SonicWALL NSA 2400 Getting Started Manual Download Page 2

Page: 2 / 70

SonicWALL NSA 2400 Getting Started Guide

Page 1

SonicWALL NSA 2400
Getting Started Guide

This

Getting Started Guide

provides instructions for basic

installation and configuration of the SonicWALL Network
Security Appliance (NSA) 2400 running SonicOS Enhanced.
After you complete this guide, computers on your Local Area
Network (LAN) will have secure Internet access.

Document Contents

This document contains the following sections:

Pre-Configuration Tasks

- page 3

Registering Your Appliance on MySonicWALL

- page 9

Deployment Scenarios

- page 14

Additional Deployment Configuration

- page 35

Support and Training Options

- page 55

Product Safety and Regulatory Information

- page 63

Summary of Contents for NSA 2400

Page 1: ...Getting Started Guide SonicWALL Network Security Appliances NETWORK SECURITY NSA 2400...

Page 2: ...SonicOS Enhanced After you complete this guide computers on your Local Area Network LAN will have secure Internet access Document Contents This document contains the following sections Pre Configurat...

Page 3: ...ble parts from the SonicWALL NSA appliance Proper guidelines can be found in the Safety and Regulatory Information section on page 64 of this guide I o PML Front Back 1U rack mountable 17 x 10 25 x 1...

Page 4: ...n Tasks In this Section This section provides pre configuration information Review this section before setting up your SonicWALL NSA 2400 appliance Check Package Contents page 4 Obtain Configuration I...

Page 5: ...your package please contact SonicWALL support A listing of the most current support documents are available online at http www sonicwall com us support html The included power cord is intended for us...

Page 6: ...panel of your SonicWALL appliance LAN IP Address Select a static IP address for your SonicWALL appliance that is within the range of your local subnet If you are unsure you can use the default IP addr...

Page 7: ...e use LED Top to Bottom Power LED Indicates the SonicWALL NSA appliance is powered on Test LED Flickering Indicates the appliance is initializing Steady blinking Indicates the appliance is in SafeMode...

Page 8: ...A 2400 Getting Started Guide Page 7 The Back Panel Icon Feature Description Fans 2 The SonicWALL NSA 2400 includes two fans for system temperature control Power Supply The SonicWALL NSA 2400 power sup...

Page 9: ...u must use MySonicWALL to associate a backup unit that can share the Security Services licenses with your primary SonicWALL If you do not yet have a MySonicWALL account you can use MySonicWALL to regi...

Page 10: ...Creating a MySonicWALL Account page 10 Registering and Licensing Your Appliance on MySonicWALL page 10 Licensing Security Services and Software page 11 Registering a Second Appliance as a Backup page...

Page 11: ...ration page 10 Licensing Security Services and Software page 11 Managing Licenses page 11 Registering a Second Appliance as a Backup page 12 Product Registration You must register your SonicWALL secur...

Page 12: ...e ViewPoint Support Services Dynamic Support 8x5 Dynamic Support 24x7 Software and Firmware Updates Managing Licenses To manage your licenses perform the following tasks 1 In the MySonicWALL Service M...

Page 13: ...ilability HA pair You can purchase the license associate the two appliances as part of the registration process on MySonicWALL The second SonicWALL will automatically share the Security Services licen...

Page 14: ...To return to the Service Management Associated Products page click the serial number link for this appliance Registration Next Steps Your SonicWALL NSA 2400 HA Pair is now registered and licensed on M...

Page 15: ...age 15 Scenario A NAT Route Mode Gateway page 16 Scenario B State Sync Pair in NAT Route Mode page 17 Scenario C L2 Bridge Mode page 18 Initial Setup page 19 Upgrading Firmware on Your SonicWALL page...

Page 16: ...oute Mode Gateway Pair of SonicWALL NSA appliances for high availability B NAT with State Sync Pair Existing Internet gateway appliance SonicWALL NSA as replacement for an existing gateway appliance A...

Page 17: ...d through the SonicWALL appliance for load balancing and failover purposes Because only a single SonicWALL appliance is deployed the added benefits of high availability with a stateful synchronized pa...

Page 18: ...nformation is synchronized between the two devices so that the backup appliance can seamlessly switch to active mode without dropping any connections if the primary device loses connectivity To set up...

Page 19: ...nsparent security appliance integration Using L2 Bridge Mode a SonicWALL security appliance can be non disruptively added to any Ethernet network to provide in line deep packet inspection for all trav...

Page 20: ...ion page 22 Activating Licenses in SonicOS page 22 Upgrading Firmware on Your SonicWALL page 23 System Requirements Before you begin the setup process check to verify that you have An Internet connect...

Page 21: ...ou plug in the SonicWALL NSA The Alarm LED may light up and the Test LED will light up and may blink while the appliance performs a series of diagnostic tests When the Power LEDs are lit and the Test...

Page 22: ...er the management IP address in your Web browser Are the Local Area Connection settings on your computer set to use DHCP or set to a static IP address on the 192 168 168 x 24 subnet Do you have the Et...

Page 23: ...navigate to http www sonicwall com If you can view the SonicWALL home page you have configured your SonicWALL NSA appliance correctly If you cannot view the SonicWALL home page renew your management s...

Page 24: ...is available on http www sonicwall com at the top of the Service Management page for your SonicWALL NSA appliance To activate licenses in SonicOS 1 Navigate to the System Licenses page 2 Under Manage...

Page 25: ...n the System Settings page click Create Backup Your configuration preferences are saved The System Backup entry is displayed in the Firmware Management table 2 To export your settings to a local file...

Page 26: ...settings available on the System Settings page To use SafeMode to upgrade firmware on the SonicWALL security appliance perform the following steps 1 Connect your computer to the X0 port on the SonicW...

Page 27: ...e 27 Configuring Advanced HA Settings page 27 Synchronizing Settings page 29 Synchronizing Firmware page 30 Configuring HA License Overview page 30 Associating Pre Registered Appliances page 31 Initia...

Page 28: ...mmunicates the settings to the Backup SonicWALL security appliance To configure HA on the Primary SonicWALL perform the following steps 1 Navigate to the High Availability Settings page 2 Select the E...

Page 29: ...the interval in seconds between communication with upstream or downstream systems The default is 20 seconds and the allowed range is 5 to 255 seconds You can set the Probe IP Address es on the High Av...

Page 30: ...le the Include Certificate Keys setting and manually synchronize the settings and then disable Include Certificate Keys To verify that Primary and Backup SonicWALL security appliances are functioning...

Page 31: ...o use Stateful HA you must first activate the Stateful High Availability Upgrade license for the primary unit in SonicOS This is automatic if your appliance is connected to the Internet See Registerin...

Page 32: ...page in the text boxes under Associate New Products type the serial number and the friendly name of the appliance that you want to associate as the child secondary backup unit 7 Select the group from...

Page 33: ...his static IP address when configuring the secondary bridge Note The primary bridge interface must have a static IP assignment Configuring the Secondary Bridge Interface Complete the following steps t...

Page 34: ...rk topology requires that all packets entering the L2 Bridge remain on the L2 Bridge segments You may optionally enable the Block all non IPv4 traffic setting to prevent the L2 bridge from passing non...

Page 35: ...Page 34 Configuring L2 Bridge Mode...

Page 36: ...SonicOS diagnostic tools and a deployment configuration reference checklist Creating Network Access Rules page 36 Creating a NAT Policy page 38 Creating Address Objects page 39 Configuring NAT Policie...

Page 37: ...ocks all traffic from the Internet to the LAN The following behaviors are defined by the Default stateful inspection packet access rule enabled in the SonicWALL security appliance To create an access...

Page 38: ...lay the Add Service window or Add Service Group window Select the source of the traffic affected by the access rule from the Source drop down list Selecting Create New Network displays the Add Address...

Page 39: ...or s Guide for more information on managing QoS marking in access rules 6 Click OK to add the rule Creating a NAT Policy The Network Address Translation NAT engine in SonicOS Enhanced allows users to...

Page 40: ...nge Range Address Objects define a range of contiguous IP addresses Network Network Address Objects are like Range objects in that they comprise multiple hosts but rather than being bound by specified...

Page 41: ...in the FQDN field 6 Click OK Configuring NAT Policies NAT policies allow you to control Network Address Translation based on matching combinations of Source IP address Destination IP address and Desti...

Page 42: ...olicy checkbox if you want a matching NAT Policy to be automatically created in the opposite direction This will create the outbound as well as the inbound policies 13 Click OK Policies for subnets be...

Page 43: ...rvice Management page for your SonicWALL NSA appliance To activate licenses in SonicOS 1 Navigate to the System Licenses page 2 Under Manage Security Services Online do one of the following Enter your...

Page 44: ...ton Enabling Intrusion Prevention Services To enable Intrusion Prevention Services in SonicOS 1 Navigate to Security Services Intrusion Prevention 2 Select the Enable Intrusion Prevention checkbox 3 I...

Page 45: ...signature inspection on outbound traffic 6 Click the Accept button Enabling Comprehensive Anti Spam Service To enable Anti Spam in SonicOS 1 Navigate to the Anti Spam Settings page Note If the service...

Page 46: ...IP Address From field and the last address into the IP Address To field 4 Click OK The IP address range is added to the CFS Exclusion List 5 On the Security Services Content Filter page click Accept E...

Page 47: ...s throughout your enterprise The SonicPoint section of the SonicOS management interface lets you manage the SonicPoints connected to your system Before you can manage SonicPoints in the Management Int...

Page 48: ...ix to be used as the first part of the name for each SonicPoint provisioned Select the Country Code for where the SonicPoints are operating 2 In the 802 11g Radio tab Select Enable Radio Select a sche...

Page 49: ...11g bands at the same time The settings in the 802 11a Radio and 802 11a Advanced tabs are similar to the settings in the 802 11g Radio and 802 11g Advanced tabs 5 When finished click OK Configuring...

Page 50: ...raffic that enters into the WLAN Zone interface be either IPsec traffic WPA traffic or both Note If you have configured WPA2 as your authentication type you do not need to enable WiFiSec If you have e...

Page 51: ...HTTP and or HTTPS in User Login 7 Click OK Connecting the SonicPoint When a SonicPoint unit is first connected and powered up it will have a factory default configuration IP Address 192 168 1 20 usern...

Page 52: ...gnostic Tools SonicOS provides a number of diagnostic tools to help you maintain your network and troubleshoot problems Several tools can be accessed on the System Diagnostics page and others are avai...

Page 53: ...ombined into a search string with a logical AND Select the Group Filters box next to any two or more criteria to combine them with a logical OR Using Log View The SonicWALL security appliance maintain...

Page 54: ...Zones Enabling SonicWALL Security Services on Zones section Configuring Web filtering protection Configuring SonicWALL Content Filtering Service Changing administrator login Configuring Administratio...

Page 55: ...Page 54 Deployment Configuration Reference Checklist...

Page 56: ...rovides overviews of customer support and training options for the SonicWALL NSA 2400 Customer Support page 56 Knowledge Base page 56 SonicWALL Live Product Demos page 57 User Forums page 58 Training...

Page 57: ...SonicWALL offers telephone email and Web based support to customers with valid Warranty Support or a purchased support contract Please review our Warranty Support Policy for product coverage Knowledge...

Page 58: ...Site provides free test drives of SonicWALL security products and services through interactive live product installations Unified Threat Management Platform Secure Cellular Wireless Continuous Data Pr...

Page 59: ...ailable for users Content Security Manager topics Continuous Data Protection topics Email Security topics Firewall topics Network Anti Virus topics Security Services and Content Filtering topics Sonic...

Page 60: ...Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications SonicWALL Training provides the following resources for its custom...

Page 61: ...tiple Admin NAT Load Balancing Packet Capture Radio Frequency Monitoring Single Sign On SSL Control Virtual Access Points SonicWALL GMS Administrator s Guide SonicWALL GVC Administrator s Guide SonicW...

Page 62: ...es to build a truly secure wireless network Check out the SonicWALL Secure Wireless Network Integrated Solutions Guide This book is the official guide to SonicWALL s market leading wireless networking...

Page 63: ...Page 62 SonicWALL Secure Wireless Network Integrated Solutions Guide...

Page 64: ...ed Guide Page 63 Product Safety and Regulatory Information In this Section This section provides regulatory trademark and copyright information Safety and Regulatory Information page 64 Copyright Noti...

Page 65: ...ding Consideration must be given to the connection of the equip ment to the supply circuit The effect of overloading the circuits has minimal impact on overcurrent protection and supply wir ing Approp...

Page 66: ...ftungsabstand von mindestens 26 mm einzuhalten Bringen Sie die SonicWALL waagerecht im Rack an um m gliche Gefahren durch ungleiche mechanische Belastung zu vermeiden Pr fen Sie den Anschluss des Ger...

Page 67: ...adian Radio Frequency Emissions Statement This Class A digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe A est conforme toutes la norme NMB 003 du Canada Complies w...

Page 68: ...ptions are subject to change without notice Trademarks SonicWALL is a registered trademark of SonicWALL Inc Microsoft Windows 98 Windows Vista Windows 2000 Windows XP Windows Server 2003 Internet Expl...

Page 69: ...Page 68 Notes Notes...

Page 70: ...ned herein may be trademarks and or registered trademarks of their respective companies Specifications and descriptions subject to change without notice SonicWALL Inc 2001 Logic Drive San Jose CA 9512...

Search results

Summary of Contents for NSA 2400

Reviews:

Brands by name

Popular brands

SonicWALL NSA 2400, Getting Started Manual

Search results

Summary of Contents for NSA 2400

Reviews:

Brands by name

Popular brands