This article is also available as a TechRepublic download. A supporting photo gallery is also available.

SonicWALL firewalls are a staple of the small and medium business
market. Everyone from small nonprofit organizations to medium-size and
enterprise class businesses depend upon SonicWALL
devices to secure their network communications.

SonicWALL’s proprietary SonicOS operating
system powers its firewall devices. Most every SonicWALL
device is now powered by the SonicOS Enhanced
operating system. The main difference between the two operating systems is the
Enhanced version enables the system’s firmware to provide ISP failover
services, zone management and WAN load balancing.

The setup wizard

SonicWALL
includes numerous wizards with its firewall devices. Available menus differ by model (for
example, the WEP/WAP Encryption settings menu is available only on those models
possessing wireless features).

The
Setup Wizard is a time-saving tool that simplifies new router deployment. Or,
if a network is being redesigned, a SonicWALL device
can be reset to factory defaults and the Setup Wizard can be used to roll the
device out anew.


Click this tag search to find other How do I… articles and downloads.


To use
the Setup Wizard, log in to a SonicWALL firewall and
click the Wizards button. The Wizards (Figure
A
) button can be found on the main System | Status page.

Figure A

The SonicWALL System Status page provides a
wealth of information regarding a firewall’s configuration.

Here’s
a walkthrough of the process using a SonicWALL PRO
1260.

After
clicking the Wizards button, the SonicWALL
Configuration Wizard presents four options (Figure B).

Figure B

The SonicWALL Configuration Wizard presents four
options. Administrators can either choose to select the Setup Wizard (used to
configure the SonicWALL device to secure network
connections), the PortShield Interface Wizard (for
segmenting networks), the Public Server Wizard (used to provide internal server
access to the public) or the VPN Wizard (for configuring access to a virtual
private network).

Specify
whether you wish to select the Setup Wizard, PortShield
Interface Wizard, Public Server Wizard or VPN Wizard. For this example, we’ll
choose Setup Wizard and click Next. The Setup Wizard appears.

  1. Step 1: The Change Password screen
    appears. Enter the default or old password, then enter a new password and
    confirm the new entry. When finished, click Next.
  2. Step 2: The Change Time Zone menu
    appears. Specify the applicable time zone, and check the
    box if you want the firewall to automatically adjust for daylight
    saving time, and click Next.
  3. Step 3: The WAN Network Mode screen
    appears. Select the radio button indicating the method used to connect to
    your ISP (Static IP, DHCP, PPPoE or PPTP). Then,
    click Next. For this example we’ll select Static
    IP. (Figure C)

Figure C

The WAN Network Mode menu enables specifying the most appropriate ISP
connection method.

  1. Step 4: The WAN Network Mode: NAT
    Enabled menu appears. Enter the SonicWALL WAN IP
    Address, WAN Subnet Mask, Gateway (Router) Address, DNS Server Address and
    a secondary DNS address, and click Next. (Figure D)

Figure D

Specify WAN settings using the WAN Network Mode screen.

  1. Step 5: The LAN Settings menu appears.
    Supply an IP address for the SonicWALL’s LAN. Be
    sure to provide a subnet mask, and then click Next.
    (Figure E)

Figure E

Specify LAN settings using the SonicWALL’s LAN
Network Settings screen.

  1. Step 6: The LAN DHCP Settings screen
    appears. Check the Enable DHCP Server On LAN box
    if you wish for the SonicWALL device to provide
    DHCP services. If you check the box, you’ll also have to enter the valid
    LAN address range. When done, click Next. (Figure F)

Figure F

Specify DHCP settings using the DHCP Server menu.

  1. Step 7: The SonicWALL
    Configuration Summary (Figure G).
    Review the information the wizard provides, and if all settings are
    correct, click Apply. If the configuration requires adjustment, click the
    Back button.

Figure G

Review the Confirmation Summary carefully before proceeding; clicking Apply
triggers the settings reviewed on this menu.

A
screen will appear indicating that the SonicWALL
configuration is being saved, and you’ll be asked to wait. When the
configuration is completed, you’ll see a Congratulations message stating the
changes have been made and the Setup Wizard has completed.

SonicWALL Log In

Once
the Setup Wizard is complete, log in to the firewall by entering the IP address
you assigned to the SonicWALL device in Step 5 (on the LAN Settings menu).
You’ll be greeted with a standard name and password dialog box. Enter the name
and password you supplied for the firewall and click the Login button.

By
default, the SonicWALL device displays the System |
Status menu. To configure additional firewall settings, click the Firewall
button from the menu appearing on the SonicWALL
interface screen’s left edge.

The
Firewall | Access Rules | All menu appears. The SonicWALL
application displays important information about the firewall’s configuration
within this screen. In addition to revealing zone and priority information, the
Access Rules menu displays source and destination data, service type, action
status, and user information (Figure H).

Figure H

Administrators can review SonicWALL’s Access
Rules using three different views; here the All Rules view is displayed.

Traffic
statistics for each access rule can be obtained simply by mousing-over
the graph icon that appears toward the end of each access rule line. Access
rule configurations can be tweaked by clicking the pencil and paper icon, or an
access rule can be deleted by clicking its trash can icon.

Creating access rules

To
create an access rule:

  1. Log on to the SonicWALL
    firewall.
  2. Click the Firewall button.
  3. Click the Matrix or Drop-down Boxes View Style radio
    button. (See Figure I)
  4. Click the appropriate From And To
    Zone (such as WAN to LAN).
  5. Click the Add button that appears at the bottom of the
    menu.

Figure I

When creating an access rule, you must specify the appropriate criteria. SonicWALL’s firmware provides pre-populated drop-down boxes
for configuring most settings.

  1. Using the General tab, specify the action to be taken
    to traffic matching the access rule’s settings; Allow, Deny and Discard
    are the three options.
  2. Select the appropriate service from the Service
    drop-down box. Do the same for the Source, Destination, Users Allowed and
    Schedule drop-down boxes.
  3. Enter a comment that describes the access rule or its
    purpose.
  4. Uncheck the Enable Logging checkbox if you don’t wish
    to log events related to the new access rule.
  5. Configure any advanced options (such as a timeout for
    TCP connection inactivity or the number of connections permitted) using
    the Advanced tab.
  6. Click OK.

Editing access rules

To
edit an access rule:

  1. Log on to the SonicWALL
    firewall.
  2. Click the Firewall button.
  3. Select Access Rules.
  4. Click the pencil and paper icon for the access rule you
    wish to edit.
  5. Use the resulting drop-down boxes to adjust the access
    rule as required (Figure J).
    Alternatively, you can click an access rule’s corresponding trash can icon
    to delete it.

Figure J

SonicWALL’s drop-down boxes make quick work when
editing access rules.

  1. Click OK to apply the edits (if you delete an access
    rule, the deletion occurs upon confirming the action). The SonicWALL firmware will write the changes and update
    the firewall’s configuration.

Editing service groups

SonicWALL devices, by default, include service objects and groups
designed to simplify firewall administration. Using SonicWALL
firewalls, service groups and objects are used to make common applications and
services (such as PC Anywhere, ShoreTel, VNC and
Yahoo Messenger) available to network users.

To
review a firewall’s services settings:

  1. Log on to the SonicWALL
    firewall.
  2. Click the Firewall button.
  3. Select Services.

Numerous
service groups are provided by default (Figure
K
). To add additional groups or objects:

  1. Log on to the SonicWALL
    firewall.
  2. Click the Firewall button.
  3. Select Services.
  4. Click the Custom Services radio button.
  5. Click Add Group to create a new Service Group or Add to
    create a new service (Figure L).

Figure K

SonicWALL’s firmware provides numerous
pre-populated service groups to simplify firewall configuration.

Figure L

Administrators needing to create their own firewall services can do so by
specifying the appropriate criteria.

  1. If you click Add Group, numerous options are
    pre-populated in the left pane. You can choose to select one of those or
    enter your own name and click OK; to configure its settings, click its
    subsequent pencil and paper icon. To create a new service, click the Add
    button, provide a name, specify the appropriate protocol, enter the port
    range or sub type if required and click OK.