Related Manuals for SonicWALL NSA 2400
Summary of Contents for SonicWALL NSA 2400
- Page 1 SonicWALL Network Security Appliances NSA 2400 NET WORK SECURIT Y Getting Started Guide...
-
Page 2: Table Of Contents
SonicWALL NSA 2400 Getting Started Guide This Getting Started Guide provides instructions for basic installation and configuration of the SonicWALL Network Security Appliance (NSA) 2400 running SonicOS Enhanced. After you complete this guide, computers on your Local Area Network (LAN) will have secure Internet access. - Page 3 Voltage 1 Amp / 50-60Hz Note: Always observe proper safety and regulatory guidelines when removing administrator-serviceable parts from the SonicWALL NSA appliance. Proper guidelines can be found in the Safety and Regulatory Information section, on page 64 of this guide.
-
Page 4: Pre-Configuration Tasks
Pre-Configuration Tasks In this Section: This section provides pre-configuration information. Review this section before setting up your SonicWALL NSA 2400 appliance. Check Package Contents • - page 4 Obtain Configuration Information • - page 5 The Front Panel • - page 6 The Back Panel •... - Page 5 Check Package Contents Before setting up your SonicWALL NSA appliance, verify that your package contains the following parts: Any Items Missing? If any items are missing from your package, please contact SonicWALL support. NSA 2400 Appliance A listing of the most current support documents are available online DB9 ->...
- Page 6 Ethernet WAN. This setting only applies if you are already using an ISP that DNS 3 (optional): assigns a static IP address. Note: If you are not using one of the network configurations above, refer to <http://www.sonicwall.com/us/support.html>. SonicWALL NSA 2400 Getting Started Guide Page 5...
-
Page 7: The Front Panel
For future use. LED (Top to Bottom) Power LED: Indicates the SonicWALL NSA appliance is powered on. Test LED: Flickering: Indicates the appliance is initializing. Steady blinking: Indicates the appliance is in SafeMode. Solid: Indicates that the appliance is in test mode. -
Page 8: The Back Panel
The Back Panel Icon Feature Description Fans(2) The SonicWALL NSA 2400 includes two fans for system temperature control. Power Supply The SonicWALL NSA 2400 power supply. SonicWALL NSA 2400 Getting Started Guide Page 7... - Page 9 Before You Register Note: Your SonicWALL NSA appliance does not need to be You need a MySonicWALL account to register the SonicWALL powered on during account creation or during the NSA appliance. You can create a new MySonicWALL account MySonicWALL registration and licensing process.
-
Page 10: Registering Your Appliance On Mysonicwall
Registration Next Steps - page 13 Note: Registration is an important part of the setup process and is necessary in order to receive the benefits of SonicWALL security services, firmware updates, and technical support. SonicWALL NSA 2400 Getting Started Guide... - Page 11 Registering a Second Appliance as a Backup page 12 Product Registration You must register your SonicWALL security appliance on MySonicWALL to enable full functionality. Login to your MySonicWALL account. If you do not have an account, you can create one at www.mysonicwall.com.
- Page 12 • Service Bundles: appliance. These licenses are enabled on MySonicWALL • Client/Server Anti-Virus Suite when the SonicWALL appliance is delivered to you. • Comprehensive Gateway Security Suite If you purchased a service subscription or upgrade from a • Gateway Services: sales representative separately, you will have an •...
- Page 13 You should see the HA Primary unit listed in the Parent Product section, as To ensure that your network stays protected if your SonicWALL well as a Status value of 0 in the Associated Products / appliance has an unexpected failure, you can purchase a Child Product Type section.
- Page 14 To return to the Service Management - Associated Products page, click the serial number link for this appliance. Registration Next Steps Your SonicWALL NSA 2400 HA Pair is now registered and licensed on MySonicWALL. To complete the registration process in SonicOS and for more information, see: •...
-
Page 15: Deployment Scenarios
Configuring L2 Bridge Mode - page 31 Tip: Before completing this section, fill out the information in Obtain Configuration Information - page 5. You will need to enter this information during the Setup Wizard. SonicWALL NSA 2400 Getting Started Guide Page 14... - Page 16 Current Gateway Configuration New Gateway Configuration Use Scenario No gateway appliance Single SonicWALL NSA as a primary gateway. A - NAT/Route Mode Gateway Pair of SonicWALL NSA appliances for high B - NAT with State Sync Pair availability.
- Page 17 SonicWALL NSA 2400 is replacing the existing network Internet gateway. SonicWALL NSA In this scenario, the SonicWALL NSA 2400 is configured in Network Security Appliance 2400 NAT/Route mode to operate as a single network gateway. Two Internet sources may be routed through the SonicWALL appliance for load balancing and failover purposes.
- Page 18 For network installations with two SonicWALL NSA 2400 appliances configured as a stateful synchronized pair for redundant high-availability networking. SonicWALL NSA 1 In this scenario, one SonicWALL NSA 2400 operates as the primary gateway device and the other SonicWALL NSA 2400 is Network Security Appliance 2400...
- Page 19 Scenario C: L2 Bridge Mode For network installations where the SonicWALL NSA 2400 is running in tandem with an existing network gateway. In this scenario, the original gateway is maintained. The Network Gateway SonicWALL NSA 2400 is integrated seamlessly into the existing...
-
Page 20: Initial Setup
Initial Setup Accepted Browser Version This section provides initial configuration instructions for Browser Number connecting your SonicWALL NSA 2400. Follow these steps if Internet Explorer 6.0 or higher you are setting up scenario A, B, or C. Firefox 2.0 or higher... - Page 21 Connecting the LAN Port The Power LED on the front panel lights up blue when you plug in the SonicWALL NSA. The Alarm LED may light up and the Connect one end of the provided Ethernet cable to the Test LED will light up and may blink while the appliance computer you are using to manage the performs a series of diagnostic tests.
- Page 22 Depending on the changes made during your setup up blocker's allow list. configuration, the SonicWALL may restart. Using the Setup Wizard If you cannot connect to the SonicWALL NSA appliance or the Setup Wizard does not display, verify the following configurations: •...
- Page 23 WLAN Zone network settings from the DHCP server in the SonicWALL security appliance. The SonicWALL NSA 2400 ships with the internal DHCP server • Restart your Internet Router to communicate with active on the LAN port. However, if a DHCP server is already the DHCP Client in the SonicWALL security appliance.
- Page 24 - page 24 MySonicWALL. It is available on <http://www.sonicwall.com> • Upgrading the Firmware with Current Settings - page 24 the top of the Service Management page for your SonicWALL • Upgrading the Firmware with Factory Defaults - page 25 NSA appliance. •...
- Page 25 On the System > Settings page, click Create Backup. row for Uploaded Firmware. Your configuration preferences are saved. The System In the confirmation dialog box, click OK. The SonicWALL Backup entry is displayed in the Firmware Management restarts and then displays the login page.
- Page 26 Perform the following steps to upload new firmware to your Connect your computer to the X0 port on the SonicWALL SonicWALL appliance and start it up using the default appliance and configure your IP address with an address configuration: on the 192.168.168.0/24 subnet, such as 192.168.168.20.
- Page 27 Before you begin the configuration of HA on the Primary SonicWALL security appliance, perform the following setup: On the back panel of the Backup SonicWALL security appliance, locate the serial number and write the number down. You need to enter this number in the High Availability >...
- Page 28 Backup SonicWALL appliance. interfaces are properly configured for failover. You can find the serial number on the back of the SonicWALL Connect the X5 ports on the Primary SonicWALL and security appliance, or in the System > Status screen of the Backup SonicWALL appliances with a CAT6-rated backup unit.
- Page 29 RIP or OSPF. The default value is than this may cause unnecessary failovers, especially 45 seconds. In large or complex networks, a larger when the SonicWALL is under a heavy load. value may improve network stability during a failover. Typically, SonicWALL recommends leaving the Heartbeat...
- Page 30 From your management workstation, test connectivity through note that the management interface displays Logged Into: the Backup SonicWALL by accessing a site on the public Primary SonicWALL Status: (green ball) Active in the upper- Internet – note that the Backup SonicWALL, when active, right-hand corner.
- Page 31 During the firmware upload and reboot, you are notified via a message dialog box that the firmware is loaded on the Backup SonicWALL security appliance, and then the Primary SonicWALL security appliance. You initiate this process by clicking on the Synchronize Firmware button.
-
Page 32: Configuring L2 Bridge Mode
On the My Products page, under Registered Products, scroll down to find the appliance that you want to use as This section provides instructions to configure the SonicWALL the parent, or primary, unit. Click the product name or NSA appliance in tandem with an existing Internet gateway serial number. - Page 33 Connection Overview Configuring the Secondary Bridge Interface Connect the X1 port on your SonicWALL NSA 2400 to the LAN Complete the following steps to configure the SonicWALL port on your existing Internet gateway device. Then connect the appliance: X0 port on your SonicWALL to your LAN.
- Page 34 You may optionally enable the Block all non-IPv4 traffic setting to prevent the L2 bridge from passing non-IPv4 traffic. If You Are Following Proceed to Section: Scenario... C - L2 Bridge Mode Additional Deployment Configuration - page 35 SonicWALL NSA 2400 Getting Started Guide Page 33...
- Page 35 Page 34 Configuring L2 Bridge Mode...
-
Page 36: Additional Deployment Configuration
Enforcing Security Services on Network Zones • - page 45 Deploying SonicPoints for Wireless Access • - page 46 Troubleshooting Diagnostic Tools • - page 51 Deployment Configuration Reference Checklist • - page 53 SonicWALL NSA 2400 Getting Started Guide Page 35... - Page 37 By default, the SonicWALL security appliance’s stateful packet inspection allows all communication from the LAN to the Internet, and blocks all traffic from the Internet to the LAN. The following behaviors are defined by the “Default”...
- Page 38 Select a user or user group from the Users Allowed drop-down list. • Select a schedule from the Schedule drop-down list. The default schedule is Always on. • Enter any comments to help identify the access rule in the Comments field. SonicWALL NSA 2400 Getting Started Guide Page 37...
- Page 39 (minutes) field, set the length of UDP inactivity after which the access rule will time out. The default value You can create multiple NAT policies on a SonicWALL running is 30 minutes. SonicOS Enhanced for the same object – for instance, you can •...
- Page 40 • Default Address Objects – displays Address Objects objects in that they comprise multiple hosts, but rather than configured by default on the SonicWALL security being bound by specified upper and lower range delimiters, appliance. the boundaries are defined by a valid netmask.
- Page 41 IPs netmask in the Network and Netmask fields. are translated from the IP address of the SonicWALL security For MAC, enter the MAC address and netmask in the appliance WAN port to the IP address of the internal web Network and MAC Address field.
- Page 42 Policies for subnets behind the other interfaces of the Administrator’s Guide. SonicWALL security appliance can be created by emulating these steps. Create a new NAT policy in which you adjust the An example configuration illustrates the use of the fields in the source interface and specify the Original Source: the subnet Add NAT Policy procedure.
- Page 43 Enabling Anti-Spyware - page 44 MySonicWALL. It is available on <http://www.sonicwall.com> • Enabling Comprehensive Anti-Spam Service - page 44 the top of the Service Management page for your SonicWALL • Enabling Content Filtering Service - page 45 NSA appliance. To activate licenses in SonicOS: Navigate to the System >...
- Page 44 Selecting the Prevent All and Detect All check boxes for High Priority Attacks and Medium Priority Attacks protects your network against the most dangerous and disruptive attacks. Click the Accept button. Click the Accept button. SonicWALL NSA 2400 Getting Started Guide Page 43...
- Page 45 Select the Enable Anti-Spyware checkbox. Select the Prevent All and Detect All checkboxes for each Note: If the service is not registered yet, click the SonicWALL spyware danger level that you want to prevent. Comprehensive Anti-Spam Service Trial link or register Select the inbound Protocols you wish to inspect.
- Page 46 Administrator checkbox. apply the security services to the network zones. For example, Click Accept. you can configure SonicWALL Intrusion Prevention Service for incoming and outgoing traffic on the WLAN zone to add more Enabling and Adding to the CFS Exclusion List security for internal network traffic.
- Page 47 Updating SonicPoint Firmware Deploying SonicPoints for Wireless Access If your SonicWALL appliance has Internet connectivity, it will automatically download the correct version of the SonicPoint This section describes how to configure SonicPoints with the image from the SonicWALL server when you connect a SonicWALL NSA 2400.
- Page 48 Select the Country Code for where the SonicPoints enforced before the Allow List. are operating. In the 802.11g Radio tab: • Select Enable Radio. • Select a schedule for the radio to be enabled from the drop-down list. SonicWALL NSA 2400 Getting Started Guide Page 47...
- Page 49 Virus, IPS, and Anti-Spyware. If your wireless clients are In the 802.11a Radio and 802.11a Adv tabs, configure the all running SonicWALL Client Anti-Virus, select Enable settings for the operation of the 802.11a radio bands. The Client AV Enforcement Service.
- Page 50 In the SSL VPN Server list, select an address object • Under SonicPoint Settings, select the SonicPoint to direct traffic to the SonicWALL SSL VPN appliance. Provisioning Profile you want to apply to all • In the SSL VPN Service list, select the service or SonicPoints connected to this zone.
- Page 51 If the SonicPoint locates a peer SonicOS device via the Enter the IP address and subnet mask of the Zone in the IP SonicWALL Discovery Protocol, the two units perform an Address and Subnet Mask fields. encrypted exchange and the profile assigned to the relevant...
- Page 52 System > Diagnostics page, and others are available on other screens. and returns it to the sender. This test shows if the SonicWALL security appliance is able to contact the remote host. If users on...
- Page 53 (plain text or CSV), filterable views of all connections tracking potential security threats. You can view the log in the to and through the SonicWALL security appliance. This tool is Log > View page, or it can be automatically sent to an email available on the Systems >...
- Page 54 Setting logging levels Configuring Log Categories (“Logging Level” section) Configuring threat prevention on all used zones Configuring Zones (“Enabling SonicWALL Security Services on Zones“ section) Configuring Web filtering protection Configuring SonicWALL Content Filtering Service Changing administrator login Configuring Administration Settings ("Administrator Name &...
- Page 55 Page 54 Deployment Configuration Reference Checklist...
-
Page 56: Table Of Contents
Support and Training Options In this Section: This section provides overviews of customer support and training options for the SonicWALL NSA 2400. • Customer Support - page 56 • Knowledge Base - page 56 • SonicWALL Live Product Demos - page 57 •... -
Page 57: Knowledge Base
Knowledge Base Customer Support The Knowledge Base allows users to search for SonicWALL For answers to all your support questions visit the SonicWALL documents based on the following types of search tools: support Web site at <http://www.sonicwall.com/us/ Support.html> where you will find featured support topics, •... -
Page 58: Sonicwall Live Product Demos
SonicWALL Live Product Demos Get the most out of your appliance with the complete line of SonicWALL products. The SonicWALL Live Demo Site provides free test drives of SonicWALL security products and services through interactive live product installations: • Unified Threat Management Platform •... -
Page 59: User Forums
User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters. In this forum, the following categories are available for users: • Content Security Manager topics •... - Page 60 Training SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications. SonicWALL Training provides the following resources for its customers: •...
-
Page 61: Related Documentation
• Radio Frequency Monitoring • Single Sign-On • SSL Control • Virtual Access Points • SonicWALL GMS Administrator’s Guide • SonicWALL GVC Administrator’s Guide • SonicWALL ViewPoint Administrator’s Guide • SonicWALL GAV Administrator’s Guide • SonicWALL IPS Administrator’s Guide •... -
Page 62: Sonicwall Secure Wireless Network Integrated Solutions Guide
“secure” wireless network? Check out the SonicWALL Secure Wireless Network Integrated Solutions Guide. This book is the official guide to SonicWALL’s market- leading wireless networking and security devices. This title is available in hardcopy at fine book retailers everywhere, or by ordering directly from Elsevier Publishing at: <http://www.elsevier.com>... - Page 63 Page 62 SonicWALL Secure Wireless Network Integrated Solutions Guide...
-
Page 64: Product Safety And Regulatory Information
Product Safety and Regulatory Information In this Section: This section provides regulatory, trademark, and copyright information. Safety and Regulatory Information • - page 64 Copyright Notice • - page 67 Trademarks • - page 67 SonicWALL NSA 2400 Getting Started Guide Page 63... - Page 65 Mount in a location away from direct sunlight and sources of The Lithium Battery used in the SonicWALL Internet security appliance may not be replaced by the user. The SonicWALL must be returned to a heat. A maximum ambient temperature of 104º F (40º C) is SonicWALL authorized service center for replacement with the same or recommended.
- Page 66 Geräten in Innenräumen. Schließen Sie an die Anschlüsse der • Stellen Sie sicher, dass das Gerät vor Wasser und hoher Luft- SonicWALL keine Kabel an, die aus dem Gebäude in dem sich das feuchtigkeit geschützt ist. Gerät befindet ,herausgeführt werden.
- Page 67 EN 61000-3-2 (2006) Caution: Modifying this equipment or using this equipment for purposes not shown EN 61000-3-3 (2008) in this manual without the written consent of SonicWALL, Inc. could void the user’s authority to operate this equipment. EN 60950-1 (2006) +A11...
- Page 68 Specifications and descriptions are subject to change without notice. Trademarks SonicWALL is a registered trademark of SonicWALL, Inc. Microsoft Windows 98, Windows Vista, Windows 2000, Windows XP, Windows Server 2003, Internet Explorer, and Active Directory are trademarks or registered trademarks of Microsoft Corporation.
- Page 69 Notes Page 68 Notes...
- Page 70 S on i c W A L L , I n c . 2001 Logic Drive T + 1 4 0 8 . 7 4 5 . 96 0 0 ww w . s o n i c w a l l . c o m San Jose, CA 95124-3452 F + 1 4 0 8 .
Need help?
Do you have a question about the NSA 2400 and is the answer not in the manual?
Questions and answers