The Acumen IT Support blog provides you with helpful articles about SonicWall firewalls and VPNs.

Several web sites provide good overviews.

Official SonicWall Support page

SonicWall Wikipedia

 

SonicWall Firewalls

SonicWall SSL-VPN

Configuring SNMPv3 in SonicOS

Article Applies To:

Gen6 SM E10000 series: NSA E10800, NSA E10400, NSA E10200, NSA E10100

Gen6 SM 9000 series: NSA 9600, NSA 9400, NSA 9200

Gen6 NSA Series: NSA 6600, NSA 5600, NSA 4600, NSA 3600, NSA 2600

Gen5 NSA E-Class series: NSA E8510, E8500, NSA E7500, NSA E6500, NSA E5500

Gen5 NSA series: NSA 5000, NSA 4500, NSA 3500, NSA 2400, NSA 2400 MX, NSA 240, NSA 220, NSA 220 /W. NSA 250M, NSA 250M /W.

Gen5 TZ Series: TZ 215, TZ 215 W, TZ 210, TZ 210 W,  TZ 205, TZ 205 W, TZ 200, TZ 200 W, TZ 105, TZ 105 W, TZ 100, TZ 100 W

Firmware/Software Version: SonicOS 5.9 & above and SonicOS 6.1 & above

Services: SNMPv3 (SNMP version 3)

Feature/Application:

Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable Standards- based protocol for network management. SNMPv3 provides secure access to device by a combination of authenticating and encrypting packets over the network.

As a result, the security features provided in SNMPv3 are:

Message integrity—Ensuring that a packet has not been tampered with in-transit

Authentication—Determining the message is from a valid source

Encryption—Scrambling the contents of a packet prevent it from being seen by an unauthorized source

Before SNMPv3, all data was transmitted in the clear and subject to monitoring and alteration by unauthorized users. v3 supports various encryption methods. We recommend users never use DES 56-bit encryption as this is very easy to decrypt. AES 128-bit is the preferred method.

Feature Functions

–Support USM (User-based Security Model, RFC3414) for SNMPv3

–Support View-Based Access Control Model (VACM, RFC3415) for SNMPv3

–Support Administrative Framework (RFC3411) for SNMPv3

Feature Limitations 

–Does not support notification destinations

–Does not support proxy relationships

–Does not support remotely configurable via SNMP operations

Procedure:

Step 1: First, configure SNMP in SonicWALL device

Step 3: Next, configure SNMP & add SonicWALL unit in PRTG Monitoring software

Step 1: Configure SNMP in SonicWALL device

  • Enable SNMP and configure SNMP parameters

Please login to the SonicWALL Management GUI as admin.

  • Navigate to System -> SNMP.
  • Check the box Enable SNMP.
  • Click in the Configurebutton and supply the parameters for SNMP or keep the default for general configuration.
  • Click OK
  • Click Applybutton on the top of the page.

For the SNMP functionality, the Community name should be the same in the SonicWALL and the SNMP monitoring software

  • Creating SNMP User, Group & Access

>> Adding User with Group

Please login to the SonicWALL Management GUI as admin.

Navigate to System -> SNMP, Click Add User button under Users/Group

  • User Name: User1(Type any friendly name which you would like to use for SNMP)
  • Security Level:Authentication and Privacy (Select the level which you would like to use)
  • Authentication Method: MD5(Select the method which you would like to use)
  • Authentication Key: user12345( type the key which you would like to use But it should be more than 8 characters)
  • Encryption Method: DES(Select the method which you would like to use)
  • Privacy Key: password123(type any key which you would like to use)
  • Group: SNMP Group(Select the group which you would like to add this user)
  • Click the OKbutton on the top of the page.

>> Creating Access for SNMP

Please login to the SonicWALL Management GUI as admin.

Navigate to System -> SNMP, Click Add button under Access

  • Access Name: New SNMP Access(Type any name which you would like to use)
  • Read View: root
  • Master SNMPv3 Group: SNMP Group(Select any group which you would like to use)
  • Access Security Level: Authentication and Privacy(Select the level of security for SNMP)
  • Click OKbutton to save the access.

 Enable SNMP on the SonicWALL interface

Please login to the SonicWALL Management GUI as admin.

Navigate to Network > Interfaces and click on the configure button in front of the LAN & WAN interface.

>> LAN Interface (X0): 

  • In the ‘Management’ section of Edit X0 interface window, check the ‘SNMP’ box.
  • Click the ‘OK’ button.

>> WAN Interface (X1): 

  • In the Management section of Edit X1 interface window, check the SNMP
  • Click the ‘OK’ button.

Step 2: Configuring SNMP & adding SonicWALL unit in PRTG Monitoring software 

Open the SNMP software and register the SonicWALL. (You can download and install a free edition of PRTG from http://www.paessler.com/prtg/download)

Screen shots for PRTG (V14.2.9.1689) are attached below, just enter the SonicWALL appliance’s LAN IP address, along with the community string and it will start gathering data from the SonicWALL

Select Device tab in the PRTG software. Under Overview Click Add Device button to add your sonicwall device.

  • In the device name enter SonicWALL TZ 200(You should use the same name which you used in SNMP configuration of SonicWALL
  • In IPV4- Address/DNS Name 168.168.168(IP address of the SonicWALL interface to which server is connected)
  • Device Icon: Select Dell Icon

Click Continue for next step

You will find the new device which we added. Click Add Sensor button to select the sensor type.

  • Select SNMPunder Technology Used
  • Select SNMP Trafficunder Matching Sensor Type

>>Under Credentials For SNMP Devices

Disable Inherit option and configure SNMP as below

  • SNMP Version: V3
  • Authentication Type: MD5(Select the Authentication method which you configured in SonicWALL)
  • User: User1(Type the user which you created in SonicWALL)
  • Password: user12345(Type Authentication Key which you configured in SonicWALL)
  • Encryption Type: DES(Select the Encryption method which you configured in SonicWALL)
  • Data Encryption Key: password123(Type the Privacy Key which you configured in SonicWALL)
  • SNMP Port: 161
  • SNMP Timeout: 5

Click Continue button to save the configuration

Select the interface for which you would like to monitor traffic. In this scenario select X0, X1 & W0 interface and click Continue button

Now you can see the sensor information for all the interface with the traffic rate

How to Test

In order to test the SNMP traffic. Select any one interface to see its traffic rate with graph. Click on X0 interface to see the information as below

Finally, the Live data can be shown in the graph format as below for the X0 interface

SonicWall

Sonicwall Gateway Antivirus Causes Slow Downloads

 

Sonicwall

HOWTO: Speed up Sonicwall Downloads

We found that our Sonicwall would cause all downloads to start very fast, slow down quickly, and eventually stop. This occurred with major corporate download sites. The download went to low KB/s before dying. A download time estimate would indicate hours and days remaining.

We discovered that turning off the gateway antivirus allowed normal download speeds. However, because we want the benefit of the gateway antivirus, we would enable and disable the entire gateway antivirus security system.

This was very burdensome so we found that it could be resolved by:

      1. Login to your sonicwall device.
      2. Change the end of the url from main.html to diag.html
        1. You will see: Internal Settings – to be used only at the direction of Technical Support
        2. Change Security Services settings:
          1. Check Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service enabled.
          2. Change the value of Set a limit on maximum allowed advertised TCP window with any DPI-based service enabled (KBytes) from 64 to 512.
        3. Change Routing and Network settings:
          1. Check Enable TCP packet option tagging.
          2. Check Fix/ignore malformed TCP headers.
          3. Check Clear DF (Don’t Fragment) Bit.
        4. Go to the top of the page and click Apply.

Downloads will now function at full speed.

Looking for help with your Firewalls? We provide a full range of services including SonicWall, Barracuda, McAfee Sidewinder, and Cisco firewalls. Visit Our Firewall Site or call toll free: 314.333.3330

 

For more information on Firewalls, visit the link below:

https://www.microsoft.com/en-us/safety/pc-security/firewalls-whatis.aspx

 

 

Keyword: Gateway antivirus St Louis