SNMP (Simple Network Management Protocol) is a network protocol used over User Datagram Protocol (UDP) that allows network administrators to monitor the status of the SonicWALL Internet security appliances and receive notification of any critical events as they occur on the network. SonicWALL Internet security appliances support SNMP v1/v2c and all relevant Management Information Base II (MIBII) groups except egp and at. The SonicWALL replies to SNMP Get commands for MIBII via any interface and supports a custom SonicWALL MIB for generating trap messages. The custom SonicWALL MIB is available for download from the SonicWALL Web site and can be loaded into third-party SNMP management software such as HP OpenView, Tivoli, or SNMPC.
The SonicWALL SNMP agent generates two traps: Cold Start Trap and Alert Traps. Cold Start Traps indicates the SonicWALL appliance is reinitializing itself so that the agent configuration or the appliance can be altered. Alert Traps are based on the existing SonicWALL alert messages which allows the trap messages to share a common message string with the alerts. Accordingly, no trap message can exist without a corresponding alert message.
To configure SNMP, enter the necessary information in the following fields:
Select Enable SNMP.
Enter the System Name. This is the hostname of the SonicWALL appliance.
In the System Contact field, type in the name of the network administrator for the SonicWALL appliance.
Enter an e-mail address, telephone number, or pager number in the System Location field.
Create a name for a group or community of administrators who can view SNMP data, and enter it in the Get Community Name field.
Create a name for a group or community of administrators who can view SNMP traps, and enter it in the Trap Community Name field.
Enter the IP address or hostname of the SNMP management system receiving the SNMP traps in the Host 1 through Host 4 fields. Up to 4 addresses or hostnames can be specified.
Trap messages are generated only for the categories that alert messages are normally sent, i.e. attacks, system errors, blocked Web sites. If none of the categories are selected on the Log Settings page, then none of the trap messages are sent out.
By default, the SonicWALL appliance responds only to SNMP Get messages received on its LAN interface. Appropriate rules must be set up in the SonicWALL to allow SNMP traffic to and from the WAN. SNMP trap messages can be sent via the LAN, WAN, or LAN interface.
If your SNMP management system supports discovery, the SNMP agent should automatically discover the SonicWALL appliance on the network. Otherwise, you must add the SonicWALL appliance to the list of SNMP manageable devices on the SNMP management system.
The SonicWALL can be managed using HTTP or HTTPS and a Web browser. Both HTTP and HTTPS are enabled by default. The default port for HTTP is port 80, but you can configure access through another port. Enter the number of the desired port in the Port field, and click Update. However, if you configure another port for HTTP management, you must include the port number when you use the IP address to log into the SonicWALL. For example, if you configure the port to be 76, then you must enter <LAN IP Address>:76 into the Web browser.
The default port for HTTPS management is 443, the standard port. You can add another layer of security for logging into the SonicWALL by changing the default port. To configure another port for HTTPS management, enter the preferred port number into the Port field, and click Update. For example, if you configure the HTTPS Management Port to be 700, then you must log into the SonicWALL using the port number as well as the IP address, for example, <https://192.168.168.1:700> to access the SonicWALL.
The HTTPS Management Certificate Common Name field defaults to the SonicWALL LAN Address. This allows you to continue using a certificate without downloading a new one each time you log into the SonicWALL.
You can choose to manage your SonicWALL using a VPN Client or SonicWALL Global Management System (GMS) by selecting the option from the Enable Management Using menu.
All SonicWALLs include a Management SA (Security Association) for secure remote management. The Management SA does not permit access to remote network resources.
Tip! If you have enabled VPN on your SonicWALL, the SonicWALL can be managed remotely using a Management SA or with a VPN SA.
To enable secure remote management, select VPN Client from the Enable Management Using menu to enable secure remote management using Manual Key.
When remote management is enabled, a Management SA is automatically generated. The Management SA uses Manual Keying to set up a VPN tunnel between the SonicWALL and the VPN client. The Management SA also defines Inbound and Outbound Security Parameter Indices (SPIs) which match the last eight digits of the SonicWALL serial number. The preset SPIs are displayed in the Security Association Information section. It is not necessary to configure a VPN connection for Remote Management as the Management SA is automatically configured in this section.
Enter a 16-character hexadecimal encryption key in the Encryption Key field. Valid hexadecimal characters include 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E and F. An example of a valid encryption key is 1234567890A-BCDEF. Or you can use the randomly generated key that appears in the Encryption Key field.
Enter a 32-character hexadecimal authentication key in the Authentication Key field. An example of a valid authentication key is 1234567- 890ABCDEF1234567890ABCDEF. Or you can use the randomly generated key that appears in the Authentication Key field.
Click Update. Restart the SonicWALL for the change to take effect.
Tip! When a Management SA is created, the remote SonicWALL is managed at the SonicWALL WAN IP Address.
The Enable Management Using menu also includes the GMS option for management by SonicWALL Global Management System (SonicWALL GMS). Select this option if the SonicWALL is managed remotely by SonicWALL GMS.
Enter the host name or IP address of the GMS Console in the GMS Host Name or IP Address field.
Enter the port in the GMS Syslog Server Port field. The default value is 514.
Select Send Heartbeat Status Messages Only to send only heartbeat status instead of log messages.
Select GMS behind NAT Device if the GMS Console is placed behind a device using NAT on the network. Type the IP address of the NAT device in the NAT Device IP Address field.
IPSEC Management Tunnel - Use the IPSec management tunnel included with the SonicWALL. The default IPSec VPN settings are displayed.
Existing Tunnel - Use an existing established tunnel for GMS management of the SonicWALL.
HTTPS - Use HTTPS for GMS management of the SonicWALL. The following configuration settings for HTTPS management mode are displayed:
Send Syslog Messages in Cleartext Format - Sends Syslog messages as cleartext.
Send Syslog Messages to a Distributed GMS Reporting Server - Sends Syslog Messages to a GMS Reporting Server separated from the GMS management server.
GMS Reporting Server IP Address - Enter the IP address of the GMS Reporting Server, if the server is separate from the GMS management server.
GMS Reporting Server Port - Enter the port for the GMS Reporting Server. The default value is 514
Help Table of Contents