To use the Setup Wizard, log in to a SonicWALL firewall and click the Wizards button. The Wizards (
Figure A) button can be found on the main System | Status page.
Figure A |
|
The SonicWALL System Status page provides a wealth of information regarding a firewall's configuration. |
Here’s a walkthrough of the process using a SonicWALL PRO 1260.
After clicking the Wizards button, the SonicWALL Configuration Wizard presents four options (
Figure B).
Figure B |
|
The SonicWALL Configuration Wizard
presents four options. Administrators can either choose to select the
Setup Wizard (used to configure the SonicWALL device to secure network
connections), the PortShield Interface Wizard (for segmenting networks),
the Public Server Wizard (used to provide internal server access to the
public) or the VPN Wizard (for configuring access to a virtual private
network). |
Specify whether you wish to select the Setup Wizard, PortShield
Interface Wizard, Public Server Wizard or VPN Wizard. For this example,
we’ll choose Setup Wizard and click Next. The Setup Wizard appears.
- Step 1: The Change Password screen appears. Enter the
default or old password, then enter a new password and confirm the
new entry. When finished, click Next.
- Step 2: The Change Time Zone menu appears. Specify the
applicable time zone, and check the box if you want the firewall to
automatically adjust for daylight saving time, and click Next.
- Step 3: The WAN Network Mode screen appears. Select the
radio button indicating the method used to connect to your ISP
(Static IP, DHCP, PPPoE or PPTP). Then, click Next. For this
example we’ll select Static IP. (Figure C)
Figure C |
|
The WAN Network Mode menu enables specifying the most appropriate ISP connection method. |
- Step 4: The WAN Network Mode: NAT Enabled menu appears.
Enter the SonicWALL WAN IP Address, WAN Subnet Mask, Gateway
(Router) Address, DNS Server Address and a secondary DNS address,
and click Next. (Figure D)
Figure D |
|
Specify WAN settings using the WAN Network Mode screen. |
- Step 5: The LAN Settings menu appears. Supply an IP
address for the SonicWALL’s LAN. Be sure to provide a subnet mask,
and then click Next. (Figure E)
Figure E |
|
Specify LAN settings using the SonicWALL’s LAN Network Settings screen. |
- Step 6: The LAN DHCP Settings screen appears. Check the
Enable DHCP Server On LAN box if you wish for the SonicWALL device
to provide DHCP services. If you check the box, you’ll also have to
enter the valid LAN address range. When done, click Next. (Figure F)
Figure F |
|
Specify DHCP settings using the DHCP Server menu. |
- Step 7: The SonicWALL Configuration Summary (Figure G).
Review the information the wizard provides, and if all settings
are correct, click Apply. If the configuration requires adjustment,
click the Back button.
Figure G |
|
Review the Confirmation Summary carefully before proceeding; clicking Apply triggers the settings reviewed on this menu. |
A screen will appear indicating that the SonicWALL configuration is
being saved, and you’ll be asked to wait. When the configuration is
completed, you’ll see a Congratulations message stating the changes have
been made and the Setup Wizard has completed.
SonicWALL Log In
Once the Setup Wizard is complete, log in to the firewall by entering the IP address you assigned to the SonicWALL device in
Step 5
(on the LAN Settings menu). You’ll be greeted with a standard name and
password dialog box. Enter the name and password you supplied for the
firewall and click the Login button.
By default, the SonicWALL device displays the System | Status menu. To
configure additional firewall settings, click the Firewall button from
the menu appearing on the SonicWALL interface screen’s left edge.
The Firewall | Access Rules | All menu appears. The SonicWALL
application displays important information about the firewall’s
configuration within this screen. In addition to revealing zone and
priority information, the Access Rules menu displays source and
destination data, service type, action status, and user information (
Figure H).
Figure H |
|
Administrators can review SonicWALL’s Access Rules using three different views; here the All Rules view is displayed. |
Traffic statistics for each access rule can be obtained simply by
mousing-over the graph icon that appears toward the end of each access
rule line. Access rule configurations can be tweaked by clicking the
pencil and paper icon, or an access rule can be deleted by clicking its
trash can icon.
Creating access rules
To create an access rule:
- Log on to the SonicWALL firewall.
- Click the Firewall button.
- Click the Matrix or Drop-down Boxes View Style radio button. (See Figure I)
- Click the appropriate From And To Zone (such as WAN to LAN).
- Click the Add button that appears at the bottom of the menu.
Figure I |
|
When creating an access rule, you must
specify the appropriate criteria. SonicWALL’s firmware provides
pre-populated drop-down boxes for configuring most settings. |
- Using the General tab, specify the action to be taken to
traffic matching the access rule’s settings; Allow, Deny and Discard
are the three options.
- Select the appropriate service from the Service drop-down box.
Do the same for the Source, Destination, Users Allowed and Schedule
drop-down boxes.
- Enter a comment that describes the access rule or its purpose.
- Uncheck the Enable Logging checkbox if you don’t wish to log events related to the new access rule.
- Configure any advanced options (such as a timeout for TCP
connection inactivity or the number of connections permitted) using
the Advanced tab.
- Click OK.
Editing access rules
To edit an access rule:
- Log on to the SonicWALL firewall.
- Click the Firewall button.
- Select Access Rules.
- Click the pencil and paper icon for the access rule you wish to edit.
- Use the resulting drop-down boxes to adjust the access rule as required (Figure J). Alternatively, you can click an access rule’s corresponding trash can icon to delete it.
Figure J |
|
SonicWALL’s drop-down boxes make quick work when editing access rules. |
- Click OK to apply the edits (if you delete an access rule, the
deletion occurs upon confirming the action). The SonicWALL firmware will
write the changes and update the firewall’s configuration.
Editing service groups
SonicWALL devices, by default, include service objects and groups
designed to simplify firewall administration. Using SonicWALL firewalls,
service groups and objects are used to make common applications and
services (such as PC Anywhere, ShoreTel, VNC and Yahoo Messenger)
available to network users.
To review a firewall’s services settings:
- Log on to the SonicWALL firewall.
- Click the Firewall button.
- Select Services.
Numerous service groups are provided by default (
Figure K). To add additional groups or objects:
- Log on to the SonicWALL firewall.
- Click the Firewall button.
- Select Services.
- Click the Custom Services radio button.
- Click Add Group to create a new Service Group or Add to create a new service (Figure L).
Figure K |
|
SonicWALL’s firmware provides numerous pre-populated service groups to simplify firewall configuration. |
Figure L |
|
Administrators needing to create their own firewall services can do so by specifying the appropriate criteria. |
- If you click Add Group, numerous options are pre-populated in
the left pane. You can choose to select one of those or enter your
own name and click OK; to configure its settings, click its
subsequent pencil and paper icon. To create a new service, click the Add
button, provide a name, specify the appropriate protocol, enter
the port range or sub type if required and click OK.
No comments:
Post a Comment