Here is a quick and dirty guide to getting SonicWALL’s Analyzer software installed, configured, and displaying information about your hardware device:
- Download the SonicWALL Analyzer software for windows from MySonicwall.com
- Install using default options, and when prompted make sure to select the proper IP on the workstation/server to use to receive communications from the SonicWALL hardware device.
- Open port UDP 514 and UDP 162 on the Workstation/Server’s Windows Firewall to allow for Syslog and SNMP traffic to be sent to the server from the SonicWALL hardware Device.
- After Installation, reboot the Workstation/Server.
- Launch the SonicWALL Universal Management application from the start menu/desktop.
- Login with the default username /password of: admin/password.
- Set a new password for the UMH aspect of the software.
- Register the software with mysonicwall.com using the link at the top of the application.
- During the registration process, enter “ANALYZER” in the serial number field. Add a Description of the PC. Click Submit.
- Under the “Roles” section in the left hand pane, enter a username, password for the database and password for the database administrator. Click Update. Make sure to create a user account that IS NOT “root”, you can use anything but “root” for the database User.
- Under “Settings” section in the left hand pane, enter the SMTP settings necessary to send emails.
- On the SonicWALL, expand “Log” on the left, and then click on “ViewPoint”. Click “Add” and then enter the IP address of the workstation/server running analyzer.
- Install Java and flash on the Analyzer workstation/server.
- Attempt to log into the analyzer software now (same link as the Universal Management tool) and then you will be prompted to change your password for the analyzer user.
- Once Logged in, click on the “Firewall” tab at the top, then click the small button on the left to add a Hardware Device to be monitored.
This will get you up and running any analyzing traffic in real time.
This is a short and sweet mini-guide to setting up the SonicWALL Directory Connector. This should be everything that you need to get it up and running, from there you can setup the more advanced functionality, such as Terminal Services Integration on your own.
- Download and the SonicWALL Directory Connector for either 32 bit or 64 bit systems from mysonicwall.com
- Install the product with its defaults, when prompted for credentials enter a domain admin’s credentials.
- When Prompted to enter SonicWALL Device information enter the Internal IP of your SonicWALL, and create a shared key to be used by the SSO Component and your Device.
- Finish the Installer and then launch it.
- Now log into your SonicWALL Device and Expand “Users” in the left pane and then click on “Settings”.
- Under the section “Single-sign-on method:” change the drop down box to “SSO Agent” and click on the “Configure” button.
- On the “Settings” tab click the “Add…” button to add your agent, modify the IP, Port, and Shared Key to that of your server/workstation running the software. Click Apply. NOTE: If the status light does not turn green, you may need to add a firewall rule on the server/workstation to allow inbound connections on that port. I’ve also had to add both of these .exes to the list of excluded applications to get this software to work through the windows firewall:
%ProgramFiles% (x86)\SonicWALL\DCON\CIAService.exe, %ProgramFiles% (x86)\SonicWALL\DCON\SoniCON.exe
- Under the “Users” tab make sure to add the Usernames of any Service accounts on the network that should be excluded from SSO reporting.
- Create a new Address Group on the sonicwall, and place into it all Devices that should be excluded from SSO Attempts, such as routers, switches, printers, wireless access points, basically anything that isn’t a windows PC. All of these devices will be governed by the “Default” Content Filtering Policy if CFS is in place.
Hopefully you found this helpful and it saved you some time.
If you’ve enabled BPDUGuard on a your endpoint facing ports (which you should do) you’ve probably asked yourself what to do when those ports auto disable themselves after a switch is plugged into them. It’s pretty simple, first remove whatever caused the port to disable, such as a loop or another switch, and then enter the following command on your power connect:
# set interface active gigabitethernet 1/0/13
Assuming that port 13 is the port you want to reactivate.