SonicWall Setup Notes

Initialization:
Reset device and access it via 192.168.168.168 (default), default login is Admin/password
Check firmware and upgrade if necessary
Add NTP server: us.pool.ntp.org
Firewall – Advanced – Detection Prevention – Check all
Security Services – Gateway Antivirus – On – Anti-Spyware – Enable and Check all – Content Filter – Configure as desired
Network – Zones – Content Filtering, IPS, Anti-Spyware for LAN & DMZ
Network – DHCP Server – Enable – Set Range and Static IPs
DNS – set 8.8.4.4, 8.8.8.8, 4.2.2.2, or OpenDNS
Firewall – TCP settings – Enforce TCP
 
QoS:
1. Enable 802.1p tagging on WAN interface
2. Create QoS rule on the LAN > WAN direction, set DSCP & 802.1p Markings to MAP
3. Configure QoS Settings
4. Set bandwidth management for specific port (PBX server)
– Network – interfaces – configure interface X4 – LAN, Static IP set as Gateway IP of that network segment (i.e. 10.100.80.1)
– Obtain MAC address of PBX server – Network – DHCP server – Add static – set static IP as an IP on the chosen network segment (i.e. 10.100.80.10), lease time 1440
– Network – Address Object – Add – Name = PBX Server, IP as set in previous step
– Firewall Settings – BWM – Global, 0 Realtime, set percent of bandwidth required for VOIP (i.e. 20% or 3Mbps of 15Mbps; passing requirement of 40 trunks x 32 kpbs of G.729 codec = 1280 kpbs ~ 1.2 Mbps)
– Firewall – Access Rules – Select LAN to WAN – Add – Allow LAN to WAN, Any Any All – Ethernet BWM – Enable inbound/outbound to match priority 0 in previous step
 
VPN:
  • Global VPN: https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=3352
    SSL-VPN: https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6461
Set Backup:
System – Settings – Create backup settings (taking snapshot for recovery purposes) – Export Settings and save it on DATA server

Leave a Reply

Your email address will not be published. Required fields are marked *