > Virtual Access Point364SonicOS Enhanced 4.0 Administrator GuideVirtual Access Point GroupsThe VAP Group feature allows for grouping of m
Thinking Critically About VAPs365SonicOS Enhanced 4.0 Administrator GuideThinking Critically About VAPsThis section provides content to help determine
Thinking Critically About VAPs366SonicOS Enhanced 4.0 Administrator GuideDetermining Security ConfigurationsUnderstanding these requirements, you can
Thinking Critically About VAPs367SonicOS Enhanced 4.0 Administrator GuideQuestions Examples SolutionsHow many different types of users will I need to
Thinking Critically About VAPs368SonicOS Enhanced 4.0 Administrator GuideWhat security services to I wish to apply to my users?Corporate users who you
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 369PART 5 WWAN
Introduction37SonicOS Enhanced 4.0 Administrator GuideCLI (SSH or serial console). For instance, if a CLI session goes to the config level, it will as
370 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
371SonicOS Enhanced 4.0 Administrator GuideCHAPTER 34 Chapter 34: Configuring Wireless WAN (TZ 190 only) WWANThis chapter describes how to configure t
WWAN372SonicOS Enhanced 4.0 Administrator Guide • Primary WAN connection where wire-based connections are not available and 3G Cellular is.Wireless W
WWAN373SonicOS Enhanced 4.0 Administrator GuideUnderstanding WWAN FailoverWhen the WAN Connection Model is set to Ethernet with WWAN Failover, the WAN
WWAN374SonicOS Enhanced 4.0 Administrator GuideIf a secondary Ethernet WAN (the OPT port) is configured, the TZ190 will first failover to the secondar
WWAN375SonicOS Enhanced 4.0 Administrator GuideCaution It is not recommended to configure a policy-based route that uses the WWAN connection when the
WWAN376SonicOS Enhanced 4.0 Administrator GuideWireless WAN PC Card SupportTo use the wireless WAN interface you must have a wireless WAN PC card and
WWAN377SonicOS Enhanced 4.0 Administrator GuideViewing the WWAN Status The WWAN > Status page displays the current status of WWAN on the SonicWALL
WWAN378SonicOS Enhanced 4.0 Administrator Guide • “Management/User Login” on page 379 • “WWAN Probe Settings” on page 379Connect on DataThe Connect
WWAN379SonicOS Enhanced 4.0 Administrator GuideManagement/User LoginThe Management/User Login section must be configure to enable remote management of
Introduction38SonicOS Enhanced 4.0 Administrator Guide –Ad-Hoc station –Unassociated station –Wellenreiter attack –NetStumbler attack –EAPOL pack
WWAN380SonicOS Enhanced 4.0 Administrator GuideConfiguring WWAN Advanced SettingsThe WWAN > Advanced page is used to configure the Remotely Trigger
WWAN381SonicOS Enhanced 4.0 Administrator GuideConfiguring WWAN Connection ProfilesUse the WWAN > Connection Profiles to configure WWAN connection
WWAN382SonicOS Enhanced 4.0 Administrator Guide3. Select the Service Provider that you have created an account with. Note that only service providers
WWAN383SonicOS Enhanced 4.0 Administrator Guide13. Select the Enable Inactivity Disconnect (minutes) checkbox and enter a number in the field to have
WWAN384SonicOS Enhanced 4.0 Administrator Guide19. Click on the Data Limiting tab.Tip If your WWAN account has a monthly data or time limit, it is str
WWAN385SonicOS Enhanced 4.0 Administrator GuideTo disconnect a WWAN connection, click on the Manage button. The WWAN Connection window displays. Click
WWAN386SonicOS Enhanced 4.0 Administrator GuideNote The Data Usage table is only estimate of the current usage and should not be used to calculate act
WWAN387SonicOS Enhanced 4.0 Administrator GuideGPRS has an additional advantage over GSM in that it is a packet-switched technology, meaning that stat
WWAN388SonicOS Enhanced 4.0 Administrator Guide • W-CDMA - Wideband Code Division Multiple Access - The technology underlying UMTS, W-CDMA is an evol
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 389PART 6 SonicPoint
Introduction39SonicOS Enhanced 4.0 Administrator GuideIn SonicOS Enhanced 4.0, VAPs allow the network administrator to control wireless user access an
390 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
391SonicOS Enhanced 4.0 Administrator GuideCHAPTER 35 Chapter 35: Managing SonicPointsSonicPoint > SonicPointsSonicWALL SonicPoints are wireless ac
SonicPoint > SonicPoints392SonicOS Enhanced 4.0 Administrator Guide • Attach the SonicPoints to the interfaces in the Wireless zone. • Test Sonic
SonicPoint > SonicPoints393SonicOS Enhanced 4.0 Administrator GuideConfiguring a SonicPoint ProfileYou can add any number of SonicPoint profiles. T
SonicPoint > SonicPoints394SonicOS Enhanced 4.0 Administrator Guide –Country Code: Select the country where you are operating the SonicPoints. The
SonicPoint > SonicPoints395SonicOS Enhanced 4.0 Administrator Guide –Default Key: Select which key in the list below is the default key, which wil
SonicPoint > SonicPoints396SonicOS Enhanced 4.0 Administrator Guide –DTIM Interval: Enter the interval in milliseconds. –Fragmentation Threshold
SonicPoint > SonicPoints397SonicOS Enhanced 4.0 Administrator Guidethat the SonicPoint can communicate with an authentication server for WPA-EAP su
SonicPoint > SonicPoints398SonicOS Enhanced 4.0 Administrator GuideThe options on these tabs are the same as the Add SonicPoint Profile screen. Se
SonicPoint > SonicPoints399SonicOS Enhanced 4.0 Administrator GuideStep 6 Click Apply.Caution It is imperative that you download the corresponding
ivSonicOS Enhanced 4.0 Administrator GuidePart 2: SystemChapter 4: Viewing the SonicWALL Security Dashboard . . . . . . . . . . . 47System > Secu
Introduction40SonicOS Enhanced 4.0 Administrator Guide • BWM Rate Limiting - SonicOS Enhanced 4.0 enhances the Bandwidth Management feature to provid
SonicPoint > SonicPoints400SonicOS Enhanced 4.0 Administrator Guide • Operational – Once the SonicPoint has peered with a SonicOS device and has i
401SonicOS Enhanced 4.0 Administrator GuideCHAPTER 36 Chapter 36: Viewing Station StatusSonicPoint > Station StatusThe SonicPoint > Station Stat
SonicPoint > Station Status402SonicOS Enhanced 4.0 Administrator GuideClick on the Statistics icon to see a detailed report for an individual sta
SonicPoint > Station Status403SonicOS Enhanced 4.0 Administrator Guide –Re-association request –Re-association response –Probe request –Probe r
SonicPoint > Station Status404SonicOS Enhanced 4.0 Administrator Guide
405SonicOS Enhanced 4.0 Administrator GuideCHAPTER 37 Chapter 37: Using and Configuring IDSSonicPoint > IDSYou can have many wireless access points
SonicPoint > IDS406SonicOS Enhanced 4.0 Administrator GuideIntrusion Detection SettingsRogue Access Points have emerged as one of the most serious
SonicPoint > IDS407SonicOS Enhanced 4.0 Administrator GuideDiscovered Access PointsThe Discovered Access points displays information on every acces
SonicPoint > IDS408SonicOS Enhanced 4.0 Administrator Guide
409SonicOS Enhanced 4.0 Administrator GuideCHAPTER 38 Chapter 38: Configuring RF MonitoringSonicPoint > RF MonitoringThis chapter describes how to
Introduction41SonicOS Enhanced 4.0 Administrator GuideNavigating the Management InterfaceNavigating the SonicWALL management interface includes a hier
SonicPoint > RF Monitoring410SonicOS Enhanced 4.0 Administrator GuideWhy RF Monitoring?Radio Frequency (RF) technology used in today’s 802.11-based
SonicPoint > RF Monitoring411SonicOS Enhanced 4.0 Administrator GuideEnabling RF Monitoring on SonicPoint(s)In order for RF Monitoring to be enforc
SonicPoint > RF Monitoring412SonicOS Enhanced 4.0 Administrator GuideRF Monitoring Interface OverviewThe top portion of the RF Monitoring interface
SonicPoint > RF Monitoring413SonicOS Enhanced 4.0 Administrator GuideTip For a complete list of RF Threat types and their descriptions, see the “Ty
SonicPoint > RF Monitoring414SonicOS Enhanced 4.0 Administrator GuideTo add a station to the watch list:Step 1 In the SonicPoint > RF Monitoring
SonicPoint > RF Monitoring415SonicOS Enhanced 4.0 Administrator Guide • Ad-Hoc Station Detection - Ad-Hoc stations are nodes which provide access
SonicPoint > RF Monitoring416SonicOS Enhanced 4.0 Administrator GuideTimesaver For this section in particular (and as a good habit in general), you
SonicPoint > RF Monitoring417SonicOS Enhanced 4.0 Administrator GuideUsing RSSI to Determine RF Threat ProximityThis section builds on what was lea
SonicPoint > RF Monitoring418SonicOS Enhanced 4.0 Administrator GuideA high Rssi usually indicates an RF threat that is closer to the SonicPoint. A
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 419PART 7 Firewall
Introduction42SonicOS Enhanced 4.0 Administrator GuideIf the settings are contained in a secondary window within the management interface, when you cl
420 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
421SonicOS Enhanced 4.0 Administrator GuideCHAPTER 39 Chapter 39: Configuring Access RulesFirewall > Access RulesThis chapter provides an overview
Firewall > Access Rules422SonicOS Enhanced 4.0 Administrator GuideStateful Packet Inspection Default Access Rules OverviewBy default, the SonicWALL
Firewall > Access Rules423SonicOS Enhanced 4.0 Administrator GuideThe outbound SMTP traffic is guaranteed 20 percent of available bandwidth availab
Firewall > Access Rules424SonicOS Enhanced 4.0 Administrator GuideTip You can also view access rules by Zones. Use the Option checkboxes in the Fro
Firewall > Access Rules425SonicOS Enhanced 4.0 Administrator GuideYou can change the priority ranking of an access rule by clicking the Arrows icon
Firewall > Access Rules426SonicOS Enhanced 4.0 Administrator GuideAdding Access RulesTo add access rules to the SonicWALL security appliance, perfo
Firewall > Access Rules427SonicOS Enhanced 4.0 Administrator GuideStep 13 If you would like for the access rule to timeout after a period of TCP in
Firewall > Access Rules428SonicOS Enhanced 4.0 Administrator Guide –None: DSCP values in packets are reset to 0. –Preserve: DSCP values in packe
Firewall > Access Rules429SonicOS Enhanced 4.0 Administrator Guide • 6 - Voice (<10ms latency) • 7 - Network control –Map: The QoS mapping sett
Introduction43SonicOS Enhanced 4.0 Administrator Guide • Clicking on the edit icon displays a window for editing the settings. • Clicking on the d
Firewall > Access Rules430SonicOS Enhanced 4.0 Administrator GuideCoupled with IPS, this can be used to mitigate the spread of a certain class of m
Firewall > Access Rules431SonicOS Enhanced 4.0 Administrator GuideEnabling PingThis sections provides a configuration example for an access rule to
Firewall > Access Rules432SonicOS Enhanced 4.0 Administrator Guide
433SonicOS Enhanced 4.0 Administrator GuideCHAPTER 40 Chapter 40: Configuring Advanced Access Rule SettingsFirewall > Advanced To configure advance
Firewall > Advanced434SonicOS Enhanced 4.0 Administrator Guide • UDPDetection Prevention • Enable Stealth Mode - By default, the security applian
Firewall > Advanced435SonicOS Enhanced 4.0 Administrator GuideAccess Rule Service OptionsForce inbound and outbound FTP data connections to use def
Firewall > Advanced436SonicOS Enhanced 4.0 Administrator Guide
437SonicOS Enhanced 4.0 Administrator GuideCHAPTER 41 Chapter 41: Configuring TCP SettingsFirewall > TCP SettingsThe TCP Settings lets you view sta
Firewall > TCP Settings438SonicOS Enhanced 4.0 Administrator Guide –When the TCP SACK Permitted (Selective Acknowledgement, see RFC1072) option is
Firewall > TCP Settings439SonicOS Enhanced 4.0 Administrator GuideThe TCP Settings section allows you to: • Enable TCP Stateful Inspection – Enabl
Introduction44SonicOS Enhanced 4.0 Administrator Guide
Firewall > TCP Settings440SonicOS Enhanced 4.0 Administrator GuideA SYN Flood attack is considered to be in progress if the number of unanswered SY
Firewall > TCP Settings441SonicOS Enhanced 4.0 Administrator Guide • SYN Blacklisting (Layer 2) – This mechanism blocks specific devices from gene
Firewall > TCP Settings442SonicOS Enhanced 4.0 Administrator GuideEach contains various types of SYN Flood Protection. The following sections descr
Firewall > TCP Settings443SonicOS Enhanced 4.0 Administrator GuideTo provide more control over the options sent to WAN clients when in SYN Proxy mo
Firewall > TCP Settings444SonicOS Enhanced 4.0 Administrator GuideNever blacklist WAN machines – This checkbox ensures that systems on the WAN are
Firewall > TCP Settings445SonicOS Enhanced 4.0 Administrator GuideThe following are SYN Flood statistics. Column DescriptionMax Incomplete WAN Conn
Firewall > TCP Settings446SonicOS Enhanced 4.0 Administrator GuideTotal FIN Blacklist Packets RejectedThe total number of packets dropped because o
447SonicOS Enhanced 4.0 Administrator GuideCHAPTER 42 Chapter 42: Configuring Firewall ServicesFirewall > ServicesSonicOS Enhanced supports an expa
Firewall > Services448SonicOS Enhanced 4.0 Administrator GuideSelecting All Services from View Style displays both Custom Services and Default Serv
Firewall > Services449SonicOS Enhanced 4.0 Administrator GuideSupported ProtocolsThe following IP protocols are available for custom services: • I
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 45PART 2 System
Firewall > Services450SonicOS Enhanced 4.0 Administrator GuideAll custom services you create are listed in the Custom Services table. You can group
Firewall > Services451SonicOS Enhanced 4.0 Administrator GuideClick the Enable Logging checkbox to disable or enable the logging of the service act
Firewall > Services452SonicOS Enhanced 4.0 Administrator GuideNote Attempts to define a Custom IP Type Service Object for a pre-defined IP type wil
Firewall > Services453SonicOS Enhanced 4.0 Administrator GuideNote Select your Zones, Services and Address Objects accordingly. It may be necessary
Firewall > Services454SonicOS Enhanced 4.0 Administrator GuideAdding a Custom Services GroupYou can add custom services and then create groups of s
Firewall > Services455SonicOS Enhanced 4.0 Administrator GuideDeleting Custom Services GroupsClick the Trashcan icon to delete the individual cus
Firewall > Services456SonicOS Enhanced 4.0 Administrator Guide
457SonicOS Enhanced 4.0 Administrator GuideCHAPTER 43 Chapter 43: Configuring Multicast SettingsFirewall > MulticastMulticasting, also called IP mu
Firewall > Multicast458SonicOS Enhanced 4.0 Administrator GuideMulticast SnoopingThis section provides configuration tasks for Multicast Snooping.
Firewall > Multicast459SonicOS Enhanced 4.0 Administrator GuideTo create a multicast address object:Step 1 In the Enable reception for the followin
46 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
Firewall > Multicast460SonicOS Enhanced 4.0 Administrator GuideEnabling Multicast on LAN-Dedicated InterfacesPerform the following steps to enable
Firewall > Multicast461SonicOS Enhanced 4.0 Administrator GuideEnabling Multicast Through a VPNTo enable multicast across the WAN through a VPN, fo
Firewall > Multicast462SonicOS Enhanced 4.0 Administrator GuideNote Notice that the default WLAN'MULTICAST access rule for IGMP traffic is set
463SonicOS Enhanced 4.0 Administrator GuideCHAPTER 44 Chapter 44: Monitoring Active ConnectionsFirewall > Connections MonitorThe Firewall > Conn
Firewall > Connections Monitor464SonicOS Enhanced 4.0 Administrator GuideViewing ConnectionsThe connections are listed in the Active Connections Mo
Firewall > Connections Monitor465SonicOS Enhanced 4.0 Administrator GuideCheck the Group box next to any two or more criteria to combine them with
Firewall > Connections Monitor466SonicOS Enhanced 4.0 Administrator Guide
467SonicOS Enhanced 4.0 Administrator GuideCHAPTER 45 Chapter 45: Managing Quality of ServiceFirewall > QoS MappingQuality of Service (QoS) refers
Firewall > QoS Mapping468SonicOS Enhanced 4.0 Administrator GuideBut all is not lost. Once SonicOS Enhanced classifies the traffic, it can tag the
Firewall > QoS Mapping469SonicOS Enhanced 4.0 Administrator Guidesection on page 479. SonicOS’s BWM is a perfectly effective solution for fully aut
47SonicOS Enhanced 4.0 Administrator GuideCHAPTER 4 Chapter 4: Viewing the SonicWALL Security DashboardSystem > Security DashboardThis chapter desc
Firewall > QoS Mapping470SonicOS Enhanced 4.0 Administrator GuideEnabling 802.1pSonicOS Enhanced supports layer 2 and layer 3 CoS methods for broad
Firewall > QoS Mapping471SonicOS Enhanced 4.0 Administrator GuideAlthough Enable 802.1p tagging does not appear as an option on VLAN sub-interfaces
Firewall > QoS Mapping472SonicOS Enhanced 4.0 Administrator GuideExample ScenarioIn the scenario above, we have Remote Site 1 connected to ‘Main Si
Firewall > QoS Mapping473SonicOS Enhanced 4.0 Administrator GuideQoS Mapping is a feature which converts layer 2 802.1p tags to layer 3 DSCP tags s
Firewall > QoS Mapping474SonicOS Enhanced 4.0 Administrator GuideDSCP marking can be performed on traffic to/from any interface and to/from any zon
Firewall > QoS Mapping475SonicOS Enhanced 4.0 Administrator GuideConfigure for 802.1p CoS 4 – Controlled loadIf you want to change the inbound mapp
Firewall > QoS Mapping476SonicOS Enhanced 4.0 Administrator GuideEach of these mappings can be reconfigured. If you wanted to change the outbound m
Firewall > QoS Mapping477SonicOS Enhanced 4.0 Administrator GuideFor example, refer to the following figure which provides a bi-directional DSCP ta
Firewall > QoS Mapping478SonicOS Enhanced 4.0 Administrator GuideOne practical application for this behavior would be configuring an 802.1p marking
Firewall > QoS Mapping479SonicOS Enhanced 4.0 Administrator GuideTo examine the effects of the second Access Rule (VPN>LAN), we’ll look at the A
System > Security Dashboard48SonicOS Enhanced 4.0 Administrator GuideWhat is the Security Dashboard?The SonicWALL Security Dashboard provides repor
Firewall > QoS Mapping480SonicOS Enhanced 4.0 Administrator Guideconfigure BWM and QoS (i.e. layer 2 and/or layer 3 marking) settings on a single A
Firewall > QoS Mapping481SonicOS Enhanced 4.0 Administrator GuideOnce one or both BWM settings are enabled on the WAN interface and the available b
Firewall > QoS Mapping482SonicOS Enhanced 4.0 Administrator GuideOutbound Bandwidth ManagementBandwidth Management as employed by SonicOS Enhanced
Firewall > QoS Mapping483SonicOS Enhanced 4.0 Administrator Guideto be processed. When Guaranteed queue credits are depleted, the next queue in tha
Firewall > QoS Mapping484SonicOS Enhanced 4.0 Administrator GuideOutbound BWM Packet Processing Patha. Determine that the packet is bound for the W
Firewall > QoS Mapping485SonicOS Enhanced 4.0 Administrator GuideExample of Outbound BWMThe above diagram shows 4 policies are configured for OBWM
Firewall > QoS Mapping486SonicOS Enhanced 4.0 Administrator Guidef. Start off with the highest priority ring 0 and process all queues in this prior
Firewall > QoS Mapping487SonicOS Enhanced 4.0 Administrator GuideAlgorithm for Inbound Bandwidth ManagementIBWM maintains eight priority rings, whe
Firewall > QoS Mapping488SonicOS Enhanced 4.0 Administrator Guidee. Record class credit as remaining credit.f. If remaining credit is greater than
Firewall > QoS Mapping489SonicOS Enhanced 4.0 Administrator GuideGlossary • 802.1p – IEEE 802.1p is a Layer 2 (MAC layer) Class of Service mechani
System > Security Dashboard49SonicOS Enhanced 4.0 Administrator GuideBenefitsThe Security Dashboard provides the latest threat protection informati
Firewall > QoS Mapping490SonicOS Enhanced 4.0 Administrator Guide –Weighted Random Early Detection (WRED) – An implementation of RED that factors
Firewall > QoS Mapping491SonicOS Enhanced 4.0 Administrator Guide • Marking – Also known as tagging or coloring – The act of applying layer 2 (802
Firewall > QoS Mapping492SonicOS Enhanced 4.0 Administrator Guide • Shaping – An attempt by a QoS system to modify the rate of traffic flow, usual
493SonicOS Enhanced 4.0 Administrator GuideCHAPTER 46 Chapter 46: Configuring SSL ControlFirewall > SSL ControlThis chapter describes how to plan,
Firewall > SSL Control494SonicOS Enhanced 4.0 Administrator Guideof TCP based network communications, with its most common and well-known applicati
Firewall > SSL Control495SonicOS Enhanced 4.0 Administrator GuideKey Features of SSL ControlFeature BenefitCommon-Name based White and Black ListsT
Firewall > SSL Control496SonicOS Enhanced 4.0 Administrator GuideKey Concepts to SSL Control • SSL- Secure Sockets Layer (SSL) is a network securi
Firewall > SSL Control497SonicOS Enhanced 4.0 Administrator GuideSSL is not limited to securing HTTP, but can also be used to secure other TCP prot
Firewall > SSL Control498SonicOS Enhanced 4.0 Administrator Guide –TLS – Transport Layer Security (version 1.0), also known as SSLv3.1, is very si
Firewall > SSL Control499SonicOS Enhanced 4.0 Administrator Guidemismatch elicits a browser alert, it is not always a sure sign of deception. For e
vSonicOS Enhanced 4.0 Administrator GuideChapter 8: Managing Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85System >
System > Security Dashboard50SonicOS Enhanced 4.0 Administrator GuideHow Does the Security Dashboard Work?The SonicWALL Security Dashboard provides
Firewall > SSL Control500SonicOS Enhanced 4.0 Administrator GuideCaveats and Advisories1. Self-signed and Untrusted CA enforcement – If enforcing e
Firewall > SSL Control501SonicOS Enhanced 4.0 Administrator GuideSSL Control ConfigurationSSL Control is located on Firewall panel, under the SSL C
Firewall > SSL Control502SonicOS Enhanced 4.0 Administrator Guide • Detect Self-signed certificates – Controls the detection of certificates where
Firewall > SSL Control503SonicOS Enhanced 4.0 Administrator GuideTo configure the Whitelist and Blacklist, click the Configure button to bring up t
Firewall > SSL Control504SonicOS Enhanced 4.0 Administrator Guidesent in response for evaluation against the configured policy. Enabling SSL Contro
Firewall > SSL Control505SonicOS Enhanced 4.0 Administrator GuideLog events will include the client’s username in the notes section (not shown) if
Firewall > SSL Control506SonicOS Enhanced 4.0 Administrator Guide
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 507PART 8 VoIP
508 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
509SonicOS Enhanced 4.0 Administrator GuideCHAPTER 47 Chapter 47: Configuring VoIP SupportVoIPThis chapter contains the following sections: • “VoIP O
System > Security Dashboard51SonicOS Enhanced 4.0 Administrator GuideSonicWALL Security Dashboard Configuration OverviewThe SonicWALL Security Dash
VoIP510SonicOS Enhanced 4.0 Administrator GuideVoIP SecurityCompanies implementing VoIP technologies in an effort to cut communication costs and exten
VoIP511SonicOS Enhanced 4.0 Administrator GuideVoIP ProtocolsVoIP technologies are built on two primary protocols, H.323 and SIP.H.323H.323 is a stand
VoIP512SonicOS Enhanced 4.0 Administrator Guide • Redirect Server - Responds to request but does not forward requests. • Registration Server - Handl
VoIP513SonicOS Enhanced 4.0 Administrator Guidealso provides proactive defense against newly discovered application and protocol vulnerabilities. Sign
VoIP514SonicOS Enhanced 4.0 Administrator Guide • Validation of headers for all media packets - SonicOS examines and monitors the headers within medi
VoIP515SonicOS Enhanced 4.0 Administrator GuideSIPSonicOS provides the following support for SIP: –Base SIP standard (both RFC 2543 and RFC 3261) –S
VoIP516SonicOS Enhanced 4.0 Administrator GuideSonicWALL VoIP Vendor InteroperabilityThe following is a partial list of devices from leading manufactu
VoIP517SonicOS Enhanced 4.0 Administrator Guide • H.264, H.263, and H.261 for video • MPEG4, G.711, G.722, G.723, G.728, G.729 for audioVoIP Protoco
VoIP518SonicOS Enhanced 4.0 Administrator Guide1. Phone B registers with VoIP server - The SonicWALL security appliance builds a database of the acces
VoIP519SonicOS Enhanced 4.0 Administrator GuideFigure 47:2 Local VoIP Call FlowThe following describes the sequence of events shown in Figure 42.2:1.
System > Security Dashboard52SonicOS Enhanced 4.0 Administrator GuideSelecting Custom Time IntervalThe SonicWALL Security Dashboard reports default
VoIP520SonicOS Enhanced 4.0 Administrator GuideConfiguring SonicWALL VoIP FeaturesConfiguring the SonicWALL security appliance for VoIP deployments bu
VoIP521SonicOS Enhanced 4.0 Administrator GuideGeneral VoIP ConfigurationSonicOS includes the VoIP configuration settings on the VoIP > Settings pa
VoIP522SonicOS Enhanced 4.0 Administrator GuideConfiguring SIP SettingsBy default, SIP clients use their private IP address in the SIP Session Definit
VoIP523SonicOS Enhanced 4.0 Administrator GuideThe Additional SIP signaling port (UDP) for transformations setting allows you to specify a non-standar
VoIP524SonicOS Enhanced 4.0 Administrator GuideBandwidth ManagementSonicOS offers an integrated traffic shaping mechanism through its Egress (outbound
VoIP525SonicOS Enhanced 4.0 Administrator GuideConfiguring Bandwidth on the WAN InterfaceBWM configurations begin by enabling BWM on the relevant WAN
VoIP526SonicOS Enhanced 4.0 Administrator GuideIf you are defining VoIP access for client to use a VoIP service provider from the WAN, you configure n
VoIP527SonicOS Enhanced 4.0 Administrator Guide • For SIP, select SIPStep 6 Select the source of the traffic affected by the access rule from the Sou
VoIP528SonicOS Enhanced 4.0 Administrator GuideTip Rules using Bandwidth Management take priority over rules without bandwidth management. Using the P
VoIP529SonicOS Enhanced 4.0 Administrator GuideNote SonicWALL recommends NOT selecting VoIP from the Services menu. Selecting this option opens up mor
System > Security Dashboard53SonicOS Enhanced 4.0 Administrator GuideNote Your SonicWALL security appliance must be configured for Internet connect
VoIP530SonicOS Enhanced 4.0 Administrator GuideStep 10 The Summary page displays a summary of all the configuration you have performed in the wizard.
VoIP531SonicOS Enhanced 4.0 Administrator GuideConfiguring VoIP LoggingYou can enable the logging of VoIP events in the SonicWALL security appliance l
VoIP532SonicOS Enhanced 4.0 Administrator GuideFigure 47:3 Point-to-Point VoIP Service TopologyThis deployment does not require a VoIP server. The Pub
VoIP533SonicOS Enhanced 4.0 Administrator GuideFigure 47:4 Public VoIP Service TopologyFor VoIP clients that register with a server from the WAN, the
VoIP534SonicOS Enhanced 4.0 Administrator GuideFigure 47:5 Trusted VoIP Service TopologyFor VoIP clients that register with a server on the DMZ or LAN
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 535PART 9 VPN
536 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
537SonicOS Enhanced 4.0 Administrator GuideCHAPTER 48 Chapter 48: Configuring VPN PoliciesVPN > SettingsThe VPN > Settings page provides the Son
VPN > Settings538SonicOS Enhanced 4.0 Administrator GuidePrior to the invention of Internet Protocol Security (IPsec) and Secure Socket Layer (SSL)
VPN > Settings539SonicOS Enhanced 4.0 Administrator GuideOne advantage of SSL VPN is that SSL is built into most Web Browsers. No special VPN clien
System > Security Dashboard54SonicOS Enhanced 4.0 Administrator GuideTo purchase SonicWALL security services using the SonicWALL Registration &
VPN > Settings540SonicOS Enhanced 4.0 Administrator GuideAggressive Mode: To reduce the number of messages exchanged during authentication by half,
VPN > Settings541SonicOS Enhanced 4.0 Administrator GuideNote There is no restriction on nesting IKE v1 tunnels within an IKE v2 tunnel and visa-ve
VPN > Settings542SonicOS Enhanced 4.0 Administrator Guide • “VPN Auto-Added Access Rule Control” section on page 578Configuring VPNs in SonicOS En
VPN > Settings543SonicOS Enhanced 4.0 Administrator GuideE-Mail IDDomain name. • Peer ID Filter if using 3rd party certificates. • IKE (Phase 1)
VPN > Settings544SonicOS Enhanced 4.0 Administrator GuideNote The Windows 2000 L2TP client and Windows XP L2TP client can only work with DH Group 2
VPN > Settings545SonicOS Enhanced 4.0 Administrator GuideGSC only (Require Global Security Client checked on security appliance) • Shared secret,
VPN > Settings546SonicOS Enhanced 4.0 Administrator GuideChoose local network from list (select an address object): Local network obtains IP addres
VPN > Settings547SonicOS Enhanced 4.0 Administrator Guide –AES-192 –AES-256 –Authentication: –MD5 –SHA1 –Enable Perfect Forward Secrecy
VPN > Settings548SonicOS Enhanced 4.0 Administrator GuideOn the ResponderThe settings on the responder must be the same as on the initiator except:
VPN > Settings549SonicOS Enhanced 4.0 Administrator GuideVPN Policy WizardThe VPN Policy Wizard walks you step-by-step through the configuration of
System > Security Dashboard55SonicOS Enhanced 4.0 Administrator GuideStep 5 If you have a mysonicwall.com account, enter your username and password
VPN > Settings550SonicOS Enhanced 4.0 Administrator GuideVPN PoliciesAll existing VPN policies are displayed in the VPN Policies table. Each entry
VPN > Settings551SonicOS Enhanced 4.0 Administrator GuideYou can enter the policy number (the number listed before the policy name in the # Name co
VPN > Settings552SonicOS Enhanced 4.0 Administrator Guide • “Creating Site-to-Site VPN Policies” section on page 562 • “VPN Auto-Added Access Rul
VPN > Settings553SonicOS Enhanced 4.0 Administrator GuideConfiguring GroupVPN with IKE using Preshared Secret on the WAN ZoneTo configure the WAN G
VPN > Settings554SonicOS Enhanced 4.0 Administrator Guide –Select the DH Group from the DH Group menu.Note The Windows 2000 L2TP client and Window
VPN > Settings555SonicOS Enhanced 4.0 Administrator Guide –Management via this SA: - If using the VPN policy to manage the SonicWALL security appl
VPN > Settings556SonicOS Enhanced 4.0 Administrator Guide • Always - Global VPN Client user prompted for username and password only once when conn
VPN > Settings557SonicOS Enhanced 4.0 Administrator GuideConfiguring GroupVPN with IKE using 3rd Party CertificatesTo configure GroupVPN with IKE u
VPN > Settings558SonicOS Enhanced 4.0 Administrator Guide –Distinguished Name - based on the certificates Subject Distinguished Name field, which
VPN > Settings559SonicOS Enhanced 4.0 Administrator Guidetraffic. For packets received via an IPsec tunnel, the SonicWALL looks up a route for the
System > Security Dashboard56SonicOS Enhanced 4.0 Administrator GuideNote If you used an existing mysonicwall.com account by providing your usernam
VPN > Settings560SonicOS Enhanced 4.0 Administrator Guide • This Gateway Only - Allows a single connection to be enabled at a time. Traffic that m
VPN > Settings561SonicOS Enhanced 4.0 Administrator GuideCaution The GroupVPN SA must be enabled on the SonicWALL to export a configuration file.St
VPN > Settings562SonicOS Enhanced 4.0 Administrator Guide • Hub and Spoke Design - All SonicWALL VPN gateways are configured to connect to a centr
VPN > Settings563SonicOS Enhanced 4.0 Administrator GuideConfiguring a VPN Policy with IKE using Preshared SecretTo configure a VPN Policy using In
VPN > Settings564SonicOS Enhanced 4.0 Administrator GuideOptionally, specify a Local IKE ID (optional) and Peer IKE ID (optional) for this Policy.
VPN > Settings565SonicOS Enhanced 4.0 Administrator GuideDestination network obtains IP addresses using DHCP server through this tunnel. Alternativ
VPN > Settings566SonicOS Enhanced 4.0 Administrator Guide –If you selected Main Mode or Aggressive Mode in the Proposals tab: • Select Enable Kee
VPN > Settings567SonicOS Enhanced 4.0 Administrator Guide –If you selected IKEv2 in the Proposals tab: • Select Enable Keep Alive to use heartbea
VPN > Settings568SonicOS Enhanced 4.0 Administrator GuideThe term Trigger Packet refers to the use of initial Traffic Selector payloads populated w
VPN > Settings569SonicOS Enhanced 4.0 Administrator GuideConfiguring the Local SonicWALL Security ApplianceStep 1 Click Add on the VPN > Setting
System > Security Dashboard57SonicOS Enhanced 4.0 Administrator GuideStep 9 The mysonicwall.com page is launched in a separate browser window. Foll
VPN > Settings570SonicOS Enhanced 4.0 Administrator GuideDestination network from list, and select the address object or group.Step 7 Click on the
VPN > Settings571SonicOS Enhanced 4.0 Administrator GuideTip Valid hexadecimal characters include 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, and
VPN > Settings572SonicOS Enhanced 4.0 Administrator GuideConfiguring the Remote SonicWALL Security ApplianceStep 1 Click Add on the VPN > Settin
VPN > Settings573SonicOS Enhanced 4.0 Administrator Guide –Select Apply NAT Policies if you want the SonicWALL to translate the Local, Remote or b
VPN > Settings574SonicOS Enhanced 4.0 Administrator GuideTo create a VPN SA using IKE and third party certificates, follow these steps:Step 1 In th
VPN > Settings575SonicOS Enhanced 4.0 Administrator GuideUp to three organizational units can be specified. The usage is c=*;o=*;ou=*;ou=*;ou=*;cn=
VPN > Settings576SonicOS Enhanced 4.0 Administrator GuideDestination network obtains IP addresses using DHCP server through this tunnel. Alternativ
VPN > Settings577SonicOS Enhanced 4.0 Administrator Guide –Enter a value in the Life Time (seconds) field. The default setting of 28800 forces the
VPN > Settings578SonicOS Enhanced 4.0 Administrator Guide –If you wish to use a router on the LAN for traffic entering this tunnel destined for an
VPN > Settings579SonicOS Enhanced 4.0 Administrator Guide
System > Security Dashboard58SonicOS Enhanced 4.0 Administrator GuideStep 11 The Congratulations page displays. You have successfully purchased and
VPN > Settings580SonicOS Enhanced 4.0 Administrator Guide
581SonicOS Enhanced 4.0 Administrator GuideCHAPTER 49 Chapter 49: Configuring Advanced VPN SettingsVPN > AdvancedThe VPN > Advanced page include
VPN > Advanced582SonicOS Enhanced 4.0 Administrator Guide –Dead Peer Detection Interval - Enter the number of seconds between “heartbeats.” The de
VPN > Advanced583SonicOS Enhanced 4.0 Administrator Guide • IKEv2 Dynamic Client Proposal - SonicOS Enhanced 4.0 introduces IKEv2 Dynamic Client S
VPN > Advanced584SonicOS Enhanced 4.0 Administrator GuideOnline Certificate Status Protocol determines the current status of a digital certificate
VPN > Advanced585SonicOS Enhanced 4.0 Administrator GuideUsing OCSP with VPN PoliciesThe SonicWALL OCSP settings can be configured on a policy leve
VPN > Advanced586SonicOS Enhanced 4.0 Administrator Guide
587SonicOS Enhanced 4.0 Administrator GuideCHAPTER 50 Chapter 50: Configuring DHCP Over VPNVPN > DHCP over VPNThe VPN > DHCP over VPN page allow
VPN > DHCP over VPN588SonicOS Enhanced 4.0 Administrator GuideConfiguring the Central Gateway for DHCP Over VPNTo configure DHCP over VPN for the C
VPN > DHCP over VPN589SonicOS Enhanced 4.0 Administrator Guide2. Click Configure. The DHCP over VPN Configuration window is displayed.3. In the Gen
System > Security Dashboard59SonicOS Enhanced 4.0 Administrator GuideRelated FeaturesSonicWALL Registration & License Wizard - Use the SonicWAL
VPN > DHCP over VPN590SonicOS Enhanced 4.0 Administrator GuideDevices9. To configure devices on your LAN, click the Devices tab.10. To configure St
VPN > DHCP over VPN591SonicOS Enhanced 4.0 Administrator GuideNote You must configure the local DHCP server on the remote SonicWALL security applia
VPN > DHCP over VPN592SonicOS Enhanced 4.0 Administrator Guide
593SonicOS Enhanced 4.0 Administrator GuideCHAPTER 51 Chapter 51: Configuring L2TP ServerVPN > L2TP ServerThe SonicWALL security appliance can term
VPN > L2TP Server594SonicOS Enhanced 4.0 Administrator GuideConfiguring the L2TP ServerThe VPN > L2TP Server page provides the settings for conf
VPN > L2TP Server595SonicOS Enhanced 4.0 Administrator Guide6. If the L2TP Server provides IP addresses, select Use the Local L2TP IP pool. Enter t
VPN > L2TP Server596SonicOS Enhanced 4.0 Administrator Guide
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 597PART 10 User Management
598 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
599SonicOS Enhanced 4.0 Administrator GuideCHAPTER 52 Chapter 52: Managing Users and Authentication SettingsUser ManagementThis chapter describes the
viSonicOS Enhanced 4.0 Administrator GuideChapter 13: Using Diagnostic Tools & Restarting the Appliance . . . . 125System > Diagnostics . . .
System > Security Dashboard60SonicOS Enhanced 4.0 Administrator Guide
User Management600SonicOS Enhanced 4.0 Administrator Guideencrypted connection. The SonicWALL authenticates all users as soon as they attempt to acces
User Management601SonicOS Enhanced 4.0 Administrator GuideFigure 52:2 Local Groups Authentication Flow DiagramTo apply Content Filtering Service (CFS)
User Management602SonicOS Enhanced 4.0 Administrator GuideUsing RADIUS for AuthenticationRemote Authentication Dial In User Service (RADIUS) is a prot
User Management603SonicOS Enhanced 4.0 Administrator GuideFigure 52:4 LDAP User Group Authentication Flow DiagramIn addition to RADIUS and the local u
User Management604SonicOS Enhanced 4.0 Administrator GuideLDAP TermsThe following terms are useful when working with LDAP and its variants: • Schema
User Management605SonicOS Enhanced 4.0 Administrator Guide • Samba SMB: Development information is available at http://us5.samba.org/samba/ • Novell
User Management606SonicOS Enhanced 4.0 Administrator GuideUsers that are identified but lack the group memberships required by the configured policy r
User Management607SonicOS Enhanced 4.0 Administrator Guide • Net API or WMIHow Does Single Sign-On Work?SonicWALL SSO requires minimal administrator
User Management608SonicOS Enhanced 4.0 Administrator GuideUser names are returned from the authorization agent running the SSO Agent in the format <
User Management609SonicOS Enhanced 4.0 Administrator GuideFigure 52:6 SonicWALL SSO Agent ProcessThe SonicWALL security appliance queries the SonicWAL
61SonicOS Enhanced 4.0 Administrator GuideCHAPTER 5 Chapter 5: Viewing Status InformationSystem > StatusThe System > Status page provides a comp
User Management610SonicOS Enhanced 4.0 Administrator Guide • User login denied - SSO Agent agent name resolution failed: The SonicWALL SSO Agent is u
User Management611SonicOS Enhanced 4.0 Administrator Guide • “User Groups” section on page 612 • “Priority for Preempting Administrators” section on
User Management612SonicOS Enhanced 4.0 Administrator GuideUser GroupsThe Multiple Administrators Support feature introduces two new default user group
User Management613SonicOS Enhanced 4.0 Administrator GuideGMS and Multiple Administrator SupportWhen using SonicWALL GMS to manage a SonicWALL securit
User Management614SonicOS Enhanced 4.0 Administrator GuideConfiguring Settings on Users > SettingsOn this page, you can configure the authenticatio
User Management615SonicOS Enhanced 4.0 Administrator GuideUser Login Settings In the Authentication method for login drop-down list, select the type o
User Management616SonicOS Enhanced 4.0 Administrator GuideSelect Enforce login uniqueness to prevent the same user name from being used to log into th
User Management617SonicOS Enhanced 4.0 Administrator Guide • Enable disconnected user detection: Causes the SonicWALL to detect when a user’s connect
User Management618SonicOS Enhanced 4.0 Administrator GuideAcceptable use policy page content - Enter your Acceptable Use Policy text in the text box.
User Management619SonicOS Enhanced 4.0 Administrator GuideSee the following sections for configuration instructions: • “Viewing, Editing and Deleting
System > Status62SonicOS Enhanced 4.0 Administrator Guide • Setup Wizard - This wizard helps you quickly configure the SonicWALL security applianc
User Management620SonicOS Enhanced 4.0 Administrator GuideAdding Local UsersYou can add local users to the internal database on the SonicWALL security
User Management621SonicOS Enhanced 4.0 Administrator GuideStep 9 Click OK to complete the user configuration. Editing Local UsersYou can edit local us
User Management622SonicOS Enhanced 4.0 Administrator GuideA default group, Everyone, is listed in the first row of the table. Click the Notepad icon i
User Management623SonicOS Enhanced 4.0 Administrator GuideCreating a Local GroupStep 1 Click the Add Group button to display the Add Group window.Step
User Management624SonicOS Enhanced 4.0 Administrator GuideNote You can create custom Content Filtering Service policies in the Security Services >
User Management625SonicOS Enhanced 4.0 Administrator GuideConfiguring RADIUS AuthenticationIf you selected RADIUS or RADIUS + Local Users from the Aut
User Management626SonicOS Enhanced 4.0 Administrator GuideRADIUS ServersIn the RADIUS Servers section, you can designate the primary and optionally, t
User Management627SonicOS Enhanced 4.0 Administrator GuideRADIUS Users SettingsTo configure the RADIUS user settings:Step 10 On the RADIUS Users tab,
User Management628SonicOS Enhanced 4.0 Administrator GuideCreating a New User Group for RADIUS UsersIn the RADIUS User Settings screen, you can create
User Management629SonicOS Enhanced 4.0 Administrator GuideNote You can add any group as a member of another group except Everybody and All RADIUS User
System > Status63SonicOS Enhanced 4.0 Administrator GuideLatest AlertsAny messages relating to system errors or attacks are displayed in this secti
User Management630SonicOS Enhanced 4.0 Administrator GuideWhen Use LDAP to retrieve user group information is selected, after authenticating a user vi
User Management631SonicOS Enhanced 4.0 Administrator Guide • MSCHAPv2: Select this to use the Microsoft version 2 implementation of CHAP. MSCHAPv2 wo
User Management632SonicOS Enhanced 4.0 Administrator Guidehttp://support.microsoft.com/kb/931125.Step 6 Launch the Domain Security Policy application:
User Management633SonicOS Enhanced 4.0 Administrator GuideConfiguring the SonicWALL Appliance for LDAPThe Users > Settings page in the administrati
User Management634SonicOS Enhanced 4.0 Administrator Guide • Port Number – The default LDAP over TLS port number is TCP 636. The default LDAP (unencr
User Management635SonicOS Enhanced 4.0 Administrator Guideand location in the directory) as the login to the primary server. This may entail creating
User Management636SonicOS Enhanced 4.0 Administrator Guide • User group membership attribute – Select the attribute that contains information about t
User Management637SonicOS Enhanced 4.0 Administrator GuideNote AD has some built-in containers that do not conform (e.g. the DN for the top level User
User Management638SonicOS Enhanced 4.0 Administrator GuideIf using multiple LDAP/AD servers with referrals, this process can be repeated for each, rep
User Management639SonicOS Enhanced 4.0 Administrator Guide • Import user groups – You can click this button to configure user groups on the SonicWALL
System > Status64SonicOS Enhanced 4.0 Administrator GuideRegistering Your SonicWALL Security ApplianceOnce you have established your Internet conne
User Management640SonicOS Enhanced 4.0 Administrator GuideThe SonicWALL appliance can retrieve group memberships efficiently in the case of Active Dir
User Management641SonicOS Enhanced 4.0 Administrator GuideNote The ‘Bypass filters’ and ‘Limited management capabilities’ privileges are returned base
User Management642SonicOS Enhanced 4.0 Administrator Guide –“Configuring User Settings” section on page 669
User Management643SonicOS Enhanced 4.0 Administrator GuideInstalling the SonicWALL SSO AgentThe SonicWALL SSO Agent is part of the SonicWALL Directory
User Management644SonicOS Enhanced 4.0 Administrator GuideStep 4 On the Customer Information page, enter your name in the User Name field and your org
User Management645SonicOS Enhanced 4.0 Administrator GuideSonicWALL SSO Agent feature. Click Next. Step 7 Click Install to install SSO Agent.Step 8 To
User Management646SonicOS Enhanced 4.0 Administrator GuideNote This section can be configured at a later time. To skip this step and configure it late
User Management647SonicOS Enhanced 4.0 Administrator GuideThe SonicWALL SSO Agent installs. The status bar displays.Step 10 When installation is compl
User Management648SonicOS Enhanced 4.0 Administrator GuideIf you checked the Launch SonicWALL Directory Connector box, the SonicWALL Directory Connect
User Management649SonicOS Enhanced 4.0 Administrator GuideTo configure the communication properties of the SonicWALL SSO Agent, perform the following
System > Status65SonicOS Enhanced 4.0 Administrator GuideTo create a mySonicWALL.com account from the SonicWALL management interface:Step 1 In the
User Management650SonicOS Enhanced 4.0 Administrator GuideIf the message SonicWALL SSO Agent service is not running. Please check the configuration an
User Management651SonicOS Enhanced 4.0 Administrator GuideNote When Logging Level 2 is selected, the SSO Agent service will terminate if the Windows e
User Management652SonicOS Enhanced 4.0 Administrator GuideNote NetAPI will provide faster, though possibly slightly less accurate, performance. WMI wi
User Management653SonicOS Enhanced 4.0 Administrator GuideAdding a SonicWALL Security ApplianceUse these instructions to manually add a SonicWALL secu
User Management654SonicOS Enhanced 4.0 Administrator GuideYour appliance will display in the left-hand navigation panel under the SonicWALL Appliances
User Management655SonicOS Enhanced 4.0 Administrator GuideModifying Services in SonicWALL SSO AgentYou can start, stop, and pause SonicWALL SSO Agent
User Management656SonicOS Enhanced 4.0 Administrator GuideStep 4 Click Configure.The Authentication Agent Settings page displays.Step 5 In the Name or
User Management657SonicOS Enhanced 4.0 Administrator GuideStep 11 Check the box next to Allow only users listed locally to allow only users listed loc
User Management658SonicOS Enhanced 4.0 Administrator GuideNote The Content Filter tab is only displayed if Premium CFS is enabled on the SonicWALL sec
User Management659SonicOS Enhanced 4.0 Administrator GuideThis setting should be used where traffic that would be subject to content filtering can ema
System > Status66SonicOS Enhanced 4.0 Administrator GuideRegistering Your SonicWALL Security ApplianceIf you already have a mySonicWALL.com account
User Management660SonicOS Enhanced 4.0 Administrator GuideStep 22 Select the Check user radio button, enter the IP address of a workstation in the Wor
User Management661SonicOS Enhanced 4.0 Administrator GuideAdvanced LDAP ConfigurationIf you selected Use LDAP to retrieve user group information in st
User Management662SonicOS Enhanced 4.0 Administrator GuideNote Use the user’s name in the Login user name field, not a username or login ID. For examp
User Management663SonicOS Enhanced 4.0 Administrator GuideNote Only check the Send LDAP ‘Start TLS’ request box if your LDAP server uses the same port
User Management664SonicOS Enhanced 4.0 Administrator GuideStep 14 The Object class field defines which attribute represents the individual user accoun
User Management665SonicOS Enhanced 4.0 Administrator GuideStep 23 In the User tree for login to server field, specify the tree in which the user speci
User Management666SonicOS Enhanced 4.0 Administrator GuideIf using multiple LDAP/AD servers with referrals, this process can be repeated for each, rep
User Management667SonicOS Enhanced 4.0 Administrator GuideThe SonicWALL security appliance can retrieve group memberships more efficiently in the case
User Management668SonicOS Enhanced 4.0 Administrator Guide –VPN ZoneStep 35 In the RADIUS shared secret field, enter a shared secret common to all re
User Management669SonicOS Enhanced 4.0 Administrator GuideConfiguring Firewall Access RulesFirewall access rules provide the administrator with the ab
67SonicOS Enhanced 4.0 Administrator GuideCHAPTER 6 Chapter 6: Managing SonicWALL LicensesSystem > LicensesThe System > Licenses page provides l
User Management670SonicOS Enhanced 4.0 Administrator GuideThe Enable login session limit and corresponding Login session limit (minutes) settings unde
User Management671SonicOS Enhanced 4.0 Administrator GuideConfiguring Additional Administrator User ProfilesTo configure additional administrator user
User Management672SonicOS Enhanced 4.0 Administrator GuideWhen using RADIUS or LDAP authentication, if you want to keep the configuration of administr
User Management673SonicOS Enhanced 4.0 Administrator GuideActivating Configuration ModeWhen logging in as a user with full administrator rights (that
User Management674SonicOS Enhanced 4.0 Administrator GuideTo switch from non-config mode to full configuration mode, perform the following steps:Step
User Management675SonicOS Enhanced 4.0 Administrator GuideVerifying Multiple Administrators Support ConfigurationUser accounts with administrator and
User Management676SonicOS Enhanced 4.0 Administrator GuideWhen the administrator is in read-only mode, the top right corner of the interface displays
677SonicOS Enhanced 4.0 Administrator GuideCHAPTER 53 Chapter 53: Managing Guest Services and Guest AccountsUsers > Guest ServicesGuest accounts ar
Users > Guest Services678SonicOS Enhanced 4.0 Administrator GuideGlobal Guest Settings Check Show guest login status window with logout button to d
Users > Guest Accounts679SonicOS Enhanced 4.0 Administrator Guide –Auto-Prune Account: Check this to have the account removed from the database af
System > Licenses68SonicOS Enhanced 4.0 Administrator GuideExcluding a NodeWhen you exclude a node, you block it from connecting to your network th
Users > Guest Accounts680SonicOS Enhanced 4.0 Administrator GuideViewing Guest Account StatisticsTo view statistics on a guest account, hover your
Users > Guest Accounts681SonicOS Enhanced 4.0 Administrator Guide –Enable Guest Services Privilege: Check this for the account to be enabled upon
Users > Guest Accounts682SonicOS Enhanced 4.0 Administrator Guide –Comment: Enter a descriptive comment.Step 3 In the Guest Services tab, configur
Users > Guest Status683SonicOS Enhanced 4.0 Administrator GuidePrinting Account Details.You can print a summary of a guest account. Click the print
Users > Guest Status684SonicOS Enhanced 4.0 Administrator Guide • Session Expiration: The time when the current session expires. • Statistics: h
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 685PART 11 Security Services
686 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
687SonicOS Enhanced 4.0 Administrator GuideCHAPTER 54 Chapter 54: Managing SonicWALL Security ServicesSonicWALL Security ServicesSonicWALL, Inc. offer
SonicWALL Security Services688SonicOS Enhanced 4.0 Administrator GuideNote For more information on SonicWALL security services, please visit http://ww
SonicWALL Security Services689SonicOS Enhanced 4.0 Administrator GuideIf your SonicWALL security appliance is not registered, the Security Services &g
System > Licenses69SonicOS Enhanced 4.0 Administrator GuideManage Security Services OnlineTo activate, upgrade, or renew services, click the link i
SonicWALL Security Services690SonicOS Enhanced 4.0 Administrator GuideManaging Security Services OnlineClicking the Manage Licenses button displays th
SonicWALL Security Services691SonicOS Enhanced 4.0 Administrator GuideSecurity Services InformationThis section includes a brief overview of services
SonicWALL Security Services692SonicOS Enhanced 4.0 Administrator GuideTo manually update signature files, complete the following steps:Step 1 On the S
SonicWALL Security Services693SonicOS Enhanced 4.0 Administrator GuideNote The signature file can only be used on SonicWALL security appliances that a
SonicWALL Security Services694SonicOS Enhanced 4.0 Administrator Guide
695SonicOS Enhanced 4.0 Administrator GuideCHAPTER 55 Chapter 55: Configuring SonicWALL Content Filtering ServiceSecurity Services > Content Filter
Security Services > Content Filter696SonicOS Enhanced 4.0 Administrator GuideSonicWALL Content Filtering ServiceSonicWALL Content Filtering Service
Security Services > Content Filter697SonicOS Enhanced 4.0 Administrator GuideYou can also access the SonicWALL CFS URL Rating Review Request form b
Security Services > Content Filter698SonicOS Enhanced 4.0 Administrator Guide • SonicWALL CFS - Selecting SonicWALL CFS as the Content Filter Type
Security Services > Content Filter699SonicOS Enhanced 4.0 Administrator GuideTrusted DomainsTrusted Domains can be added to enable content from spe
viiSonicOS Enhanced 4.0 Administrator GuideConfiguring Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141Confi
System > Licenses70SonicOS Enhanced 4.0 Administrator GuideManual UpgradeManual Upgrade allows you to activate your services by typing the service
Security Services > Content Filter700SonicOS Enhanced 4.0 Administrator GuideMessage to Display when BlockingYou can enter your customized text to
Security Services > Content Filter701SonicOS Enhanced 4.0 Administrator GuideWarningDo not include the prefix “http://” in either the Allowed Domai
Security Services > Content Filter702SonicOS Enhanced 4.0 Administrator Guidethe page defined in the Consent page URL field. Enter the time limit,
Security Services > Content Filter703SonicOS Enhanced 4.0 Administrator GuideConfiguring N2H2 Internet Filtering N2H2 is a third party Internet fil
Security Services > Content Filter704SonicOS Enhanced 4.0 Administrator GuideURL Cache • Cache Size (KB) - Configure the size of the URL Cache in
Security Services > Content Filter705SonicOS Enhanced 4.0 Administrator GuideMessage to Display when BlockingYou can enter your customized text in
Security Services > Content Filter706SonicOS Enhanced 4.0 Administrator Guide –Block traffic to all Web sites - Selecting this option blocks traff
Security Services > Content Filter707SonicOS Enhanced 4.0 Administrator GuideTrusted DomainsTrusted Domains can be added in the Restrict Web Featur
Security Services > Content Filter708SonicOS Enhanced 4.0 Administrator Guide
709SonicOS Enhanced 4.0 Administrator GuideCHAPTER 56 Chapter 56: Activating SonicWALL Client Anti-VirusSecurity Services > Anti-VirusBy their natu
System > Licenses71SonicOS Enhanced 4.0 Administrator GuideFrom the Management Interface of your SonicWALL Security ApplianceStep 1 Make sure your
Security Services > Anti-Virus710SonicOS Enhanced 4.0 Administrator GuideActivating SonicWALL Client Anti-VirusIf Sonic WALL Client Anti-Virus is n
Security Services > Anti-Virus711SonicOS Enhanced 4.0 Administrator GuideNote You must have a mySonicWALL.com account and your SonicWALL must be re
Security Services > Anti-Virus712SonicOS Enhanced 4.0 Administrator GuideActivating a SonicWALL Client Anti-Virus FREE TRIALYou can try a FREE TRIA
Security Services > Anti-Virus713SonicOS Enhanced 4.0 Administrator Guide –Low Risk - A virus that is not reported in the field and is considered
Security Services > E-mail Filter714SonicOS Enhanced 4.0 Administrator GuideSecurity Services > E-mail FilterThe E-Mail Filter allows the admini
715SonicOS Enhanced 4.0 Administrator GuideCHAPTER 57 Chapter 57: Managing SonicWALL Gateway Anti-Virus ServiceSecurity Services > Gateway Anti-Vir
Security Services > Gateway Anti-Virus716SonicOS Enhanced 4.0 Administrator GuideSonicWALL GAV delivers threat protection directly on the SonicWALL
Security Services > Gateway Anti-Virus717SonicOS Enhanced 4.0 Administrator GuideRemote Site ProtectionStep 1 Users send typical e-mail and files b
Security Services > Gateway Anti-Virus718SonicOS Enhanced 4.0 Administrator GuideHTTP File DownloadsStep 1 Client makes a request to download a fil
Security Services > Gateway Anti-Virus719SonicOS Enhanced 4.0 Administrator Guidesingle-pass, per-packet basis. Reassembly free virus scanning func
System > Licenses72SonicOS Enhanced 4.0 Administrator Guide
Security Services > Gateway Anti-Virus720SonicOS Enhanced 4.0 Administrator GuideNote If you already have a mysonicWALL.com account, go to “Registe
Security Services > Gateway Anti-Virus721SonicOS Enhanced 4.0 Administrator GuideRegistering Your SonicWALL Security ApplianceStep 1 Log into the S
Security Services > Gateway Anti-Virus722SonicOS Enhanced 4.0 Administrator GuideIf you have an Activation Key for SonicWALL Gateway Anti-Virus, An
Security Services > Gateway Anti-Virus723SonicOS Enhanced 4.0 Administrator GuideActivating FREE TRIALsYou can try FREE TRIAL versions of SonicWALL
Security Services > Gateway Anti-Virus724SonicOS Enhanced 4.0 Administrator GuideThe Security Services > Gateway Anti-Virus page provides the se
Security Services > Gateway Anti-Virus725SonicOS Enhanced 4.0 Administrator GuideApplying SonicWALL GAV Protection on Zones You can enforce SonicWA
Security Services > Gateway Anti-Virus726SonicOS Enhanced 4.0 Administrator GuideNote You also enable SonicWALL GAV protection for new zones you cr
Security Services > Gateway Anti-Virus727SonicOS Enhanced 4.0 Administrator GuideUpdating SonicWALL GAV SignaturesBy default, the SonicWALL securit
Security Services > Gateway Anti-Virus728SonicOS Enhanced 4.0 Administrator GuideThe Enable Inbound Inspection protocol traffic handling represente
Security Services > Gateway Anti-Virus729SonicOS Enhanced 4.0 Administrator Guide • Restrict Transfer of password-protected Zip files - Disables t
73SonicOS Enhanced 4.0 Administrator GuideCHAPTER 7 Chapter 7: Configuring Administration SettingsSystem > AdministrationThe System Administration
Security Services > Gateway Anti-Virus730SonicOS Enhanced 4.0 Administrator GuideIf you want to suppress the sending of e-mail messages (SMTP) to c
Security Services > Gateway Anti-Virus731SonicOS Enhanced 4.0 Administrator GuideOptionally, you can configure the timeout for the HTTP Clientless
Security Services > Gateway Anti-Virus732SonicOS Enhanced 4.0 Administrator GuideViewing SonicWALL GAV SignaturesThe Gateway Anti-Virus Signatures
Security Services > Gateway Anti-Virus733SonicOS Enhanced 4.0 Administrator GuideSearching the Gateway Anti-Virus Signature DatabaseYou can search
Security Services > Gateway Anti-Virus734SonicOS Enhanced 4.0 Administrator Guide
735SonicOS Enhanced 4.0 Administrator GuideCHAPTER 58 Chapter 58: Activating Intrusion Prevention ServiceSecurity Services > Intrusion Prevention S
Security Services > Intrusion Prevention Service736SonicOS Enhanced 4.0 Administrator GuideHow SonicWALL’s Deep Packet Inspection WorksDeep Packet
Security Services > Intrusion Prevention Service737SonicOS Enhanced 4.0 Administrator Guide • Deep Packet Inspection - looking at the data portion
Security Services > Intrusion Prevention Service738SonicOS Enhanced 4.0 Administrator GuideTip If your SonicWALL security appliance is connected to
Security Services > Intrusion Prevention Service739SonicOS Enhanced 4.0 Administrator GuideNote Remember your username and password to access your
System > Administration74SonicOS Enhanced 4.0 Administrator GuideChanging the Administrator PasswordTo set a new password for SonicWALL Management
Security Services > Intrusion Prevention Service740SonicOS Enhanced 4.0 Administrator GuideNote Clicking on the Continue button does not activate t
Security Services > Intrusion Prevention Service741SonicOS Enhanced 4.0 Administrator GuideIf you have an Activation Key for SonicWALL Gateway Anti
Security Services > Intrusion Prevention Service742SonicOS Enhanced 4.0 Administrator GuideSetting Up SonicWALL Intrusion Prevention Service Protec
Security Services > Intrusion Prevention Service743SonicOS Enhanced 4.0 Administrator Guideinformation on configuring global signature groups, refe
Security Services > Intrusion Prevention Service744SonicOS Enhanced 4.0 Administrator Guide
745SonicOS Enhanced 4.0 Administrator GuideCHAPTER 59 Chapter 59: Activating Anti-Spyware ServiceSecurity Services > Anti-Spyware ServiceSonicWALL
Security Services > Anti-Spyware Service746SonicOS Enhanced 4.0 Administrator GuideNote Refer to the SonicWALL Anti-Spyware Administrator’s Guide o
Security Services > Anti-Spyware Service747SonicOS Enhanced 4.0 Administrator GuideCreating a mySonicWALL.com AccountCreating a mySonicWALL.com acc
Security Services > Anti-Spyware Service748SonicOS Enhanced 4.0 Administrator GuideRegistering Your SonicWALL Security ApplianceStep 1 Log into the
Security Services > Anti-Spyware Service749SonicOS Enhanced 4.0 Administrator GuideTo try a FREE TRIAL of SonicWALL Gateway Anti-Virus, SonicWALL A
System > Administration75SonicOS Enhanced 4.0 Administrator GuideThe Password must be changed every (days) setting requires users to change their p
Security Services > Anti-Spyware Service750SonicOS Enhanced 4.0 Administrator GuideIf you have an Activation Key for SonicWALL Gateway Anti-Virus,
Security Services > Anti-Spyware Service751SonicOS Enhanced 4.0 Administrator GuideRefer to the SonicWALL Anti-Spyware Administrator’s Guide on the
Security Services > Anti-Spyware Service752SonicOS Enhanced 4.0 Administrator Guide
753SonicOS Enhanced 4.0 Administrator GuideCHAPTER 60 Chapter 60: Configuring SonicWALL Real-Time BlacklistSMTP Real-Time Black List FilteringSMTP Rea
Security Services > RBL Filter754SonicOS Enhanced 4.0 Administrator GuideNote Most spam today is known to be sent from hijacked or zombie machines
Security Services > RBL Filter755SonicOS Enhanced 4.0 Administrator GuideTo add an RBL services, click the Add button. In the Add RBL Domain window
Security Services > RBL Filter756SonicOS Enhanced 4.0 Administrator Guide
757SonicOS Enhanced 4.0 Administrator GuideCHAPTER 61 Chapter 61: Configuring SonicWALL Global Security ClientSecurity Services > Global Security C
Security Services > Global Security Client758SonicOS Enhanced 4.0 Administrator Guidegateway administrator automatically updates the Global Securit
Security Services > Global Security Client759SonicOS Enhanced 4.0 Administrator Guide • Policy Management - enables network administrator’s to cre
System > Administration76SonicOS Enhanced 4.0 Administrator GuideMultiple AdministratorsSonicOS Enhanced provides the ability for multiple administ
Security Services > Global Security Client760SonicOS Enhanced 4.0 Administrator GuideSonicWALL’s Distributed Enforcement Architecture (DEA) technol
Security Services > Global Security Client761SonicOS Enhanced 4.0 Administrator GuideConfiguring Security Policies for Global Security ClientsThe S
Security Services > Global Security Client762SonicOS Enhanced 4.0 Administrator Guide
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 763PART 12 Log
764 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
765SonicOS Enhanced 4.0 Administrator GuideCHAPTER 62 Chapter 62: Managing Log EventsLog > ViewThe SonicWALL security appliance maintains an Event
Log > View766SonicOS Enhanced 4.0 Administrator GuideLog View TableThe log is displayed in a table and is sortable by column. The log table columns
Log > View767SonicOS Enhanced 4.0 Administrator GuideClear LogTo delete the contents of the log, click the Clear Log button near the top right corn
Log > View768SonicOS Enhanced 4.0 Administrator GuideSource interface AND Destination interfaceStep 3 Check the Group box next to any two or more c
769SonicOS Enhanced 4.0 Administrator GuideCHAPTER 63 Chapter 63: Configuring Log CategoriesLog > CategoriesThis chapter provides configuration tas
System > Administration77SonicOS Enhanced 4.0 Administrator GuideWeb Management SettingsThe SonicWALL security appliance can be managed using HTTP
Log > Categories770SonicOS Enhanced 4.0 Administrator GuideLog PriorityThis section provides information on configuring the level of priority log m
Log > Categories771SonicOS Enhanced 4.0 Administrator GuideLog CategoriesSonicWALL security appliances provide automatic attack protection against
Log > Categories772SonicOS Enhanced 4.0 Administrator GuideFirewall Logging Extended Logs general events and errorsFirewall Rule Extended Logs fire
Log > Categories773SonicOS Enhanced 4.0 Administrator GuideManaging Log CategoriesThe Log Categories table displays log category information organi
Log > Categories774SonicOS Enhanced 4.0 Administrator Guide
775SonicOS Enhanced 4.0 Administrator GuideCHAPTER 64 Chapter 64: Configuring Syslog SettingsLog > SyslogIn addition to the standard event log, the
Log > Syslog776SonicOS Enhanced 4.0 Administrator GuideSyslog SettingsSyslog Facility • Syslog Facility - Allows you to select the facilities and
Log > Syslog777SonicOS Enhanced 4.0 Administrator GuideSyslog ServersAdding a Syslog ServerTo add syslog servers to the SonicWALL security applianc
Log > Syslog778SonicOS Enhanced 4.0 Administrator Guide
779SonicOS Enhanced 4.0 Administrator GuideCHAPTER 65 Chapter 65: Configuring Log AutomationLog > AutomationThe Log > Automation page includes s
System > Administration78SonicOS Enhanced 4.0 Administrator GuideSSH Management SettingsIf you use SSH to manage the SonicWALL appliance, you can c
Log > Automation780SonicOS Enhanced 4.0 Administrator GuideE-mail Log Automation • Send Log to E-mail address - Enter your e-mail address (usernam
781SonicOS Enhanced 4.0 Administrator GuideCHAPTER 66 Chapter 66: Configuring Name ResolutionLog > Name ResolutionThe Log > Name Resolution page
Log > Name Resolution782SonicOS Enhanced 4.0 Administrator Guide • None: The security appliance will not attempt to resolve IP addresses and Names
783SonicOS Enhanced 4.0 Administrator GuideCHAPTER 67 Chapter 67: Generating Log ReportsLog > ReportsThe SonicWALL security appliance can perform a
Log > Reports784SonicOS Enhanced 4.0 Administrator GuideData CollectionThe Reports window includes the following functions and commands: • Start D
Log > Reports785SonicOS Enhanced 4.0 Administrator GuideBandwidth Usage by IP AddressSelecting Bandwidth Usage by IP Address from the Report to vie
Log > Reports786SonicOS Enhanced 4.0 Administrator Guide
787SonicOS Enhanced 4.0 Administrator GuideCHAPTER 68 Chapter 68: Activating SonicWALL ViewPointLog > ViewPointSonicWALL ViewPoint is a Web-based g
Log > ViewPoint788SonicOS Enhanced 4.0 Administrator GuideActivating ViewPointThe Log > ViewPoint page allows you to activate the ViewPoint lice
Log > ViewPoint789SonicOS Enhanced 4.0 Administrator Guide3. Click Activate or Renew in the Manage Service column in the Manage Services Online tab
System > Administration79SonicOS Enhanced 4.0 Administrator GuideTo enable SNMP on the SonicWALL security appliance, log into the Management interf
Log > ViewPoint790SonicOS Enhanced 4.0 Administrator Guide
SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE 791PART 13 Wizards
792 SONICWALL SONICOS ENHANCED 4.0 ADMINISTRATOR’S GUIDE
793SonicOS Enhanced 4.0 Administrator GuideCHAPTER 69 Chapter 69: Configuring Internet Connectivity Using the Setup WizardWizards > Setup WizardThe
Wizards > Setup Wizard794SonicOS Enhanced 4.0 Administrator GuideThe Setup Wizard screens change depending on the choices you make. For example, if
Wizards > Setup Wizard795SonicOS Enhanced 4.0 Administrator GuideConfiguring a Static IP Address with NAT EnabledUsing NAT to set up your SonicWALL
Wizards > Setup Wizard796SonicOS Enhanced 4.0 Administrator GuideNote Your Web browser must be Java-enabled and support HTTP uploads in order to fu
Wizards > Setup Wizard797SonicOS Enhanced 4.0 Administrator GuideChange Time Zone3. Select the appropriate Time Zone from the Time Zone menu. The S
Wizards > Setup Wizard798SonicOS Enhanced 4.0 Administrator GuideWAN Network Mode: NAT Enabled6. Enter the public IP address provided by your ISP i
Wizards > Setup Wizard799SonicOS Enhanced 4.0 Administrator GuideLAN DHCP Settings 8. The Optional-SonicWALL DHCP Server window configures the Soni
viiiSonicOS Enhanced 4.0 Administrator GuideChapter 17: Configuring Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191Network &
System > Administration80SonicOS Enhanced 4.0 Administrator GuideEnable GMS ManagementYou can configure the SonicWALL security appliance to be mana
Wizards > Setup Wizard800SonicOS Enhanced 4.0 Administrator GuideSetup Wizard Complete10. The SonicWALL stores the network settings. 11. Click Clos
Wizards > Setup Wizard801SonicOS Enhanced 4.0 Administrator GuideChange Password3. To set the password, enter a new password in the New Password an
Wizards > Setup Wizard802SonicOS Enhanced 4.0 Administrator Guide WAN Network Mode5. Select DHCP, the Obtain an IP address automatically window is
Wizards > Setup Wizard803SonicOS Enhanced 4.0 Administrator Guide LAN Settings7. The Fill in information about your LAN page allows the configurati
Wizards > Setup Wizard804SonicOS Enhanced 4.0 Administrator GuideSonicWALL Configuration Summary9. The Configuration Summary window displays the co
Wizards > Setup Wizard805SonicOS Enhanced 4.0 Administrator GuideConfiguring NAT Enabled with PPPoENAT with PPPoE Client is a network protocol that
Wizards > Setup Wizard806SonicOS Enhanced 4.0 Administrator GuideChange Password3. To set the password, enter a new password in the New Password an
Wizards > Setup Wizard807SonicOS Enhanced 4.0 Administrator GuideWAN Network Mode5. The SonicWALL automatically detects the presence of a PPPoE ser
Wizards > Setup Wizard808SonicOS Enhanced 4.0 Administrator GuideLAN Settings7. The LAN Settings page allows the configuration of SonicWALL LAN IP
Wizards > Setup Wizard809SonicOS Enhanced 4.0 Administrator GuideSonicWALL Configuration Summary9. The Configuration Summary window displays the co
System > Administration81SonicOS Enhanced 4.0 Administrator Guidethe GMS installation, and enter the IP address in the NAT Device IP Address field.
Wizards > Setup Wizard810SonicOS Enhanced 4.0 Administrator GuideConfiguring PPTP Network ModeNAT with PPTP Client mode uses Point to Point Tunneli
Wizards > Setup Wizard811SonicOS Enhanced 4.0 Administrator GuideChange Password3. To set the password, enter a new password in the New Password an
Wizards > Setup Wizard812SonicOS Enhanced 4.0 Administrator GuideWAN Network Mode4. Select PPTP: Provided you with a server IP address, a user name
Wizards > Setup Wizard813SonicOS Enhanced 4.0 Administrator GuideLAN Settings6. The LAN Settings page allows the configuration of SonicWALL LAN IP
Wizards > Setup Wizard814SonicOS Enhanced 4.0 Administrator GuideSonicWALL Configuration Summary8. The Configuration Summary window displays the co
815SonicOS Enhanced 4.0 Administrator GuideCHAPTER 70 Chapter 70: Using the Registration & License WizardWizards > Registration & License W
Wizards > Registration & License Wizard816SonicOS Enhanced 4.0 Administrator GuideStep 2 Select Registration and License Wizard and click Next.
Wizards > Registration & License Wizard817SonicOS Enhanced 4.0 Administrator GuideStep 5 On the Choose security services page, select the secur
Wizards > Registration & License Wizard818SonicOS Enhanced 4.0 Administrator GuideStep 7 Verify that the services you want to purchase are list
Wizards > Registration & License Wizard819SonicOS Enhanced 4.0 Administrator GuideStep 9 The Confirm page displays. Verify that your order is c
System > Administration82SonicOS Enhanced 4.0 Administrator Guide • HTTPS - If this option is selected, HTTPS management is allowed from two IP ad
Wizards > Registration & License Wizard820SonicOS Enhanced 4.0 Administrator GuideStep 12 Your new security services are now available on the S
821SonicOS Enhanced 4.0 Administrator GuideCHAPTER 71 Chapter 71: Configuring a Public Server with the WizardWizards > Public Server Wizard1. Start
Wizards > Public Server Wizard822SonicOS Enhanced 4.0 Administrator Guide2. Select Public Server Wizard and click Next.3. Select the type of server
Wizards > Public Server Wizard823SonicOS Enhanced 4.0 Administrator Guide6. Click Next. 7. Enter the public IP address of the server. The default i
Wizards > Public Server Wizard824SonicOS Enhanced 4.0 Administrator Guide9. The Summary page displays a summary of all the configuration you have p
Wizards > Public Server Wizard825SonicOS Enhanced 4.0 Administrator Guide10. Click Apply in the Public Server Configuration Summary page to complet
Wizards > Public Server Wizard826SonicOS Enhanced 4.0 Administrator Guide
827SonicOS Enhanced 4.0 Administrator GuideCHAPTER 72 Chapter 72: Configuring VPN Policies with the VPN Policy WizardWizards > VPN WizardThe VPN Po
Wizards > VPN Wizard828SonicOS Enhanced 4.0 Administrator GuideUsing the VPN Policy WizardStep 1 In the top right corner of the VPN > Settings p
Wizards > VPN Wizard829SonicOS Enhanced 4.0 Administrator Guide –Default Key: If you choose the default key, all your Global VPN Clients and Globa
System > Administration83SonicOS Enhanced 4.0 Administrator GuideThe default URL http://help.mysonicwall.com/applications/vpnclient displays the So
Wizards > VPN Wizard830SonicOS Enhanced 4.0 Administrator Guide –Encryption: This is the method for encrypting data through the VPN Tunnel. The me
Wizards > VPN Wizard831SonicOS Enhanced 4.0 Administrator GuideNote If you enable user authentication, the users must be entered in the SonicWALL d
Wizards > VPN Wizard832SonicOS Enhanced 4.0 Administrator Guide • The shared secret if you selected a custom preshared secret in the VPN Wizard.
Wizards > VPN Wizard833SonicOS Enhanced 4.0 Administrator GuideUsing the VPN Wizard to Configure Preshared SecretStep 1 On the System > Status p
Wizards > VPN Wizard834SonicOS Enhanced 4.0 Administrator Guide –Policy Name: Enter a name you can use to refer to the policy. For example, Boston
Wizards > VPN Wizard835SonicOS Enhanced 4.0 Administrator GuideIf the object or group you want has not been created yet, select Create Object or Cr
Wizards > VPN Wizard836SonicOS Enhanced 4.0 Administrator Guide –Encryption: This is the method for encrypting data through the VPN Tunnel. The me
837SonicOS Enhanced 4.0 Administrator GuideIndexSymbols 401, 793, 796–797, 800–803, 805–808, 811–813, 815, 821, 827–828Numerics802.11a 394802.11g 315,
838SonicOS Enhanced 4.0 Administrator GuideDdeep packet inspection 718DF bit 582DH group 829VPN policy wizard 835DHCPrelay mode 587setup wizard 797VPN
839SonicOS Enhanced 4.0 Administrator GuideIIDS 405authorizing access points 407rogue access points 406IEEE 802.11b 315IEEE 802.11g 315IKEDH group 829
System > Administration84SonicOS Enhanced 4.0 Administrator Guide
840SonicOS Enhanced 4.0 Administrator Guidesettings 248translated destination 248translated service 249translated source 248NAT policyloopback policy
841SonicOS Enhanced 4.0 Administrator GuideLAN settings 798–799, 803–804, 808, 813–814NAT with DHCP client 802NAT with PPPoE 805NAT with PPPoE client
842SonicOS Enhanced 4.0 Administrator Guideauthentication 830, 836configuration summary 836connecting Global VPN Clients 831destination networks 835DH
©2008SonicWALL,Inc.isaregisteredtrademarkofSonicWALL,Inc.Otherproductnamesmentionedhereinmaybetrademarksand/orregisteredtrademarksoftheirrespectivecom
85SonicOS Enhanced 4.0 Administrator GuideCHAPTER 8 Chapter 8: Managing CertificatesSystem > CertificatesTo implement the use of certificates for V
System > Certificates86SonicOS Enhanced 4.0 Administrator Guide • OpenSSL • VeriSignCertificates and Certificate RequestsThe Certificate and Cert
System > Certificates87SonicOS Enhanced 4.0 Administrator GuideCertificate DetailsClicking on the icon in the Details column of the Certificates an
System > Certificates88SonicOS Enhanced 4.0 Administrator GuideImporting a Certificate Authority CertificateTo import a certificate from a certific
System > Certificates89SonicOS Enhanced 4.0 Administrator GuideImporting a Local CertificateTo import a local certificate, perform these steps:Step
ixSonicOS Enhanced 4.0 Administrator GuideChapter 21: Configuring NAT Policies . . . . . . . . . . . . . . . . . . . . . . . . . .245Network > NA
System > Certificates90SonicOS Enhanced 4.0 Administrator GuideImporting a CRLYou can import the CRL by manually downloading the CRL and then impor
System > Certificates91SonicOS Enhanced 4.0 Administrator GuideTo generate a local certificate, follow these steps:Step 1 Click the New Signing Req
System > Certificates92SonicOS Enhanced 4.0 Administrator Guide
93SonicOS Enhanced 4.0 Administrator GuideCHAPTER 9 Chapter 9: Configuring Time SettingsSystem > TimeThe System > Time page defines the time and
System > Time94SonicOS Enhanced 4.0 Administrator GuideIf you want to set your time manually, uncheck Set time automatically using NTP. Select the
95SonicOS Enhanced 4.0 Administrator GuideCHAPTER 10 Chapter 10: Setting SchedulesSystem > SchedulesThe System > Schedules page allows you to cr
System > Schedules96SonicOS Enhanced 4.0 Administrator GuideThe Schedules table displays all your predefined and custom schedules. In the Schedules
System > Schedules97SonicOS Enhanced 4.0 Administrator GuideAdding a Schedule To create schedules, click Add. The Add Schedule window is displayed.
System > Schedules98SonicOS Enhanced 4.0 Administrator Guide
99SonicOS Enhanced 4.0 Administrator GuideCHAPTER 11 Chapter 11: Managing SonicWALL Security Appliance FirmwareSystem > SettingsThis System > Se
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! Crazy discounts, hurry up! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. I. We sell fresh databases for GSA Search Engine Ranker. • The databases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount only until 04/10/2024! When ap
Hello! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. We sell fresh bases for GSA Search Engine Ranker and XRumer as well as a premium base for XRumer. • Bases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount on base purchases only until
Hello! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. We sell fresh bases for GSA Search Engine Ranker and XRumer as well as a premium base for XRumer. • Bases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount on base purchases only until
Hello! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. We sell fresh bases for GSA Search Engine Ranker and XRumer as well as a premium base for XRumer. • Bases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount on base purchases only until
Hello! We are Drop Dead Studio and our goal is to help companies achieve impressive sales results through automated marketing. We sell fresh bases for GSA Search Engine Ranker and XRumer as well as a premium base for XRumer. • Bases are updated monthly through 24/7 parsing and by connecting purchased databases from other sources. • You have the option to purchase a one-time fresh database or pay for a lifetime subscription for updates. ATTENTION! 40% discount on base purchases only until