en-US
search-icon

Secure Mobile Access 8.6 500v Getting Started Guide

Using the SMA 500v Virtual Appliance

Configuring the SMA 500v Virtual Appliance

This section describes how to power on and configure basic settings on the SMA 500v Virtual Appliance, including virtual hardware settings and networking settings.

This section contains the following topics:

Powering the Virtual Appliance On or Off

There are multiple ways to power the SMA 500v on or off:

Right-click the SMA 500v in the left pane and navigate to Power > Power On or Power > Power Off in the right-click menu.
Select the SonicWall SMA 500v Virtual Appliance in the left pane and then click Power on the virtual machine or Shut down the virtual machine on the Getting Started tab in the right pane.
Select the SonicWall SMA 500v Virtual Appliance in the left pane and then click Power On or Shut down guest on the Summary tab in the right pane.

Configuring interface IP and route settings on the console

To open the console and configure the IP address and default route settings:
1
In vSphere, right-click the SonicWall SMA 500v Virtual Appliance in the left pane and select Open Console in the right-click menu.

2
When the console window opens, click inside the window, type admin at the Login prompt and press Enter. Then, type password at the Password prompt and press Enter. The SNWLCLI> prompt is displayed.

* 
NOTE: The mouse pointer disappears when you click in the console window. To release it, press Ctrl+Alt.
3
Configure the local IP address for the virtual appliance with the command:

interface eth0 <IP Address> <SubnetMask>

4
Configure the DNS with the command:

dns --namesrver <DNS IP>

5
Configure the default route for the virtual appliance with the command:

route --add default -- destination <gateway IP>

You can test connectivity by pinging another server or your main gateway, for example:

ping <gateway IP>

Press Ctrl+c to stop pinging.

6
Type exit to exit the CLI. Close the console window by clicking the X.
* 
NOTE: Refer to Using the Command Line Interface for more information about changing the settings.

Using the Command Line Interface

The Command Line Interface (CLI) is a text-only mechanism for interacting with a computer operating system or software by typing commands to perform specific tasks. It is a critical part of the deployment of the SMA 500v Virtual Appliance, where basic networking needs to be configured from the console.

While the physical SMA 500v Virtual Appliance has a default IP address and network configuration that requires a client’s network settings to be reconfigured to connect, as the network settings in the VMware virtual environment might conflict with the SonicWall defaults. The CLI utility remedies this by allowing basic configuration of the network settings when deploying the SMA 500v Virtual Appliance.

After the SMA 500v Virtual Appliance firmware has fully booted, a login prompt is displayed.

To access the CLI, login as admin. The password is the same as the password for the “admin” account configured on the appliance. The default is password.

If an incorrect password is entered, the login prompt is displayed again. If the correct password is entered, the CLI is launched.

* 
NOTE: The User input used in the examples highlighted in red indicates text entered by the user, there is no coloring of text done on the actual CLI.

Basic system information and network settings are displayed along with the main menu.

The main menu has six selections:

Setup Wizard

This option launches a simple wizard to change the basic network settings, starting with the X0 IP Address, X0 subnet mask, default gateway, primary and secondary DNS, and the hostname. The following CLI output illustrates an example where each field is changed:

If a field is not filled out, the prior value is retained, allowing you to change only a single field. After each field has been prompted, the new network settings are shown and a confirmation message is given for the user to review and verify the changes before applying them. The following shows the result when you save the changes:

After saving the changes, press Enter to return to the original display of the System Information and Network Settings. Verify that the changes have taken effect

If no changes are saved, a message displays. Pressing Enter returns to the initial display of the System Information and Network settings.

* 
NOTE: When applying settings that change the IP address, there might be a delay of up to five seconds as the interface settings are updated.

Reboot

Selecting this option displays a confirmation prompt, and then reboots:

Restart SSL VPN Services

This option displays a confirmation prompt, and then restarts the Web server and the related SSL-VPN daemon services. This command is equivalent to issuing the Easy Access Ctrl restart command.

Logout

The logout option ends the CLI session and returns to the login prompt.

* 
NOTE: The X0 interface is the only interface configurable through the CLI. Currently, configuring any other interfaces using the CLI on a SonicWall SMA 500v Virtual Appliance is not supported.

Save TSR to Flash

Saves the Technical Support Report to flash memory on the SMA 500v Virtual Appliance.

Display EULA

Displays the End User License agreement associated with the SMA 500v Virtual Appliance.

Configuring Settings on the Appliance Web Interface

This section provides procedures to configure the remaining appliance settings as you would for the SonicWall SMA 500v Virtual Appliance hardware appliance.

To complete the host configuration:
1
Launch a browser and enter the URL of the virtual appliance.
2
On the appliance interface login page, type in the default credentials and then click Login.

The default credentials are:

User - admin

Password - password

After you login, the SMA 500v Virtual Appliance management interface is displayed.

3
Configure your settings for the SMA 500v.

Registering Your Appliance

This section contains information about registering your SMA 500v Virtual Appliance.

You must purchase a license and register your SMA 500v before first use. Registration is performed using the appliance management interface. When registration is completed, SMA 500v will be licensed and ready to use. For the 30-Day Trial Virtual Appliance registration process, refer to Registering the 30-day Trial Virtual Appliance.

SMA 500v provides user-based licensing. By default, the virtual appliance comes with a 5-user license. Extra licenses can be added in 5, 10, and 25 user denominations, up to a maximum that allows for 50 concurrent user sessions.

Licensing is controlled by SonicWall’s license manager service, and customers can add licenses through their MySonicWall accounts. Unregistered units support the default license allotment for their model, but the unit must be registered in order to activate additional licensing from MySonicWall.

License status is displayed in the SMA 500v Virtual Appliance management interface, on the Licenses & Registration section of the System > Status page.

Communication with the SonicWall Licensing Manager is necessary while using the SMA 500v Virtual Appliance, and requires Internet access.

If a user attempts to log in to the Virtual Office portal and there are no more available user licenses, the login page will display the error, “No more User Licenses available. Please contact your administrator.” The same error is displayed if a user launches the NetExtender client when all user licenses are in use. These login attempts are logged with a similar message in the log entries, displayed in the Log > View page. You can add user licenses if this occurs regularly. For occasional spikes in remote access needs, you can purchase a Spike License to temporarily increase the number of remote users your virtual appliance can support. See the SonicWall Secure Mobile Access Administrator’s Guide for more information.

To register your SMA 500v:
1
Log in to your SMA 500v. The System > Status page displays.
2
Navigate to the System > Licenses page.
3
Enter your MySonicWall.com account username and password in the appropriate fields. Click Submit.
4
The Administration section displays. Enter the Serial Number, Authentication Code, and Friendly Name for your SonicWall appliance. Click Submit to finish the registration process.
5
You have successfully registered your SMA 500v. Click Continue to view the Manage Licenses screen or continue configuring other settings within the appliance.

Using the 30-day Trial Version

The SMA 500v Virtual Appliance is offered in a 30-day Trial version. The installation, registration, and functionality of the 30-Day Trial appliance is the same as the full SMA 500v, except for differences noted below in Deployment Considerations. An email is sent from the SonicWall License Manager to warn you when your trial is near its expiration date.

To upgrade to the full version:

Purchase the full SMA 500v.
Export your settings from the 30-day Trial version.
Install and register the full SMA 500v.
Import your settings.

You must install the SMA 500v software before registering for your 30-Day Trial. For more information on obtaining the software, see Downloading the SMA 500v Virtual Appliance Software.

This section contains the following topics:

Deployment Considerations

The following is a list of deployment considerations for the 30-day Trial version:

The SMA 500v is disabled after 30 days.
A maximum of two concurrent users are allowed to login to the appliance.
Trial versions of Virtual Assist, Web Application Firewall, and ViewPoint are activated during registration.
No paid add-on licenses or services can be added.
Communication with the SonicWall Licensing Manager is required during the entire trial period.
It is recommended to save a copy of your appliance's configuration settings before upgrading to the actual version of the SMA 500v.
Virtual Assist includes only one technician license.
The elements of basic VMware structure must be implemented prior to deploying the SMA 500v.

Registering the 30-day Trial Virtual Appliance

This section details registration of the SonicWall 30-day Trial Virtual Appliance.

* 
NOTE: Before starting the registration process, contact SonicWall Sales to obtain your serial number and authorization code.
To register the 30-day Trial:
1
Log in to your SMA 500v.
2
Navigate to the System > Licenses page.

3
Click the Activate, Upgrade, or Renew services link.

4
Enter your MySonicWall account name and password, then click Submit.
5
Enter the Serial Number, Authentication Code, and a Friendly Name.
6
Click Submit.
7
When the registration confirmation page displays, click Continue.

Upgrading Your Appliance

This section contains the following topics:

Obtaining the Latest Image Version

To obtain a new SMA 500v image file for your security appliance:
1
Go to www.MySonicWall.com and connect to your MySonicWall account.
* 
NOTE: If you have already registered your SMA 500v and you selected to be notified when new firmware is available on the System > Settings page, you are automatically notified of any updates available for your model.
2
Copy the new SMA 500v image file to a directory on your management station. For the Virtual Appliance, this is a file such as:

sw_smavm_eng_8.6.0.0_tip_5sv_966392.sig

Exporting a Copy of Your Configuration Settings

Before beginning the update process, export a copy of your SMA 500v Virtual Appliance configuration settings to your local machine. The Export Settings feature saves a copy of your current configuration settings on your SMA 500v, protecting all your existing settings in the even that it becomes necessary to return a previous configuration state.

* 
NOTE: Exporting and Importing system configuration settings is supported when upgrading from a SonicWall SRA 4600 appliance to an SMA 500v.

To save a copy of your configuration settings and export them to a file on your local management station, click the Export Settings button on the System > Settings page and save the settings file to your local machine. The default settings file is named sslvpnSettings.zip.

* 
NOTE: To more easily restore settings in the future, rename the .zip file to include the version of the SMA 500v image from which you are exporting the settings.

Uploading a New Image

SMA 500v Virtual Appliances do not support downgrading an image and using the configuration settings file from a higher version. To downgrade to a previous version of a SMA 500v image, you must create a new Virtual Machine or load a snapshot taken earlier.

To upload a new SMA 500v Virtual Appliance image:
1
Download the SMA 500v image file and save it to a location on your local computer.
2
Select Upload New Firmware from the System > Settings page. Browse to the location where you saved the SMA 500v Virtual Appliance image file, select the file, and click the Upload button. The upload process can take up to one minute.
3
When the upload is complete, you are ready to reboot your SMA 500v with the new SMA 500v Virtual Appliance image. Do one of the following:
To reboot the image with current preferences, click the boot icon for New Firmware.
To reboot the image with factory default settings, click the boot icon for New Firmware and select the check box to Boot with factory default settings.
* 
NOTE: Be sure to save a backup of your current configuration settings to your local computer before rebooting the SonicWall SMA 500v Virtual Appliance with factory default settings, as described in the previous “Exporting a copy of your configuration settings” section.
4
A warning message dialog is displayed saying Are you sure you wish to boot this firmware? Click OK to proceed. After clicking OK, do not power off the device while the image is being uploaded to the hard disk.
5
After successfully uploading the image to your SMA 500v, the login screen is displayed. The updated image information is displayed on the System > Settings page.