Table of ContentsPreviousNextIndex

SonicWALL, Inc.


System/Configure_GMS_Settings.htm

Enable GMS Management

You can configure the SonicWALL security appliance to be managed by SonicWALL Global Management System (SonicWALL GMS).

Configuring the SonicWALL Security Appliance for GMS Management

To configure the SonicWALL security appliance for GMS management:

  1. Select the Enable Management using GMS checkbox, then click Configure. The Configure GMS Settings window is displayed.
  2. Enter the host name or IP address of the GMS Console in the GMS Host Name or IP Address field.
  3. Enter the port in the GMS Syslog Server Port field. The default value is 514.
  4. Select Send Heartbeat Status Messages Only to send only heartbeat status instead of log messages.
  5. Select GMS behind NAT Device if the GMS Console is placed behind a device using NAT on the network. Type the IP address of the NAT device in the NAT Device IP Address field.
  6. Select one of the following GMS modes from the Management Mode menu.
  7. IPSEC Management Tunnel - Selecting this option allows the SonicWALL security appliance to be managed over an IPsec VPN tunnel to the GMS management console. The default IPsec VPN settings are displayed. Select GMS behind NAT Device if applicable to the GMS installation, and enter the IP address in the NAT Device IP Address field. The default VPN policy settings are displayed at the bottom of the Configure GMS Settings window.

    Existing Tunnel - If this option is selected, the GMS server and the SonicWALL security appliance already have an existing VPN tunnel over the connection. Enter the GMS host name or IP address in the GMS Host Name or IP Address field. Enter the port number in the Syslog Server Port field.

    HTTPS - If this option is selected, HTTPS management is allowed from two IP addresses: the GMS Primary Agent and the Standby Agent IP address. The SonicWALL security appliance also sends encrypted syslog packets and SNMP traps using 3DES and the SonicWALL security appliance administrator's password. The following configuration settings for HTTPS management mode are displayed:

    Send Syslog Messages in Cleartext Format - Sends heartbeat messages as cleartext.

    Send Syslog Messages to a Distributed GMS Reporting Server - Sends regular heartbeat messages to both the GMS Primary and Standby Agent IP address. The regular heartbeat messages are sent to the specified GMS reporting server and the reporting server port.

    GMS Reporting Server IP Address - Enter the IP address of the GMS Reporting Server, if the server is separate from the GMS management server.

    GMS Reporting Server Port - Enter the port for the GMS Reporting Server. The default value is 514

  8. Click OK.

Download URL

VPN Client Download URL

SonicWALL Global VPN Client (GVC) and SonicWALL Global Security Client (GSC) allow users to connect securely to your network using the GroupVPN Policy on the port they are connecting to. GVC or the VPN client portion of GSC are required for a user to connect to the GroupVPN Policy. Depending on how you have set up your VPN policies, if a user does not have a the latest GVC or GSC software installed, the user will be directed to a URL to download the latest GVC or GSC software.

The Download URL section provides a field for entering the URL address of a site for downloading the SonicWALL Global VPN Client application, when a user is prompted to use the Global VPN Client for access to the network.

The default URL http://help.mysonicwall.com/applications/vpnclient displays the SonicWALL Global VPN Client download site. You can point to any URL where you provide the SonicWALL Global VPN Client application.

SonicPoint Download URL (TZ 170 Series and PRO 1260)

The TZ 170 series and PRO 1260 security appliances do not contain the SonicOS firmware embedded locally on the security appliance's memory. Therefore, if you are managing SonicPoints from a TZ 170 or PRO 1260 running SonicOS 3.1 or newer, the security appliance will download the SonicPoint image at startup for distribution to connected SonicPoint devices. The image is downloaded from software.sonicwall.com or from the URL you specify in the SonicPoint Download URL field.

The downloaded SonicPoint firmware image is signed with SonicWALL's certificate to ensure integrity.

The default location is software.sonicwall.com/applications/sonicpoint/

If the TZ 170 or PRO 1260 running SonicOS Enhanced 3.1 and requiring SonicPoint support does not have Internet access, you can download the SonicPoint image from mysonicwall.com and host it on a local web-server. In this case, enter the URL for the local server in the SonicPoint Download URL field.

Note: The specified path must always end in a `/' (trailing slash). The filename should not be specified.

www.SonicWALL.com
SonicWALL, Inc.
http://www.sonicwall.com
1160 Bordeaux Drive
Sunnyvale, CA 94089-1209
Table of ContentsPreviousNextIndex