SonicWALL SMA 6200 Quick start guide

Brand: SonicWALL

Model: SMA 6200

Type: Quick start guide

This manual is also suitable for

SMA 7200

SonicWall™SecureMobileAccess6200/7200

GettingStartedGuide

RegulatoryModelNumbers:

1RK31‐0B0–SMA6200

1RK30‐0AF–SMA7200

SonicWallisatrademarkorregisteredtrademarkofSoni cWallInc.and/oritsaffiliatesintheU.S.A.and/orothercountries.Allothertrademarksandregistered

trademarksarepropertyoftheirrespectiveowners

TheinformationinthisdocumentisprovidedinconnectionwithSonicWallInc.and/oritsaffiliates’products .Nolicense,expressor

implied,byesto ppelor

otherwise,toanyintellectualpropertyrightisgrantedbythisdocumentorinconnectionwiththesaleofSonicWallproducts.EXCEPTASSETFORTHINTHETERMS

ANDCONDITIONSASSPECIFIEDINTHELICENSEAGREEMENTFORTHISPRO DUCT,SONICWALLAND/ORITSAFFILIATESASSUMENOLIABILITYWHATSOEVERAND



DISCL AIMSANYEXPRESS,IMPLIEDORSTATUTORYWARRANTYREL ATINGTOITSPRODUCTSINCLUDIN G,BUTNOTLIMITEDTO,THEIMPLIEDWARRANT YOF

MERCHANTABILIT Y,FITNESSFORAPART ICU L AR PU RPOSE,ORNON‐INFRINGEMENT.INNOEVENTSHALLSONICWALLAND/ORITSAFFILIATESBELIABLEFORANY

DIRECT,INDIRECT,CONSEQUENTIAL,PUNITIVE,232‐003431‐52RevAf

thisdocumentandreservestherighttomakechangestospecificationsandproduct

descriptionsatanytimewithoutnotice.SonicWallInc.and/oritsaffiliatesdonotmakeanycommitmenttoupdatetheinformationcontainedinthisdocument.

Formoreinformation,visithttps://www.sonicwall.com/legal/.

SMA6200/7200GettingStartedGuide

Updated‐June2017

232‐003431‐

52RevA

Legend

WARNING:AWARNINGiconindicatesapotentialforpropertydamage,personalinjury,ordeath.

CAUTION:ACAUTIONiconindicatespotentialdamagetohardwareorlossofdataifinstructionsarenotfollowed.

IMPORTANT,NOTE,TIP,MOBILE,orVIDEO:Aninformationiconindicatessupportinginformation.

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

InthisGuide

ThisGettingStartedGuideprovidesinstructionsforbasicinstallationandconfigurationoftheSonicWall™SecureMobileAccess

6200/7200appliances.

ForQuickPolicySetupCharts,refertoQuickPolicySetuponpage57.

Contents

Chapter1Sectionsincluded:

InthisGuideonpage3Contentsonpage3

Chapter2Sectionsincluded:

IntroductiontotheSMA6200/7200onpage7SMA6200/7200PackageContentsonpage8

SMA6200/7200FrontPanelsonpage10

SMA6200/7200BackPanelsonpage11

SonicWallSecur eMobileAccess6200/7200GettingStartedGuide

Chapter3Sectionsincluded:

PreparingtoDeploytheSMA6200/7200onpage13 NetworkArchitectureonpage14

PreparingfortheInstallationonpage16

AboutInstallationandDeploymentonpage19

Chapter4Sectionsincluded:

InstallationandConfigurationonpage21 ConnectingtheApplianceonpage22

StartingtheApplianceonpage22

EnteringNetworkSettingsUsing

theLCDonpage23

RunningtheSetupWizardonpage23

ConnectingtoAMConpage25

ConfiguringBasicWorkPlacePortalAccessonpage26

Chapter5Sectionsincluded:

RegisteringandObtainingaLicenseonpage31 UsingMySonicWallonpage32

CreatingaMySonicWallaccountonpage32

RegisteringyourApplianceonpage33

Downloading

yourLicenseFileonpage33

ImportingyourLicensesonpage34

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

Forgeneralsupportinformation,seeSonicWallSupportonpage55.

Chapter6Sectionsincluded:

RackMountingtheApplianceonpage37 AttachingInnerRailstotheApplianceonpage40

InstallingtheOuterRailsonpage40

InstallingtheApplianceintheRackonpage42

RemovingtheAppli ancefromtheRackonpage42

Chapter7Sectionsincluded:

SafetyandRegulatoryInformationonpage45 SafetyInstructionsonpage46

Sicherheitsanweisungenonpage48

安全說明onpage51

DeclarationofConformityonpage53

WarrantyInformationonpage53

台灣 RoHS/ 限用物質含有情況標示資訊onpage54

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

IntroductiontotheSMA6200/7200

Thissectiondescri bestheitemsshippedwiththeSonicWallSecureMobileAccess6200/7200appliancesandprovidesfrontand

rearillustrationsoftheappliances.

• SMA6200/7200PackageContentsonpage8

• SMA6200/7200FrontPanelsonpage10

• SMA6200/7200BackPanelsonpage11

SonicWallSecur eMobileAccess6200/7200GettingStartedGuide

SMA6200/7200PackageContents

Beforeyoubeginthesetupprocess,verifythatyourpackagecontainsthefollowingitems:

1OneSMA6200orSMA7200appliance

2Onerackmountingkit

3OneRJ45toDB9consolecable

4OneEthernetcable

5OnepowercordforSMA6200ortwopowercordsforSMA7200*

6OneSonicWallSecureMobileAccess6200/7200Getting

StartedGuide

*Theincludedpowercord(s)areapprovedforuseonlyinspecificcountriesorregions.Beforeusingapowercord,verifythatitis

ratedandapprovedforuseinyourlocation.ThepowercordsareforACmainsinstallationonly.SeeSafetyandRegulatory

Informationonpage45for

minimumpowercordratingandadditionalsafetyinformation.

添付の電源コードに関して

電気安全を確保するために、弊社製品にご使用いただく電源コードは必ず製品同梱の電源コードをご使用ください。

この電源コードは他の製品では使用できません。

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

Packagecontents

Ifanyitemsaremissingfromyourpackage,contactSupportathttps://support.sonicwall.com.

SonicWall™ Secure Mobile Access 6200/7200

Geƫng Started Guide

Regulatory Model Numbers:

1RK31-0B0 – SMA 6200

1RK30-0AF – SMA 7200

SonicWallSecur eMobileAccess6200/7200GettingStartedGuide

SMA6200/7200FrontPanels

LCD controls

Console port

DisplayPort

USB ports

LED Indicators

(top to bottom)

Hard disk drive activity

Alarm condition

Test - Quick blinking: Initializing;

Solid: Test mode

Power 1/2 - Blue: operating correctly;

Yellow: Unconnected power supply or failure

X1 / X0

X3 / X2

X5 / X4

SFP+ ports

(10 Gb)

Diagnostics port

(for future use)

(Disabled)

(1 Gb)

Digital audio/video

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

SMA6200/7200BackPanels

SMA6200:

Hard drives (2) Power supply

Fans (3)

SonicWallSecur eMobileAccess6200/7200GettingStartedGuide

SMA7200:

Hard drives (2) Power supplies (2)

Fans (3)

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

PreparingtoDeploytheSMA6200/7200

Thissectionprovidesanoverviewofsingle‐homedanddual‐homednetworkarchitectureanddiscussesfirewallsettingsandother

informationyouneedaboutcomponentsofyournetworktosuccessfullydeploytheSMA6200/7200.

• NetworkArchitectureonpage14

• PreparingfortheInstallationonpage16

• AboutInstallationandDeploymentonpage

19

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

NetworkArchitecture

AllSMA6200/7200appliancescanbesetupineitheradual

interfaceorsingleinterfaceconfiguration,alsoknownasdual‐

homedandsingle‐homed.

Ineitherconfiguration,appliancemanagementwithAMCis

accomplishedbyaccessingtheinternal(X0)interface.

Thisguidestepsyouthroughabasicsingle‐homedinterface

configuration.For

thehighestlevelofsecurityand

performance,SonicWallrecommendsadual‐homed

configuration.Ref ertotheDeploymentPlanningGuideand

SMAAdministrationGuide forfurtherinformation.

Dual‐HomedConfiguration(Internal

andExternalInterfaces)

Onenetworkinterfaceisusedforexternaltraffic(thatis,to

andfromtheInternet),andtheotherinterfaceisusedfor

internaltraffic(toandfromyourcorporatenetwork).

Single‐HomedInterfaceConfiguration

(InternalInterface)

Asinglenetworkinterfaceisusedforbothinternaland

externaltraffic.Inthisconfiguration,theapplianceisusually

installedinthedemilitarizedzone(orDMZ,alsoknownasa

perimeternetwork).

SMA appliance

Firewall

Corporate network

Internet

File

Server

Application

Server

Web

Server

Firewall

DMZ

Internal interface

SMA appliance

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

Inbothconfigurations,incomingrequeststotheSMA6200/

7200services—includingHTTP/StrafficfortheWebproxy

service—aresentoverport80(HTTP)andport443(HTTPS).

TrafficfromtheOnDemandagentisalwayssentoverport443.

Becausemostnetworksareconfiguredtoenabletrafficover

theseports,youshould

notneedtoreconfigurefirewallson

yournetwork.

Youshouldinstalltheapplianceinalocationwhereitcan

connecttoresourcesonyournetwork,including:

• Applicationserversandfileservers,includingWeb

servers,client/serverapplications,andWindowsfile

servers.

• Externalauthenticationrepositories(suchasanLDAP,

MicrosoftActiveDirectory,or

RADIUSserver).

• OneormoreDomainNameSystem(DNS)servers.

• Optionally,aWindowsInternetNameService(WINS)

server.ThisisrequiredforbrowsingWindowsnetworks

usingWorkPlace.

Althoughnotrequired,enablingtheappliancetocommunicate

withtheseadditionalresourcesprovidesgrea terfunctionality

andeaseofuse:

• NetworkTimeProtocol(NTP)

serverforsynchronizing

thetimeontheappliance.

• Externalserverforstoringsyslogoutput.

• Administrator’sworkstationforsecureshell(SSH)

access.

Youcanconfiguretheappliancetouseaself‐signedserver

certificate,or,forenhancedsecurity,youcanobtaina

certificatefromacommercialcertificateauthority(CA).For

moreinformation,

refertotheSMAAdministrationGuide.

CAUTION:TheSMA6200/7200appliancedoesnot

providefullfirewallcapabilitiesandshouldbesecured

behindafirewall.Runningwithoutafirewallmakesthe

appliancevulnerabletoattacksthatcancompromise

securityanddegradeperformance.

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

PreparingfortheInstallation

Beforebeginningtheinstallation,youneedtogather

informationaboutyournetworkingenvironmentandverify

thatyourfirewallsareproperlyconfiguredtopermittrafficto

andfromtheapplianceasexplainedinthefollowingsections:

• GatheringInformationonpage16

• VerifyingyourFirewallPoliciesonpage17

GatheringInformation

Beforeconfiguringtheappliance,youneedtogatherthe

followinginform ation.Youarepromptedforsomeofthis

informationwhenrunningtheSetupWizard,butmostofitwill

beusedwhenyouconfiguretheapplianceintheAppliance

ManagementConsole(AMC).RefertotheSMAAdministration

Guide.

Settingsrequired

tostartApplianceManagementConsole

• Therootpasswordforadministeringtheappliance

• Thenamefortheappliance(becausethisnameisused

onlyinlogfiles,youdonotneedtoaddittoDNS)

• TheinternalIPaddressand,optionally,anexternalIP

address

• Selectaroutingmodeandsupply

IPaddressesforthe

networkgatewaystotheInt ernet,andyourcorporate

network.

Certificateinformation

Severalpiecesofinformationareusedtogener atetheserver

andAMCcertificates:

• Afullyqualifieddomainname(FQDN)fortheappliance

andforanyWorkPlacesitesthatuseauniquename.

Thesenamesshouldbe

addedtoyourpublicDNS;they

arealsovisibletouserswhentheyconnecttoWeb‐

basedresources.

• AFQDNfortheApplianceManagementConsole(AMC)

server.TheAMCservernameisusedtoaccessAMC,

whichisaWeb‐basedtoolforadministeringthe

appliance.

Namelookupinformation

• InternalDNS

domainnameofthenetworktowhichthe

applianceisconnected

• PrimaryinternalDNSserveraddress(additionalDNS

serversareoptional)

• IPaddressforaninternalWINSserverandthenameof

yourWindowsdomain(requiredtobrowsefilesona

WindowsnetworkusingWorkPlace,butareotherwise

optional)

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

Authenticationinformation

Servernameandlogininformationforyourauthentication

servers(LDAP,ActiveDirectory,orRADIUS)

VirtualAddresspoolinformation

Ifyouareplanningtodeployeithernetworktunnelclient

(ConnectTunnelorOnDemandTunnel),youmustallocateIP

addressesforoneormoreaddresspools.Formore

information,refertothe

SMAAdministration Guide.

Optionalconfigurationinformation

• ToenableSSHaccessfromaremotemachine,youneed

toknowtheremotehost’s IPaddress.

• TosynchronizewithanNTPserver,youneedtoknow

theIPaddressesforoneormoreNTPservers.

• Tosenddatatoasyslogserver,

youneedtoknowtheIP

addressandportnumberforoneormoresyslog

servers.

VerifyingyourFirewallPolicies

Fortheappliancetofunctioncorrectly,youmustopenports

onyourexternal(Internet‐facing)andinternalfirewalls.

ExternalFirewall

Forsecureaccesstotheapp liancefromaWebbrowseror

OnDemand,youmustmakesurethatports80and443are

openonfirewallsatyoursite.Openingyourfirewalltopermit

SSHaccessisoptional,butcanbeusefulforperforming

administrativetasksfromaremotesystem.

ExternalFirewall

Traffic



Type

Port/

protocol

Usage Required?

ESP 4500/UDP ESPTunnel Yes

HTTP 80/tcp Unencryptednetwork

access

Yes

HTTPS 443/tcp Encryptednetworkaccess Yes

SSH 22/tcp Administrativeaccessto

theapplication

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

InternalFirewall

Ifyouhaveafirewallontheinternalnetwork,youmayneedto

adjustitspolicytoopenportsforback‐endapplicationswith

whichtheappliancemustcommunicate.Inadditionto

openingportsforstandardnetworkser vicessuchasDNSand

email,youmayneedtomodifyyourfirewallpolicy

beforethe

appliancecanaccessthefollowingservices.

InternalFirewall

TrafficType Port/protocol Usage

Microsoft

networking

138/tcpand

138/udp

137/tcpand

137/udp

139/udp

162/snmp

445/smb

UsedbyWorkPlaceto

performWINSname

resolution,browse

requests,andaccess

fileshares

LDAP

(unencrypted)

389/tcp Communicatewithan

LDAPdirectoryor

MicrosoftActive

Directory

LDAPoverSSL

(encrypted)

636/tcp Communicatewithan

LDAPdirectoryor

MicrosoftActive

DirectoryoverSSL

RADIUS 1645/udpor

1812/udp

Communicatewitha

RADIUSauthentication

server

NTP 123/udp Synchronizethe

applianceclockwithan

NTPserver

Syslog 514/tcp Sendsystemlog

informationtoasyslog

server

SNMP 161/udp Monitortheappliance

fromanSNMP

managementtool

InternalFirewall

TrafficType Port/protocol Usage

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

AboutInstallationand

Deployment

Thissectionoutlinestheprocessofinstalling,configuring,and

testingtheappliance,andthendeployingitinaproduction

environment.TheInstallationandDeploymentProcesstable

providesanoverviewofthesteps.

InstallationandDeploymentProcess

InstallationStep Description

Makeanoteofyour

applianceserial

numberand

authenticationcode.

You’llneedthisinformation

when you

MySonicWall.Theserialnumberand

authenticationcodeareprintedon

yourappliancelabel;theyarealso

displayedontheGeneralSettings

pageinAMC.

Rack‐mountthe

applianceand

connectthecables.

SeeRackMountingtheApplianceon

page37andConnectingthe

Appliance on

page22.

Turnontheappliance

andbegin

configuration.

Toconnect toyourapplianceonyour

internalnetworkyoumustspecifyan

internalIPaddressandthesubnet

mask.Usethecontrolsonthe frontof

theappliance.SeeEnteringNetwork

SettingsUsingtheLCDonpage23.

RunSetupWizard. Thewizardguides

youthroughthe

processofinitialsetupforyourSMA

appliance.SeeRunningtheSetup

Wizardonpage23.

applianceon

MySonicWall.

MySonicWall.Productregistration

givesyouaccesstoessential

resources,suchasyourlicensefile

andupdates.Toregister,youneed

boththeserial

numberforyour

applianceanditsauthentication

code.

InstallationandDeploymentProcess

InstallationStep Description

SonicWallSecureMobileAccess6200/7200GettingStartedGuide

Page is loading ...

SonicWALL SMA 6200 Quick start guide

Brand: SonicWALL

Model: SMA 6200

Type: Quick start guide

This manual is also suitable for

SMA 7200

Download PDF

report

SonicWALL SMA 6200 Quick start guide

This manual is also suitable for

SonicWALL SMA 6200 Quick start guide

Related papers

Other documents