Cheat Sheet: UTM Starting Guide

This article covers details about getting starting with UTM devices, common scenarios, issues and troubleshooting steps while setting up the device.

Here are some of the points to consider while getting started with SonicWall UTM firewall:

          Registration

• Register the device in mysonicwall.com 
• If there is no existing account, advise the customer to create a new account by visiting www.mysonicwall.com
  
  Accessing the firewall GUI 
• Connect the device and a PC as described in the below article to get access to the device GUI for you to be able to operate and configure settings 
  SonicWall Out Of The Box Setup
  
   Settings configuration
• Check if the device is replacing a 3rd party vendor firewall or SonicWall firewall 
• Check if customer is planning to Manually setup the device or needs to import settings
• If customer needs to import settings 
  >If it's from 3rd party firewall, use migration tool to import the compatible settings  migratetool.global.SonicWall.com - Keep the customer informed that it might not import all the configuration. 
  >If it's SonicWall firewall, ensure Device model and Firmware is compatible for migration as per the below support matrix article
  Can Settings Be Exported/Imported From One SonicWall To Another? (Support Matrix)
  >you can use either Migration tool or direct import option
  How To Import Settings On SonicWall ?
• If it's high Availability, make sure that both the devices are of same models and on same firmware before connecting them as HA pair 
  Here is an article for HA settings 
  How To Configure High Availability (HA)
  
  License Synchronization:
• In order to register the license on the firewall make sure customer has the mysonicwall account credentials under which the product is registered
• Follow the below article to register the license
  Registering Your SonicWall Security Appliance
• If license registration is failing with an error "please check DNS settings", ensure the firewall has Internet connectivity and has the DNS settings configured correctly on firewall under Device |DNS and it can resolve the licensemanager.sonicwall.com under Device | Diagnostics
• Perform destination based packet capture to the IP addres that is retrieved in the above step if it still fails
  
  
  Common Issues that might arise while setting up the device or migrating settings:
  
• Unable to access the GUI of the firewall 
  >If the PC is connected to x0 interface of the firewall make sure the PC ip is in the range 192.168.168.x/24 and UI IP is 192.168.168.168 for both gen6/7 tz and NSa 
  >If the PC is connected to management port of the NSA firewall make sure the PC IP  is in the range  192.168.1.254/24 and UI IP is 192.168.1.254
  
  
• Firewall is down after settings import
  >Make sure the device and firmware that the customer exported from is compatible with device and firmware on which it is imported.
  >If it's compatible, try to powercycle the device 
  >If the old device is accessible, collect TSR and check if there are firmware downgrades  - if firmware is downgraded the settings will be corrupted hence new device needs to be configured manually 
  >Try factory defaulting the unit and migrate settings using migration tool 
  >If the device is on older version, upgrade the firmware to the latest or known stable version before pushing the new device to production network
  
  
• Some of the articles related to basic configuration of the firewall 
  Popular SonicWall Firewall Configurations
  How To Create A Custom Zone On SonicWall Firewall?
  How To Configure Access Rules
  How Do I Restore A Backup Settings File From A SonicWall Firewall?
  Initial And Advanced Firewall Setup For High Security Environments
  How Can I Configure Sub-Interfaces?
  How To Configure A Physical Interface On SonicWall With Static IP
  Master KB - How Can I Configure My New SonicWall Firewall?