This is an old revision of the document!
Basic configurations, support site and VPN scenarios
CLI configuration
The default IP address for a SonicWall appliance can vary depending on the model, but is often 192.168.168.168 or 192.168.168.169.
Default IP addresses for specific SonicWall models:
- SonicWall Email Security: 192.168.168.169
- SonicWall UTM: 192.168.168.168 for the LAN interface
- SonicWall NSA: 192.168.168.168
How to access the SonicWall:
To access the SonicWall, you can open a browser and go to https://192.168.168.168. The default username and password for the SonicWall management login page is admin/password.
How to find the SonicWall IP address:
You can use the Setup Tool to determine the LAN interface IP address. You can also download the Setup Tool and install it on a computer connected to the firewall's LAN port. Then, open the tool and search for the IP address.
How to access the SonicWall MGMT port:
Connect a computer to the SonicWall's MGMT port Configure the computer with a static IP address on the MGMT subnet Ping the Gateway (https://192.168.1.254).
The SonicWall security appliance supports the following management protocols: HTTP, HTTPS, SSH, Ping, and SNMP.
Type: config (hit enter) -----------config(C0EAE4009930)# Type: interface and name of the interface e.g. X3 (hit enter) -----------config(C0EAE4009930)# interface X3 Type: ip-assignment WAN static (in our case the IP assignment should be static and the interface should be WAN ... hit enter) ----------(edit-WAN-static[X3])# Type: ip 60.60.60.60 netmask 255.255.255.0 (hit enter) Type: commit (hit enter)
- config(18C2419C0C60_CCBZF1-BOGOTA-WH)# show service-objects except name custom
- config(18C2419C0C60_CCBZF1-BOGOTA-WH)# show service-groups
- config(18C2419C0C60_CCBZF1-BOGOTA-WH)# restart
- config(18C2419C0C60_CCBZF1-BOGOTA-WH)# show interfaces
The show service-objects and service-groups are copied into separate .txt files. Then from a LINUX machine, with the command written below delete the uuid and name lines.
Update ubuntu Linux:
- sudo -s
- apt update
- apt upgrade
- apt install vim
Itemaperez@APEREZ:~/prueba$ sed -i '/^ uuid/d' *.txt
Format that the Sonicwall CLI processes without problems is:
service-object HTTP TCP 80 80 exit service-object "HTTP Management" TCP 80 80 exit service-object HTTPS TCP 443 443 exit
service-group "AD Directory Services" service-object "RPC Services (IANA)" service-object "RPC Services" service-object "DCE EndPoint" service-object NTP service-object LDAPS service-object "LDAP (UDP)" service-object LDAP service-group "AD NetBios Services" service-group "Host Name Server" service-group Kerberos service-group "DNS (Name Service)" exit
PortShield and HA Configuration on SonicWall
How to Change an Interface IP using CLI
How can I configure web-management using CLI?
How can I configure interface from CLI once connected over console port?
Types of site to site VPN scenarios and configurations
How can I setup Site to Site VPN with IKE2 Dynamic client Proposal?
How do I configure the SSL-VPN feature for use with NetExtender or Mobile Connect?
How can I configure a Site to Site VPN policy using Main Mode?
Generating a Certificate Signing Request
How can I configure the various web login options for user level authentication?
How can I enforce local authentication for my users before allowing access to the Internet?