Remote Start-up & Configuration Service

TZ Series Remote Start-Up & Configuration Information Form

search
Site Map »
 
Please provide accurate information on the following items to the best of your knowledge. Leave blank the items with which you are not familiar or don't know the answer.

Contact Information

System Requirements

Configuration Information

Environmental Information

In order to ensure a successful configuration, we need to know about the types of network traffic the firewall will manage.

Network Information

Administration Information

Primary Internet Service Provider (ISP) Information

If you connect via cable modem or DSL with a router, you likely use DHCP. No Internet connection information is usually required, although some service providers require a host name.

If you connect via a home DSL, you likely use PPPoE.

If you connect via T1/E1, static broadband, cable or DSL with a static IP.

If you connect via a dial-up connection, you likely use PPTP.

Secondary ISP Information (Optional)

WAN Failover

SonicWALL will review best practice for this setup, specifically:

  1. Failback Considerations
  2. Probing Methods (e.g. how the firewall determines a WAN connection is down)

Routing

List any additional static routes besides the default route.

Example

  • Subnet 1: 192.168.2.0
  • Mask 1: 255.255.255.0
  • Gateway 1: 192.168.1.14
  • Subnet 2: 192.168.2.0
  • Mask 2: 255.255.255.0
  • Gateway 2: 192.168.1.14

Address Objects

Provide information below for each object. You may create up to 20 objects.

  • Name: Choose a user-friendly name for the address object
  • Zone: Typically these will be either WAN, LAN or DMZ. If you're unsure, simply leave blank.
  • Type: Select one of the following:
    • Host - A node on the network. A host IP address will be required
    • Range - A range of IP addresses, example 192.168.0.1-192.168.0.254
    • Network - An IP subnet, requires network and subnet mask
    • MAC - The MAC address or hardware address of a network node. The format will be hexadecimal (example: 00-C0-4F-10-7E-76)
    • FQDN - Fully Qualified Domain Name (example: hostname.sonicwall.com)

Example for type: Host

  • Name: CEO Laptop
  • Zone: LAN
  • Type: Host
  • Field 1: 192.168.1.66
  • Field 2: Leave blank (not applicable for a host object)

Example for type: Range

  • Name: Finance Group
  • Zone: LAN
  • Type: Range
  • Field 1: (Begin range IP) 192.168.1.200
  • Field 2: (End range IP) 192.168.1.230
Address Object 1

Service Objects

Provide information below for each object. You may create up to 20 objects.

  • Example 1:
    • Service Name: Xbox1
    • IP Type: UDP
    • Port Range Begin: 3074
    • Port Range End: (Not applicable, this field would be used if there was a port range instead of a single port defined)
  • Example 2:
    • Service Name: Xbox2
    • IP Type: TCP
    • Port Range Begin: 3074
    • Port Range End: N/A
Service Object 1

Service Groups

Provide information below for each service group. You may create up to 5 groups.

  • Example for a service group named Xbox requiring 6 services:
    • Service Group Name: XBOX
    • Service 1: Xbox 1
    • Service 2: Xbox 2
    • Service 3: Xbox 3
    • Service 4: Xbox 4
    • Service 5: Xbox 5
    • Service 6: Xbox 6
Service Group 1

Network Address Translation (NAT) Policies

Provide information below for each service group. You may create up to 10 policies.

  • Example for creating a NAT policy allowing access to a Web server located on the LAN:
    • Original Source: Any
    • Translated Source: Any
    • Original Destination: WAN Primary IP
    • Translated Destination: Web Server LAN IP
    • Original Service: Original
    • Translated Service: Original
    • Inbound Interface: X1
    • Outbound Interface: Any
    • Comment (not required): Web Server Public Access
NAT Policy 1

Firewall Access Rules/Policies

Provide information below for each access rule/policy. You may create up to 10 rules/policies.

  • From Zone: (If using SonicOS Enhanced, or interface if using SonicOS Standard)
  • To Zone: (If using SonicOS Enhanced, or interface if using SonicOS Standard)
  • Service: Can be a single service or a group of services
  • Action: Deny, allow or discard (discard = ignore all requests with no response)
  • Source: Can be an object or group of objects
  • Destination: Can be an object or group of objects
  • Users: If applicable
  • Schedule: If applicable. Policy can be activated on a scheduled time basis
Example

Creating an access rule to your public web server on the LAN:

  • From Zone: WAN
  • To Zone: LAN
  • Service: Web
  • Action: Allow
  • Source: Any
  • Destination: WAN Primary IP
  • Users: NA
  • Schedule: NA
Access Rule/Policy 1

Wireless Security

Virtual Private Networking (VPN)

Provide information below for each site-to-site or client-to-site VPN. You may create up to six VPNs.

Group VPN Policy
VPN Policies

Example for a site-to-site VPN with a dynamically addressed peer

Example Policy 1

  • Policy Name: Site 1
  • Peer IP or FQDN: Blank (for dynamic peer)
  • Shared Secret: $0N1cW4LL
  • Local Network: 192.168.1.0/255.255.255.0
  • Remote Network: 192.168.2.0/255.255.255.0
VPN Policy 1

SSL VPN (SonicWALL NetExtender) - Available on TZ 100, 200, and 210

What are the main resources a remote NetExtender client needs to reach?

Example:

  • Name: Desktop
  • IP Address: 10.77.7.99
  • Location: XO LAN
NetExtender Client 1
What IP address range and location/zone do you want to use for the SSL VPN Client Address Range?

Note: the IP address range and locations cannot overlap with manually configured servers or DHCP scopes on any device.

Example:

  • IP Range: 192.168.77.211 217
  • Location: X3 DMZ)

Security Services (Optional)

If you purchased a SonicWALL security service such as Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service or Comprehensive Gateway Security Suite, please provide the product key(s) you have for the security services you want activated (you may have one key that is a comprehensive key which covers all these services).

Based on the services purchased, SonicWALL will review and set up the appropriate service.

Security Service 1

Enabling Connection Management Features

If you purchased SonicWALL Content Filtering Service (Standard or Premium Edition) and would like SonicWALL to activate the service, please provide the key.

SonicWALL Content Filtering Service allows you to choose ratings categories of Web content to block. By default, SonicWALL will select all categories when activating the service. If you want only select categories to be blocked, please provide a list of the required categories based on the level of service (Standard or Premium) you purchased. You can find information on ratings categories at http://www.sonicwall.com/us/products/5255.html.

List of Ratings Categories to Block (if not All).

NOTE: SonicWALL and its authorized partners will not share, sell, rent or trade your personal information.

© 2013 SonicWALL, Inc.|Terms & Conditions|Privacy Policy|Contact Us|What's New?RSS|Site Feedback
© 2013 SonicWALL, Inc.  |  sonicwall.com