SonicWALL SMA 1000 Series Quick start guide

SonicWALL
Brand
SonicWALL
Model
SMA 1000 Series
Type
Quick start guide
SMA and CMS on AWS
Getting Started Guide
SMA and CMS on AWS
Getting Started Guide
1
2
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Creating a MySonicWall Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Creating a Key Pair in AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Deploying SMA 8200v on AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Connecting to the Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Connecting to the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Configuring Settings on the Appliance Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Licensing and Registering Your Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Registering the SMA 8200v . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Using the 30-day Trial Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Registering the 30-day Trial Virtual Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Converting a Free Trial License to Full License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Exporting a Copy of Your Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Deploying SMA CMS on AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Connecting to the Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Connecting to the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Configuring Settings on the Appliance Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Licensing and Registering Your Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Registering the SMA CMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Using the 30-day Trial Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Registering the 30-day Trial Virtual Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Converting a Free Trial License to Full License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Exporting a Copy of Your Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Contents
SMA and CMS on AWS
Getting Started Guide
Part 1
3
Introduction
Overview
Before You Begin
Deploying SMA 8200v on AWS
Deploying SMA CMS on AWS
SMA and CMS on AWS
Getting Started Guide
1
4
Overview
This Getting Start Guide contains installation procedures and configuration guidelines for deploying the
SonicWall SMA 8200v(Virtual Appliance) and SMA CMS Amazon Machine Image (AMI) in your Amazon Web
Service (AWS) cloud network. The SMA 8200v and SMA CMS includes a software appliance, which has been
pre-installed and pre-configured for AWS environments, and allows for the secure and easy development of
Secure Mobile Access AMI solutions within a cloud environment.
SonicWall takes the challenge of rapid pace of cloud transformation and extends the security of the private
cloud to public clouds with SonicWall Secure Mobile Access 1000 (SMA8200v) series. The SMA 8200v gives you
economy-of-scale benefits of virtualization. This gives you all the security advantages of a physical SMA 1000
appliance with the operational and economic benefits of virtualization, including system scalability and agility,
speed of system provisioning, simple management and cost reduction.
SMA and CMS on AWS
Getting Started Guide
2
5
Before You Begin
Topics:
Creating a MySonicWall Account on page 5
Creating a MySonicWall Account
A MySonicWall account is required for product registration. If you already have an account, continue to the
section on Registering the SMA 8200v on page 15.
To create a MySonicWall account:
1 In your browser, navigate to http://www.MySonicWall.com.
2 In the login screen, click the blue Sign-Up link.
3 Complete the account information, including email and password.
4 Enable two-factor authentication if desired.
5 If you enabled two-factor authentication, select one of the following authentication methods:
Email (one-time passcode) where an email with a one-time passcode is sent each time you log
into your MySonicWall account.
NOTE: Your password should be at least eight characters, but no more than 30 characters.
SMA and CMS on AWS
Getting Started Guide
6
Microsoft/Google Authentication App where you use a Microsoft or Google authenticator
application to scan the code provided. If you are unable to scan the code, you can click on a link
for a secret code.
6 Click CONTINUE to go to the Company page.
7 Complete the company information and click CONTINUE.
8 On the Your Info page, select whether you want to receive security renewal emails.
9 Identify whether you are interested in beta testing new products.
10 Click CONTINUE to go to the Extras page.
11 Select whether you want to add additional contacts to be notified for contract renewals.
12 If you opted for additional contacts, input the information and click ADD CONTACT.
13 Click DONE.
14 Check your email for a verification code and enter it in the Verification Code* field. If you did not receive
a code, contact Customer Support by clicking the link.
15 Click DONE. You are returned to the login window so you can login into MySonicWall with your new
account.
Creating a Key Pair in AWS
First-time users might see a notification to “Please select a key pair” when preparing to launch SMA and CMS on
AWS in the Amazon EC2 console:
A key pair provides encrypted login information that allows you to securely access your SMA 8200v and CMS
instance. You need to create a key pair and store the file containing the private key in a safe place on your
management computer.
To create a key pair:
1 Locate the Key Pair item in the page and click on it.
NOTE: MySonicWall registration information is not sold or shared with any other company.
SMA and CMS on AWS
Getting Started Guide
7
2 Click the link in the instructions to go to the EC2 Console.
3 Click Create Key Pair.
4 Type in a descriptive name for the key pair and then click Create.
5 Click Download Key Pair to download the key pair and store it safely. The downloaded PEM file must be
used to connect over SSH. Save the .pem file to a safe location on your computer.
For more information about key pairs, see:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
SMA and CMS on AWS
Getting Started Guide
3
8
Deploying SMA 8200v on AWS
This section explains how to deploy the SonicWall SMA 8200v for AWS image in your AWS environment.
To install the SMA 8200v for AWS from the AWS console:
1 Get the SMA 8200v AMI image for AWS.
To get the SMA AMI, contact SonicWall Sales at https://www.sonicwall.com/customers/contact-sales
OR
SonicWall Support at https://www.sonicwall.com/support/contact-support
2 Log into the AWS management console at https://aws.amazon.com.
3 In the Choose an Amazon Machine Image (AMI) screen, click My AMIs in the left pane and select
Shared with me under Ownership.
4 Select SonicWall CMS 12.4-0-02223-ami-008b50807679826e0 build and click Next.
5 In the Step 2 screen, select the instance type you want and click Next: Configure Instance Details.
6 In the Step 3 screen, configure the instance settings.
7 In the Step 3 screen, select Advanced Details > User Data and fill the form user data like below YAML
input.
NOTE: Installation of SMA 8200v on AWS is applicable only in the SMA 12.4 firmware version.
SMA and CMS on AWS
Getting Started Guide
9
8 Click Next: Add Storage.
9 In the Step 4 screen, configure the hard disk size and click Next: Add Tags.
10 In the Step 5 screen, page, if tags are desired, click Add Tag and type in the key value pair(s) and then
click Next: Configure Security Group.
11 In the Step 6 screen, configure a Security Group for the SonicWall SMA 8200v. If a Security Group was
already created for SonicWall SMA 8200v before, you can assign it here. If not, create the rules as shown
in the screenshot below.
IMPORTANT: If the YAML input is invalid, the deployment leads to inconsistent state.
SMA and CMS on AWS
Getting Started Guide
10
12 Click Review and Launch.
13 Verify the instance details shown in the next screen and you can make changes to any of the preceding
configurations by clicking the Edit link next to each heading.
14 When ready, click Launch to assign a key pair to your instance.
15 Select an existing key pair.
OR
Create a new key pair. If you need to create a new key pair, see Creating a Key Pair in AWS on page 6.
After you create a new key pair, download the key pair file before continuing. Store the private key file in
a secure and accessible location.
IMPORTANT: You can limit the exposure of IPs of the ports 22 and 443 for security reasons.
IMPORTANT: You cannot download the key pair after the instance is launched.
SMA and CMS on AWS
Getting Started Guide
11
16 Click Launch Instances to launch SonicWall SMA 8200v.
After the SMA 8200v instance is launched, you can access the appliance from a browser. To know how to
access the SMA 8200v through a browser, see Connecting to the Web Interface.
You are now ready to begin using your SMA 8200v appliance. See:
Configuring Settings on the Appliance Web Interface on page 13
Using the 30-day Trial Version on page 16
To Start, Stop, Reboot, or Terminate the instance:
1 In the EC2 console, click Instances in the AWS left pane. All your Amazon machine instances are
displayed, along with their EC2 Instance IDs.
2 Right-click on the 8200v AMI instance. In the right-click menu, click on Instance State and select one of:
Start
•Stop
Stop - Hibernate
Reboot
Terminate
NOTE: The <EC2 Instance ID> is the default password for the administrator account.
SMA and CMS on AWS
Getting Started Guide
12
More information on how to start or stop an instance is available on AWS website:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html
Connecting to the Web Interface
The SMA 8200v always starts with the private IP address automatically assigned by EC2 using DHCP addressing.
EC2 also automatically assigns a public IP address to allow access from the internet.
To access the SMA 8200v management web interface over HTTPS:
1 Launch a browser and navigate to the SMA 8200v for AWS public IP/ Host name. We use default port
8443 to access SMA 8200v for AWS appliance.
https://<SMA 8200v Public IP/ Host name>/
2 On the web interface login page, enter the default credentials and then click Login.
The default credentials are:
Default user name = admin
Default password = <EC2 Instance ID>
NOTE: The public IP address assigned by EC2 can change across reboots. To preserve the same public IP
address, configure an Elastic IP for the instance. More information on Elastic IP addresses is available
here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html
NOTE: To locate the public IP address of your SMA 8200v instance, click SMA 8200v instance on
the Instances page in AWS EC2 console.
SMA and CMS on AWS
Getting Started Guide
13
The SMA 8200v management interface is displayed.
3 You can now register the SMA 8200v for AWS and begin management and configuration.
See the SMA Administration Guide for configuration information.
Connecting to the Command Line Interface
The Command Line Interface (CLI) is a text-only mechanism for interacting with the SMA 8200v by typing
commands to perform specific tasks. The CLI can be launched over SSH.
To connect to the SMA 8200v over SSH:
1 Click the SMA 8200v instance on the Instances page in AWS EC2 console.
2 Copy the Public IP address of the SMA 8200v appliance.
3 In an SSH application, type in the command using your AWS private key to authenticate:
ssh -i AWSPrivateKey.key admin@<SMA 8200v Public IP>
For example, ssh -i Ohiokey.pem [email protected]
4 If you see a warning, type yes to proceed with the login.
After the SMA 8200v appliance is fully booted, a login prompt is displayed.
Configuring Settings on the Appliance
Web Interface
This section provides procedures to configure the remaining appliance settings as you would for the SMA
hardware appliance.
To complete the host configuration:
1 Launch a browser and enter the URL of the virtual appliance.
SMA and CMS on AWS
Getting Started Guide
14
2 On the appliance interface login page, enter the default credentials and then click LOGIN.
The default credentials are:
User - admin
Password - <EC2 Instance ID>
After you log in, the SMA 8200V management interface is displayed.
3 Configure your settings for the SMA 8200 EC2 instance on the Status screen.
Refer to the SMA Administration Guide for complete configuration information. This and other
documentation are found online at: https://www.sonicwall.com/support/technical-documentation/
Licensing and Registering Your Appliance
This section contains information about licensing and registering your SMA 8200v on Amazon EC2.
You must purchase a license and register your SMA 8200v on Amazon EC2 before first use. Registration is
performed using the management interface. After the registration is completed, the SMA 8200v on Amazon
EC2 is licensed and ready to use. For the 30-Day Trial Virtual Appliance registration process, refer to Using the
30-day Trial Version.
SMA 8200v on Amazon EC2 provides user-based licensing. By default, the virtual appliance comes with a 5-user
license. Extra licenses can be added in 5, 10, and 25 user denominations, up to a maximum that allows for 50
concurrent user sessions.
Licensing is controlled by SonicWall’s license manager service, and customers can add licenses through their
MySonicWall accounts. Unregistered units support the default license allotment for their model, but the unit
must be registered in order to activate additional licensing from MySonicWall.
License status is displayed in the SMA 8200v on Amazon EC2 management interface, on the System
Configuration > General Settings > Licensing page.
Communication with the SonicWall Licensing Manager is necessary while using the SMA 8200v on Amazon EC2
and requires Internet access.
SMA and CMS on AWS
Getting Started Guide
15
Registering the SMA 8200v
After you have installed and configured the network settings for your SMA 8200v on AWS, you can log into the
management console and register it to your MySonicWall account. Registration of your SonicWall SMA 8200v
on AWS follows the same process as for other SonicWall hardware-based appliances.
To register your SMA 8200v for AWS:
1 Log in to your SMA 8200v virtual machine.
Public IP of the SMA 8200v for AWS virtual machine is available in the Instances page in the AWS
Management Console.
2 In the System Configuration group, select General Settings > Licensing > Edit.
The Manage Licenses page is displayed.
3 Under Online Licensing, click Register. This should take you to a MySonicWall login.
4 Enter your MySonicWall.com account username or email address and password in the appropriate fields
and click Submit.
5 In the License Management page, enter the Serial Number or Activation Key for your new appliance.
Enter the Authentication Code for your new appliance.
6 Enter a Friendly Name.
7 Click Submit to finish the registration process.
8 You have successfully registered your 8200v virtual machine. Click Continue to view the License
Management screen or continue configuring other settings within the appliance.
OR
NOTE: System functionality is extremely limited when registration is not completed.
SMA and CMS on AWS
Getting Started Guide
16
You can import your license file into the management console. To import the license:
1 Log in to the management console.
2 In the System Configuration group, select General Settings > Licensing > Edit.
The Manage Licenses page is displayed.
3 In the Manage License page, click Import License.
4 In the Import License page, click Choose File to select the license file and click Upload.
The License file is uploaded into the appliance.
Using the 30-day Trial Version
The SMA 8200v for AWS is offered in a 30-day Trial version. The installation, registration, and functionality of
the 30-Day Trial appliance is the same as the full SMA 8200v, except for differences noted in Deployment
Considerations. An email is sent from the SonicWall License Manager to warn you when your trial is near its
expiration date.
To upgrade to the full version:
Purchase the full SMA 8200v for AWS.
Export your settings from the 30-day Trial version.
Install and register the full SMA 8200v for AWS.
Import your settings.
You must install the SMA 8200 for AWS software before registering for your 30-Day Trial. For more information
on obtaining the software, see Deploying SMA 8200v on AWS.
Topics:
Deployment Considerations on page 17
Registering the 30-day Trial Virtual Appliance on page 17
Converting a Free Trial License to Full License on page 18
SMA and CMS on AWS
Getting Started Guide
17
Deployment Considerations
The following is a list of deployment considerations for the 30-day Trial version:
The SMA 8200v for AWS is disabled after 30 days.
A maximum of two concurrent users are allowed to log into the appliance.
Communication with the SonicWall Licensing Manager is required during the entire trial period.
It is recommended that you save a copy of your appliance configuration settings before upgrading to the
full version of the SMA 8200v for AWS.
Registering the 30-day Trial Virtual Appliance
This section gives details for registration of the SonicWall 30-day Trial virtual appliance.
To register the 30-day Trial:
1 Log in to your SMA 8200v for AWS.
Public IP of the SMA 8200v for AWS virtual machine is available in the Instances page in the AWS
Management Console.
2 In the System Configuration group, select General Settings > Licensing > Edit.
The Manage Licenses page is displayed.
3 Under Online Licensing, click Register. This should take you to a MySonicWall login.
4 Enter your MySonicWall.com account username or email address and password in the appropriate fields
and click Submit.
5 In the License Management page, enter the Serial Number or Activation Key for your new appliance.
Enter the Authentication Code for your new appliance.
6 Enter a Friendly Name.
7 Click Submit to finish the registration process.
8 You have successfully registered your SMA 8200v for AWS. Click Continue to view the License
Management screen or continue configuring other settings within the appliance.
9 Click Login.
10 When the registration confirmation page displays, click Continue.
NOTE: Before starting the registration process, contact SonicWall Sales to obtain your serial number and
authorization code.
SMA and CMS on AWS
Getting Started Guide
18
Converting a Free Trial License to Full License
An SMA 8200v for AWS instance is installed as a 30-day free trial can easily be converted to a full production
license.
To convert your free trial to a production version:
1 Purchase an SMA 8200v for AWS license from a distributor. You should receive a fulfillment email with
the new serial number and authentication code.
2 In the System Configuration group, select General Settings > Licensing > Edit.
The Manage Licenses page is displayed.
3 In MySonicWall, click to Register a new instance.
4 Enter the Serial Number and Authentication Code you received after purchasing your SMA 8200v for
AWS instance. Your SMA 8200v for AWS is now registered.
Exporting a Copy of Your Configuration Settings
Before beginning the update process, export a copy of your SMA 8200v for AWS configuration settings to your
local machine. The Export Settings feature saves a copy of your current configuration settings on your SMA
8200v for AWS, protecting all your existing settings in the event that it becomes necessary to return a previous
configuration state.
To save a copy of your configuration settings and export them to a file on your local management station, go to
AMC> Maintenance > Import/ Export and save the settings file to your local machine. The default settings file is
named <SMAHostName>_12.4.0-02179_20200207-005220.aea
SMA and CMS on AWS 12.4
Getting Started Guide
4
19
Deploying SMA CMS on AWS
This section explains how to deploy the SonicWall SMA CMS for AWS image in your AWS environment.
To install the CMS for AWS from the AWS console:
1 Get the SMA CMS AMI image for AWS.
To get the SMA AMI, contact SonicWall Sales at https://www.sonicwall.com/customers/contact-sales
OR
SonicWall Support at https://www.sonicwall.com/support/contact-support
2 Log into the AWS management console at https://aws.amazon.com.
3 In the Choose an Amazon Machine Image (AMI) screen, click My AMIs in the left pane and select
Shared with me under Ownership.
4 Select SonicWall CMS 12.4-0-02223-ami-008b50807679826e0 build and click Next.
5 In the Step 2 screen, select the instance type you want and click Next: Configure Instance Details.
6 In the Step 3 screen, configure the instance settings and click Next: Add Storage.
7 In the Step 4 screen, configure the hard disk size and click Next: Add Tags.
8 In the Step 5 screen, page, if tags are desired, click Add Tag and type in the key value pair(s) and then
click Next: Configure Security Group.
9 In the Step 6 screen, configure a Security Group for the SonicWall SMA CMS. If a Security Group was
already created for SonicWall SMA CMS before, you can assign it here. If not, create the rules as shown
in the screenshot below.
NOTE: Installation of CMS on AWS is applicable from the CMS 12.3 and later firmware versions.
SMA and CMS on AWS
Getting Started Guide
20
10 Click Review and Launch.
11 Verify the instance details shown in the next screen and you can make changes to any of the preceding
configurations by clicking the Edit link next to each heading.
12 When ready, click Launch to assign a key pair to your instance.
13 Select an existing key pair.
OR
Create a new key pair. If you need to create a new key pair, see Creating a Key Pair in AWS on page 6.
After you create a new key pair, download the key pair file before continuing. Store the private key file in
a secure and accessible location.
IMPORTANT: You can limit the exposure of IPs of the ports 22 and 443 for security reasons.
IMPORTANT: You cannot download the key pair after the instance is launched.
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31

SonicWALL SMA 1000 Series Quick start guide

SonicWALL
Brand
SonicWALL
Model
SMA 1000 Series
Type
Quick start guide
Download PDF
report

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI

Related papers

Other documents