SonicWALL Security Products Partners | Contact Sales 1-800-509-1265

 •   • 

TZ Series Remote Start-up and Configuration Information Form

Please provide accurate information on the following items to the best of your knowledge. Leave blank the items with which you are not familiar or don't know the answer.

Contact Information
System Requirements
Configuration Information
Environmental Information
In order to ensure a successful configuration, we need to know about the types of network traffic the firewall will manage.
Network Information
Administration Information
Primary Internet Service Provider (ISP) Information
If you connect via cable modem or DSL with a router, you likely use DHCP. No Internet connection information is usually required, although some service providers require a host name.
If you connect via a home DSL, you likely use PPPoE.
If you connect via T1/E1, static broadband, cable or DSL with a static IP.
If you connect via a dial-up connection, you likely use PPTP.
Secondary ISP Information (Optional)
WAN Failover
SonicWALL will review best practice for this setup, specifically:
  • Failback Considerations
  • Probing Methods (e.g. how the firewall determines a WAN connection is down)
List any additional static routes besides the default route.
  • Subnet 1:
  • Mask 1:
  • Gateway 1:
  • Subnet 2:
  • Mask 2:
  • Gateway 2:
Address Objects
Provide information below for each object. You may create up to 20 objects.
  • Name: Choose a user-friendly name for the address object
  • Zone: Typically these will be either WAN, LAN or DMZ. If you're unsure, simply leave blank.
  • Type: Select one of the following:
    • Host - A node on the network. A host IP address will be required
    • Range - A range of IP addresses, example
    • Network - An IP subnet, requires network and subnet mask
    • MAC - The MAC address or hardware address of a network node. The format will be hexadecimal (example: 00-C0-4F-10-7E-76)
    • FQDN - Fully Qualified Domain Name (example:
Example for type: Host
  • Name: CEO Laptop
  • Zone: LAN
  • Type: Host
  • Field 1:
  • Field 2: Leave blank (not applicable for a host object)
Example for type: Range
  • Name: Finance Group
  • Zone: LAN
  • Type: Range
  • Field 1: (Begin range IP)
  • Field 2: (End range IP)
Address Object 1
Service Objects
Provide information below for each object. You may create up to 20 objects.
  • Example 1:
    • Service Name: Xbox1
    • IP Type: UDP
    • Port Range Begin: 3074
    • Port Range End: (Not applicable, this field would be used if there was a port range instead of a single port defined)
  • Example 2:
    • Service Name: Xbox2
    • IP Type: TCP
    • Port Range Begin: 3074
    • Port Range End: N/A
Service Object 1
Service Groups
Provide information below for each service group. You may create up to 5 groups.
  • Example for a service group named Xbox requiring 6 services:
    • Service Group Name: XBOX
    • Service 1: Xbox 1
    • Service 2: Xbox 2
    • Service 3: Xbox 3
    • Service 4: Xbox 4
    • Service 5: Xbox 5
    • Service 6: Xbox 6
Service Group 1
Network Address Translation (NAT) Policies
Provide information below for each service group. You may create up to 10 policies.
  • Example for creating a NAT policy allowing access to a Web server located on the LAN:
    • Original Source: Any
    • Translated Source: Any
    • Original Destination: WAN Primary IP
    • Translated Destination: Web Server LAN IP
    • Original Service: Original
    • Translated Service: Original
    • Inbound Interface: X1
    • Outbound Interface: Any
    • Comment (not required): Web Server Public Access
NAT Policy 1
Firewall Access Rules/Policies
Provide information below for each access rule/policy. You may create up to 10 rules/policies.
  • From Zone: (If using SonicOS Enhanced, or interface if using SonicOS Standard)
  • To Zone: (If using SonicOS Enhanced, or interface if using SonicOS Standard)
  • Service: Can be a single service or a group of services
  • Action: Deny, allow or discard (discard = ignore all requests with no response)
  • Source: Can be an object or group of objects
  • Destination: Can be an object or group of objects
  • Users: If applicable
  • Schedule: If applicable. Policy can be activated on a scheduled time basis
Example Creating an access rule to your public web server on the LAN:
  • From Zone: WAN
  • To Zone: LAN
  • Service: Web
  • Action: Allow
  • Source: Any
  • Destination: WAN Primary IP
  • Users: NA
  • Schedule: NA
Access Rule/Policy 1
Wireless Security
Virtual Private Networking (VPN)
Provide information below for each site-to-site or client-to-site VPN. You may create up to six VPNs.
Group VPN Policy
VPN Policies Example for a site-to-site VPN with a dynamically addressed peer
Example Policy 1
  • Policy Name: Site 1
  • Peer IP or FQDN: Blank (for dynamic peer)
  • Shared Secret: $0N1cW4LL
  • Local Network:
  • Remote Network:
VPN Policy 1
SSL VPN (SonicWALL NetExtender) - Available on TZ 100, 200, and 210
What are the main resources a remote NetExtender client needs to reach?
  • Name: Desktop
  • IP Address:
  • Location: XO LAN
NetExtender Client 1
What IP address range and location/zone do you want to use for the SSL VPN Client Address Range?
Note: the IP address range and locations cannot overlap with manually configured servers or DHCP scopes on any device.
  • IP Range: – 217
  • Location: X3 DMZ)
Security Services (Optional)
If you purchased a SonicWALL security service such as Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service or Comprehensive Gateway Security Suite, please provide the product key(s) you have for the security services you want activated (you may have one key that is a comprehensive key which covers all these services).
Based on the services purchased, SonicWALL will review and set up the appropriate service.
Security Service 1
Enabling Connection Management Features
If you purchased SonicWALL Content Filtering Service (Standard or Premium Edition) and would like SonicWALL to activate the service, please provide the key.
SonicWALL Content Filtering Service allows you to choose ratings categories of Web content to block. By default, SonicWALL will select all categories when activating the service. If you want only select categories to be blocked, please provide a list of the required categories based on the level of service (Standard or Premium) you purchased. You can find information on ratings categories at
List of Ratings Categories to Block (if not All).


Note: SonicWALL and its authorized partners will not share, sell, rent or trade your personal information.