Dell SonicWall SRA 1600 Скачать руководство пользователя страница 9 | Manualshive

Страница: 9 / 57

Dell SonicWall SRA 1600 Скачать руководство пользователя страница 9

Dell SonicWALL SRA 4200/1200 Getting Started Guide

9

Selecting a Deployment Scenario

The deployment scenarios described in this section are based
on actual customer deployments and are Dell SonicWALL-
recommended deployment best practices for SRA appliances.

A SRA appliance is commonly deployed in “one-arm” mode
over the DMZ or Opt interface on an accompanying gateway
appliance, such as a Dell SonicWALL NSA E7500. This method
of deployment offers additional layers of security control, plus
the ability to use Dell SonicWALL’s UTM services, including
Gateway Anti-Virus, Anti-Spyware, Content Filtering, Intrusion
Prevention Service, and Comprehensive Anti-Spam Service, to
scan all incoming and outgoing NetExtender traffic.

The primary interface (X0) on the Dell SonicWALL SRA
connects to an available segment on the gateway device. The
encrypted user session is passed through the gateway to the
SRA appliance. The Dell SonicWALL SRA appliance decrypts
the session and determines the requested resource.

The session traffic then traverses the gateway appliance to
reach the internal network resources. The gateway appliance
applies security services, such as Intrusion Prevention,
Gateway Anti-Virus, and Anti-Spyware inspection as data
traverses the gateway. The internal network resource then
returns the requested content to the Dell SonicWALL SRA
appliance through the gateway, where it is encrypted and sent
to the client.

Scenario Overviews

Scenario A: SRA on a New DMZ

WAN

DMZ

LAN

SRA Appliance

OPT, X2, etc

X1

X0

X0

Remote Users

Switch

Router

Network Nodes

Dell SonicWALL UTM Appliance

E7500

Network Security Appliance

«
...
7
8
9
10
11
...
»

Содержание SonicWall SRA 1600

Страница 1: ...Getting Started Guide Secure Remote Access Appliances Secure Remote Access SRA 4200 1200 Getting Started Guide ...

Страница 2: ...Smart Access SonicWALL Aventail Unified Policy SonicWALL Aventail Advanced EPC SonicWALL Clean VPN SonicWALL Clean Wireless SonicWALL Global Response Intelligent Defense GRID Network SonicWALL Mobile Connect SonicWALL SuperMassive E10000 Series and all other SonicWALL product and service names and slogans are trademarks of Dell Inc 2012 11 P N 232 002122 00 Rev C NOTE A NOTE indicates important in...

Страница 3: ... the most common use case scenarios and network topologies in which the Dell SonicWALL SRA 1200 4200 appliance can be deployed Document Contents This document contains the following sections Setting Up Your Network page 5 Connecting Your SRA 1200 4200 page 21 Registering Your Appliance page 23 Network Configuration page 29 Upgrading Your Appliance page 41 Support and Training Options page 45 Safet...

Страница 4: ...4 ...

Страница 5: ...information Review this section before setting up your Dell SonicWALL SRA 1200 4200 appliance SRA 1200 Package Contents page 6 SRA 4200 Package Contents page 7 What You Need to Begin page 8 Selecting a Deployment Scenario page 9 Installing the SRA Appliance page 11 Accessing the Management Interface page 12 Troubleshooting page 13 1 ...

Страница 6: ...l CLI cable One rack mount kit One or more power cord s The included power cord s is approved for use only in spe cific countries or regions Before using a power cord verify that it is rated and approved for use in your location Missing Items If any items are missing from your package contact Dell SonicWALL Support Web http www sonicwall com us Support html Email customer_service sonicwall com x6 ...

Страница 7: ...able One serial CLI cable One rack mount kit One or more power cord s The included power cord s is approved for use only in spe cific countries or regions Before using a power cord verify that it is rated and approved for use in your location Missing Items If any items are missing from your package contact Dell SonicWALL Support Web http www sonicwall com us Support html Email customer_service son...

Страница 8: ...ference Registration Information Administrator Information Network Configuration Information Collect the following information about your current network configuration Primary DNS Secondary DNS optional DNS Search List in order WINS server s optional Supported Browsers Browser Version Internet Explorer 8 0 or higher Firefox 16 0 or higher Safari 5 0 or higher for Mac OS 10 0 Chrome 22 0 or higher ...

Страница 9: ...tender traffic The primary interface X0 on the Dell SonicWALL SRA connects to an available segment on the gateway device The encrypted user session is passed through the gateway to the SRA appliance The Dell SonicWALL SRA appliance decrypts the session and determines the requested resource The session traffic then traverses the gateway appliance to reach the internal network resources The gateway ...

Страница 10: ...DMZ Scenario C SRA on the LAN DMZ LAN WAN OPT X2 etc X1 X0 X0 Remote Users Network Nodes Dell SonicWALL UTM Appliance E7500 Network Security Appliance Switch Switch Router SRA Appliance LAN WAN LAN Port X0 Remote Users Existing Gateway Device or Switch Hub Internet Router SRA Appliance ...

Страница 11: ...nect the other end of the cable into the computer you are using to manage the Dell SonicWALL SRA 1200 4200 Gateway Device Deployment Scenario Conditions or Requirements SonicOS Enhanced 3 1 or higher TZ Series PRO Series NSA E Class SonicOS 5 0 NSA Series SonicOS 5 0 SRA on New DMZ OPT or unused interface New DMZ configured for NAT or Transparent Mode SRA on Existing DMZ No unused interfaces One d...

Страница 12: ...p 192 168 200 1 the default X0 management IP address in the Location or Address field Note A security warning may appear Click Continue to this website or OK to accept the certificate and continue 3 The Dell SonicWALL SRA Management Interface Login displays and prompts you to enter your user name and password Enter admin in the User Name field password in the Password field select LocalDomain from...

Страница 13: ... performed through X0 Is the link light illuminated on both the management station and the SRA appliance Did you correctly enter the SRA appliance management IP address in your Web browser Is your computer set to a static IP address of 192 168 200 20 Is your Domain set to LocalDomain on the login screen If you are still unable to connect to the SRA appliance contact Dell SonicWALL Support Web http...

Страница 14: ...ting Started Guide 14 Connecting Your Appliance In this Section This section provides procedures for connecting your Dell SonicWALL SRA 1200 4200 appliance Configuring Your SRA 4200 1200 page 15 Connecting Your SRA 1200 4200 page 21 2 ...

Страница 15: ...nterface select the Users Local Users page 2 Click the Configure button corresponding to the admin account Note Changing your password from the factory default is strongly recommended If you change your password be sure to keep it in a safe place If you lose your password you will have to reset the SRA appliance to factory settings losing your configuration 3 Enter a password for the admin account...

Страница 16: ...down menus 5 Enter a Password for the user Confirm the new password 6 Select User from the User Type drop down menu 7 Click Accept to finish adding a local user Setting the Time Zone 1 Navigate to the System Time page 2 Select the appropriate Time Zone from the drop down menu 3 Click Accept to save changes to the time settings Note Setting the correct time is essential to operations of the Dell So...

Страница 17: ...o arrange the DNS suffixes in order of priority The first suffix in the list is appended to the host name to create a FQDN which is used to resolve names If the name is not resolved the next suffix in the list is used 3 Optional Enter your WINS servers in the Primary WINS Server and Secondary WINS Server fields 4 Click Accept Configuring the X0 IP Address for Scenario B and Scenario C If deploying...

Страница 18: ...ected To configure a default route 1 Navigate to the Network Routes page 2 Enter the IPv4 or IPv6 address of your upstream gateway device in the Default Gateway field Enter the IPv6 address if the gateway is configured accordingly 3 Select X0 in the Interfaces drop down list 4 Click Accept If you are using scenario Set the X0 interface to B SRA on an Existing DMZ IP Address An unused address withi...

Страница 19: ...r Client Routes page 2 To force all SRA client traffic to pass through the NetExtender tunnel select Enabled from the Tunnel All Mode drop down list 3 Click Add Client Route 4 Enter the IP address of the trusted network to which you would like to provide access with NetExtender in the Destination Network field For example if you are connecting to an existing DMZ with the network 192 168 50 0 24 an...

Страница 20: ...a limited number of public addresses from your ISP In either case you may assign a new unallocated IP range to NetExtender such as 192 168 10 100 to 192 168 10 200 and configure a route to this range on your gateway appliance For example if your current Transparent range is 67 115 118 75 through 67 115 118 80 and you wish to support 50 concurrent NetExtender clients configure your SRA X0 interface...

Страница 21: ...page 22 Scenario C SRA on the LAN page 22 Scenario A SRA on a New DMZ To connect the Dell SonicWALL SRA 1200 4200 using Scenario A perform the following steps 1 Connect one end of an Ethernet cable to the OPT X2 or other unused port on your existing SRA appliance 2 Connect the other end of the Ethernet cable to the X0 port on the front of your Dell SonicWALL SRA 1200 4200 The X0 Port LED lights up...

Страница 22: ...ctive connection Continue to Chapter Scenario C SRA on the LAN To connect the Dell SonicWALL SRA 1200 4200 using Scenario C perform the following steps 1 Connect one end of an Ethernet cable to an unused port on your LAN hub or switch 2 Connect the other end of the Ethernet cable to the X0 port on the front of your Dell SonicWALL SRA 1200 4200 The X0 Port LED lights up green indicating an active c...

Страница 23: ...tering your Dell SonicWALL SRA 1200 4200 appliance Creating a MySonicWALL Account page 24 Registering Your SRA Appliance page 25 Services and Licensing page 26 Note Registration is an important part of the setup process and is necessary to receive the benefits of Dell SonicWALL services user licensing firmware updates and technical support 3 ...

Страница 24: ...wing section Perform the following steps to create a MySonicWALL account 1 In your browser navigate to www mysonicwall com 2 In the login screen click the Register Now link 3 Complete the Registration form and click Register 4 Verify that the information is correct and click Submit 5 In the screen confirming that your account was created click Continue to finish creating your MySonicWALL account ...

Страница 25: ... or Network Routes pages respectively Product Registration Register your SRA appliance on MySonicWALL to enable full functionality 1 Login to your MySonicWALL account If you do not have an account you can create one at www mysonicwall com 2 On the main page enter the appliance serial number in the Register A Product field Click Next 3 On the My Products page under Add New Product enter the friendl...

Страница 26: ...etails on a product or service click the Info arrow icon next to the desired item If you purchased an appliance that is pre licensed you may be required to enter your activation key here unless current licenses are already indicated in the Status column with either a license key or an expiration date The following products and services are available for the Dell SonicWALL SRA appliance Gateway Ser...

Страница 27: ...e an activation key This key is emailed to you after online purchases or is on the front of the certificate that was included with your purchase To activate existing licenses perform the following tasks 1 Navigate to the My Products page and select the registered product you want to manage 2 Locate the product on the Service Management page and click Enter Key in that row 3 In the Activate Service...

Страница 28: ... page To purchase a product or service click Buy Now in the Service Management page to complete your purchase When activation is complete MySonicWALL displays an activation screen with service status and expiration information The service management screen also displays the product you licensed You have successfully registered your SonicWALL appliance ...

Страница 29: ...instructions for connecting your Dell SonicWALL SRA appliance to various network devices including gateway appliances Scenario A SRA on a New DMZ page 30 Scenario B SRA on an Existing DMZ page 34 Scenario C SRA on the LAN page 37 Testing Your Remote Connection page 40 Tip Before performing the procedures in this section fill out the information on What You Need to Begin on page 8 4 ...

Страница 30: ...connected to your LAN launch your Web browser and enter the IP address of your existing Dell SonicWALL security appliance in the Location or Address field 2 When the management interface displays enter your user name and password in the appropriate fields and click Login Note Remember that you are logging into your Dell SonicWALL security appliance not the SRA appliance Adding a New SRA Custom Zon...

Страница 31: ...age select 4 In the Add Service Group dialog box create a service group for HTTP and HTTPS Enter a name for the service Select both HTTP and HTTPS and click Click OK when both the HTTP and HTTPS are in the right column 5 On the Server Private Network Configuration page enter the following server and SRA information and click Next 6 On the Server Public Information page accept the default IP addres...

Страница 32: ...ace IP address of the SRA appliance 7 Click Add to create the object Once done click Close 8 On the Network Address Objects page in the Address Groups section click 9 In the Add Address Object Group dialog box create a group for the X0 interface IP address of your SRA appliance and the NetExtender IP range Enter a name for the group In the left column select the two groups you created and click th...

Страница 33: ...cess Rules page click 13 In the Add Rule window create a rule to allow access to the LAN for the address group you just created 14 Click OK to create the rule Continue to Testing Your Remote Connection on page 40 Action Allow From Zone SRA To Zone LAN Service Any Source The address group you just created such as SonicWALL_SRA_Group Destination Any Users Allowed All Schedule Always on Enable Loggin...

Страница 34: ... Dell SonicWALL firewall not the SRA appliance Allowing WAN DMZ Connection If you are already forwarding HTTP or HTTPS to an internal server and you only have a single public IP address you will need to select different unique ports of operation for either the existing servers or for the SRA appliance because both cannot concurrently use the same IP address and port combinations To create a public...

Страница 35: ...nect to resources on the LAN 1 Navigate to the Network Address Objects page 2 In the Address Objects section click 3 In the Add Object dialog box create an address object for the X0 interface IP address of your SRA appliance then click OK 4 Click again to create an address object for the NetExtender range 5 In the Add Object dialog box create an address object for the X0 interface IP address of yo...

Страница 36: ...Firewall Access Rules page 9 On the Firewall Access Rules page in the matrix view click the DMZ LAN icon 10 On the resulting Firewall Access Rules page click 11 In the Add Rule window create a rule to allow access to the LAN for the address group you just created 12 Click OK to create the rule Continue to Testing Your Remote Connection on page 40 Action Allow From Zone DMZ To Zone LAN Service Any ...

Страница 37: ...our User Name and Password in the appropriate fields and click Login Note Remember that you are logging into your Dell SonicWALL security appliance not the SRA appliance Configuring SRA LAN Connectivity In order for users to access local resources through the SRA appliance you must configure your gateway device to allow an outside connection through the SRA into your LAN 1 Navigate to the Network ...

Страница 38: ...og box create a group for the X0 interface IP address of your SRA and the NetExtender IP range then click OK 9 Navigate to the Firewall Access Rules page set the page to matrix view and click the SRA LAN icon 10 On the resulting Firewall Access Rules page click Name Name for NetExtender Zone Assignment SRA Type Range Starting IP Address Start of the NetExtender IP address range 192 168 200 100 by ...

Страница 39: ...elect HTTP and HTTPS check boxes and click Next 5 Enter SRA in the Server Name field 6 Enter 192 168 168 200 or the address you have configured to the SRA s X0 interface in the Private IP field 7 Enter a comment such as WAN to SRA to describe your connection and click Next 8 Verify the Public Server field contains the correct IP address and click Next 9 Click Apply to finish setting public server ...

Страница 40: ...ed in Adding a Local User on page 16 of this guide 3 Select LocalDomain from the drop down menu and click Login The Dell SonicWALL Virtual Office screen appears in your Web browser 4 Click NetExtender to start the NetExtender client installation 5 If prompted click Install to complete the client installation 6 Ping a host on your corporate LAN to verify your remote connection You have now successf...

Страница 41: ...ction This section provides procedures for upgrading an existing SRA image on a Dell SonicWALL SRA 1200 or 4200 to a newer version Obtaining the Latest SRA Image page 42 Exporting Configuration Settings page 42 Uploading a New SRA Image page 43 Resetting the Appliance in SafeMode page 44 5 ...

Страница 42: ...gs to your local machine The Export Settings feature saves a copy of your current configuration settings on your SRA appliance protecting all your existing settings in the event that it becomes necessary to return to a previous configuration state Note Exporting and Importing system configuration settings is supported when upgrading from a Dell SonicWALL SRA SSL VPN 200 2000 4000 1200 4200 applian...

Страница 43: ... reboot your SRA appliance with the new SRA image Do one of the following 1 To reboot the image with current preference click the boot icon for the following entry Uploaded Firmware New 2 To reboot the image with factory default settings click the boot icon for the following entry Uploaded Firmware with Factory Default Settings New Note Be sure to save a backup of your current configuration settin...

Страница 44: ...ke a straightened paper clip or a pen tip to press and hold the reset button on the security appliance for five to ten seconds The reset button is on the front panel in a small hole to the right of the USB connectors The TEST light starts blinking when the SRA appliance has rebooted into SafeMode Tip If this procedure does not work while the power is on turn the unit off and on while holding the r...

Страница 45: ... Section This section provides overviews of customer support and training options for Dell SonicWALL SRA appliances Customer Support page 46 Warranty Support Policy page 46 Knowledge Base page 47 User Forums page 47 Training page 48 Related Documentation page 49 Live Product Demos page 50 6 ...

Страница 46: ... com us support contact html Please review our Warranty Support Policy for product coverage Warranty Support Policy All Dell SonicWALL appliances come with a 1 year Limited Hardware Warranty which provides delivery of critical replacement parts for defective parts under warranty In addition for 90 days from the warranty start date Dell SonicWALL SRA 4200 1200 appliances are entitled to a Limited S...

Страница 47: ...rmation visit http www sonicwall com us support 2213 html User Forums The Dell SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters Categories include SSL VPN topics VPN Client topics Continuous Data Protection topics Email Security topics Network Anti Virus topics SonicPoint and Wireless topics For furth...

Страница 48: ...nicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in Dell SonicWALL Products and Security Applications Dell SonicWALL Training provides the following resources for its customers E Training Instructor Led Training Custom Training Technical Certification Authorized Training Partners For further information visit http www sonicwall com us training html ...

Страница 49: ...N Administrator s Guide Dell SonicOS SSL VPN User s Guide Dell SonicOS SSL VPN Release Notes Dell SonicOS SSL VPN Feature Modules Dell SonicOS Administrator s Guide Dell SonicOS Feature Modules Dell SonicWALL GMS Administrator s Guide Dell SonicWALL Analyzer Administrator s Guide For further information visit http www sonicwall com us support 289 html ...

Страница 50: ... Demo Site provides free test drives of Dell SonicWALL security products and services through interactive live product installations SSL VPN Secure Remote Access Unified Threat Management Platform Secure Cellular Wireless Continuous Data Protection Content Filtering Secure Wireless Solutions Email Security GMS and ViewPoint For further information visit http livedemo sonicwall com ...

Страница 51: ...Dell SonicWALL SRA 4200 1200 Getting Started Guide 51 Safety and Regulatory Information In this Section This section provides safety and regulatory information for the SRA 1200 4200 appliances 7 ...

Страница 52: ...revent a hazardous condition caused by uneven mechanical loading If installed in a closed or multi unit rack assembly the operating ambient temperature of the rack environment may be greater than room ambient temperature Therefore consider installing the equipment in an environment compatible with the maximum recommended ambient temperature shown above Consideration must be given to the connection...

Страница 53: ...in einem geschlossenen 19 Gehäuse oder mit mehreren anderen Geräten eingesetzt ist wird die Temperatur in der Gehäuse höher sein als die Umgebungstemperatur Achten Sie darauf daß die Umgebungstemperatur nicht mehr als 40 C beträgt Bringen Sie die Dell SonicWALL waagerecht im Rack an um mögliche Gefahren durch ungleiche mechanische Belastung zu vermeiden Prüfen Sie den Anschluss des Geräts an die S...

Страница 54: ... Frequency Emissions Statement This Class A digital apparatus complies with Canadian ICES 003 Cet appareil numérique de la classe A conforme à toute la norme NMB 003 du Canada Complies with EN 55022 Class A and CISPR22 Class A Warning This is a class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Cautio...

Страница 55: ...rmation and Telecommunication Certification Numbers SWL 1RK23 0A0 KCC REM SWL 0A0 SWL 1RK23 0A1 KCC REM SWL 0A1 All products with country code blank and A are made in the USA All products with country code B are made in China All products with country code C or D are made in Taiwan R O C All certificates held by Secuwide Corp ...

Страница 56: ......

Страница 57: ......

Отзывы:

Нет отзывов