CLI configuration

The default IP address for a SonicWall appliance can vary depending on the model, but is often 192.168.168.168 or 192.168.168.169.

Default IP addresses for specific SonicWall models:

• SonicWall Email Security: 192.168.168.169
• SonicWall UTM: 192.168.168.168 for the LAN interface
• SonicWall NSA: 192.168.168.168

How to access the SonicWall:

To access the SonicWall, you can open a browser and go to https://192.168.168.168. The default username and password for the SonicWall management login page is admin/password.

How to find the SonicWall IP address:

You can use the Setup Tool to determine the LAN interface IP address. You can also download the Setup Tool and install it on a computer connected to the firewall's LAN port. Then, open the tool and search for the IP address.

How to access the SonicWall MGMT port:

Connect a computer to the SonicWall's MGMT port Configure the computer with a static IP address on the MGMT subnet Ping the Gateway (https://192.168.1.254).

The SonicWall security appliance supports the following management protocols: HTTP, HTTPS, SSH, Ping, and SNMP.

Type: config (hit enter)
-----------config(C0EAE4009930)#

Type: interface and name of the interface e.g. X3  (hit enter)
-----------config(C0EAE4009930)# interface X3
Type: ip-assignment WAN static   (in our case the IP assignment should be static and the interface should be WAN 
... hit enter)
----------(edit-WAN-static[X3])#
Type: ip 60.60.60.60 netmask 255.255.255.0 (hit enter)
Type: commit  (hit enter)

• config(18C2419C0C60CCBZF1-BOGOTA-WH)# show service-objects except name custom * config(18C2419C0C60CCBZF1-BOGOTA-WH)# show service-groups
• config(18C2419C0C60CCBZF1-BOGOTA-WH)# restart * config(18C2419C0C60CCBZF1-BOGOTA-WH)# show interfaces

The show service-objects and service-groups are copied into separate .txt files. Then from a LINUX machine, with the command written below delete the uuid and name lines.

Update ubuntu Linux:

• sudo -s
• apt update
• apt upgrade
• apt install vim

Itemaperez@APEREZ:~/prueba$ sed -i '/^uuid/d' .txt Note: _ = space, quantity to replace: four. Format that the Sonicwall CLI processes without problems is: service-object HTTP TCP 80 80 exit
service-object “HTTP Management” TCP 80 80 exit
service-object HTTPS TCP 443 443 exit service-group “AD Directory Services” service-object “RPC Services (IANA)” service-object “RPC Services” service-object “DCE EndPoint” service-object NTP service-object LDAPS service-object “LDAP (UDP)” service-object LDAP service-group “AD NetBios Services” service-group “Host Name Server” service-group Kerberos service-group “DNS (Name Service)” exit —- —- services_group_objects.zip —- —- PortShield and HA Configuration on SonicWall How to Change an Interface IP using CLI How can I configure web-management using CLI? How can I configure interface from CLI once connected over console port? Sonicwall Support Types of site to site VPN scenarios and configurations How can I setup Site to Site VPN with IKE2 Dynamic client Proposal? How do I configure the SSL-VPN feature for use with NetExtender or Mobile Connect? How can I configure a Site to Site VPN policy using Main Mode? Generating a Certificate Signing Request How can I configure the various web login options for user level authentication? How can I enforce local authentication for my users before allowing access to the Internet? How to find out the CFS rating of a website? —- —- FEC on an SFP port refers to Forward Error Correction (FEC), which is a technique used in fiber optic and Ethernet networks to enhance data transmission reliability by detecting and correcting errors without the need for retransmission. FEC (Forward Error Correction): FEC is a mechanism that adds redundant information to the transmitted data. This redundancy allows the receiving end to detect and correct errors caused by signal degradation or noise during transmission. Purpose: FEC is essential for high-speed data links (e.g., 10G, 25G, 40G, 100G Ethernet) to improve link quality and performance. Types: Different FEC modes can be used depending on the standard and speed of the connection (e.g., Reed-Solomon FEC). * auto Enable FEC Auto-Neg * cl108 Enable clause108 with 25G * cl74 Enable clause74 with 25G * off Turn FEC off, FEC is mandatory for speeds 50G or higher —- —- Benefits of FEC on SFP Ports: * Error Correction: FEC can correct errors due to signal attenuation or interference. * Better Link Performance: Allows for longer cable runs or higher speeds by improving signal integrity. * No Retransmissions: Unlike other error correction methods, FEC works proactively without needing retransmissions, which is important for low-latency environments. —- —-