How can I deploy the SonicWall SRA Virtual appliance?
03/26/2020 40 25950
This article contains the installation procedures and configuration guidelines for deploying the SonicWall SRA Virtual appliance on a server on your network.
The SonicWall SRA Virtual appliance includes a software appliance, which has been pre-installed and pre-configured for VMware environments, and allows for the secure and easy development of SonicWall SRA solutions within a virtual environment.
The elements of basic VMware structure must be implemented prior to deploying the SonicWall SRA Virtual Appliance. The following VMware platforms are supported:
- ESXi 6.0
- ESXi 5.5
- ESXi 5.1
- ESXi 4.0 Update 1 (Build 208167 and newer)
- ESX 4.0 Update 1 (Build 208167 and newer)
You can use the following client applications to import the image and configure the virtual settings:
- VMware vSphere Provides infrastructure and application services in a graphical user interface for ESX/ESXi, included with ESX/ESXi. Provides Thick Provisioning when deploying a SonicWall SRA Virtual appliance.
The following are the minimum requirements for the SonicWall SRA Virtual appliance:
- 2 GB RAM - This is the minimum amount of RAM needed by the SonicWall SRA Virtual Appliance operating system to meet the product performance and capacity specifications. A smaller amount of RAM can be configured, but is not recommended.
- 1 CPU - This is the default number of CPUs provisioned in the SonicWall SRA Virtual Appliance. The minimum required number of CPUs is 1.
- 2 GB Hard Disk space.
- Internet access (for communication with SonicWall Licensing Manager).
The SonicWall SRA Virtual appliance is installed by deploying an OVA file to your ESX/ESXi server. Each OVA file contains all the necessary software components related to SonicWall SRA software. You can deploy the OVA files as needed for your SonicWall SRA Virtual Appliance environment. The SonicWall SRA Virtual appliance can be configured for a single server or in a distributed environment on multiple servers.
Download the SonicWall SRA Virtual Appliance Software
The SonicWall SRA Virtual Appliance software can be downloaded from mysonicwall.com. If you do not have a MySonicWall account, you can easily create one by following our guide How do I create a MySonicWall.com account?
Here's how to download the SRA Virtual appliance Software:
- Navigate to www.mysonicwall.com and log into your account.
- Click Downloads left-pane menu. The Download Center page displays.
- Click Free Downloads tab.
- Click Software Type drop-down list, and select the SRA SMB Virtual Appliance.
- In the Available Software list, click SRA SMB Virtual Appliance.
- Save the SRA SMB Virtual appliance image to your computer.
Install the SonicWall SRA Virtual Appliance
To perform a fresh install of the SonicWall SRA Virtual appliance using the vSphere client, perform the following steps:
- Download the following OVA file from MySonicWall to a system that is accessible to your ESX/ESXi server: sw_sslvpnsra-vm_eng_184.108.40.206_5.0.0_p_16sv_366709.signed.ova.
NOTE: Do not rename the OVA file.
- Launch vSphere and use it to log on to your ESX/ESXi server.
- From the Home screen, click the Inventory icon to display the virtual appliances running on your ESX/ESXi server.
- To begin the import process, click File and select Deploy OVF Template.
- In the Source screen of the Deploy OVF Template window, select either Deploy from file or Deploy from URL.
- For Deploy from file, click Browse and then select the OVA file to import.
- For Deploy from URL, type the URL of the OVA file. Click Next.
- In the OVF Template Details screen, verify the information about the selected file. To make a change, click the Source link to return to the Source screen, and select a different file. To continue, click Next.
- In the End User License Agreement screen, read the agreement, and click Accept. Then, click Next.
- In the Name and Location screen, enter a descriptive name for the virtual appliance in the Name field.
- Select the desired location in the Inventory Location field. Click Next.
- If using ESXi4, in the Disk Format screen, select either Thin provisioned format or Thick provisioned format. Thick provisioned format allocates the maximum storage space on disk immediately, while Thin provisioned allocates a small amount immediately and allocates extra storage as needed, up to the maximum.
If using ESXi5, in the Disk Format screen, select:
Thick Provision Lazy Zeroed - Thick provisioned Lazy Zeroed format allocates the maximum storage space on disk immediately, but the blocks aren't actively zeroed out.
Thick Provision Eager Zeroed - Thick provisioned Eager Zeroed format allocates the maximum storage space on disk immediately and all allocated blocks are immediately zeroed out. Eager zeroing is slightly faster than Lazy zeroing because it doesn't have to periodically zero out blocks when more storage is needed.
Thin Provision - Thin provisioned format allocates a small amount immediately and allocates extra storage as needed, up to the maximum.
- In the Network Mapping screen, map the networks used in the OVF template to networks in your inventory.
- In the Ready to Complete section, review and verify the displayed information. To begin the deployment with these settings, click Finish. Otherwise, click Back to navigate back through the screens to make a change.
- When the deployment is completed, click Close in the Deployment Completed Successfully dialog box.
- The name of the new SonicWall SRA Virtual Appliance appears in the left pane of the vSphere window.
Powering the Virtual Appliance On
There are multiple ways to power the SonicWall SRA Virtual Appliance on or off:
- Right-click the SonicWall SRA Virtual appliance in the left pane and navigate to Power | Power On or Power | Power Off in the right-click menu.
- Select the SonicWall SRA Virtual appliance in the left pane and then click Power on the virtual machine or Shut down the virtual machine on the Getting Started tab in the right pane.
- Select the SonicWall SRA Virtual appliance in the left pane and then click Power On or Shut down guest on the Summary tab in the right pane.
Configuring Interface IP and Route Settings on the Console
After powering on the SonicWall SRA Virtual appliance, perform the following steps to open the console and configure the IP address and default route settings:
- In vSphere, right-click the SonicWall SRA Virtual appliance in the left pane and select Open Console in the right-click menu.
- When the console window opens, click inside the window, type admin at the Login prompt and hit Enter. Then, type password at the Password prompt and hit Enter. The SNWLCLI> prompt is displayed.
- Configure the local IP address for the virtual appliance with the command:
- Configure the DNS with the command:
- Configure the default route for the virtual appliance with the command:
route --add default -- destination
You can test connectivity by pinging another server or your main gateway,
EXAMPLE: ping Press Ctrl+c to stop pinging.
- Type exit to exit the CLI. Close the console window by clicking the X.
Using the Command Line Interface (CLI)
The Command Line Interface (CLI) is a text-only mechanism for interacting with a computer operating system or software by typing commands to perform specific tasks. It is a critical part of the deployment of the SRA Virtual Appliance, where basic networking needs to be configured from the console.
While the SRA 1200 and 4200 physical appliance products have a default IP address and network configuration that requires a client's network settings to be reconfigured to connect, the network settings in the VMware virtual environment might conflict with the SonicWall defaults. The CLI utility remedies this by allowing basic configuration of the network settings when deploying the SRA Virtual Appliance.
- After the Virtual Appliance firmware has fully booted, the a login prompt is displayed. If the Virtual appliance was created with SRA 220.127.116.11 or earlier, the login prompt looks like this:
- If the Virtual Appliance was created with SRA 18.104.22.168 or later, the login prompt looks like this:
- To access the CLI, login as admin. The password is the same as the password for the admin account configured on the appliance.The default is password.
- If the incorrect password is entered, the login prompt is displayed again. If the correct password is entered, the CLI is launched.
- Basic system information and network settings are displayed along with the main menu. The main menu has four selections:
- Setup Wizard
- Restart SSL-VPN Services
- This option launches a simple wizard to change the basic network settings, starting with the X0 IP Address, X0 subnet mask, default gateway, primary and secondary DNS, and the hostname. The following CLI output illustrates an example where each field is changed:
- If a field is not filled out, the prior value is retained, allowing you to change only a single field. After each field has been prompted, the new network settings are shown and a confirmation message is given for the user to review and verify the changes before applying them. The following shows the result when you save the changes:
- After saving the changes, press Enter to return to the original display of the System Information and Network Settings. Verify that the changes have taken effect.
- If no changes are saved, a message displays. Pressing Enter returns to the initial display of the System Information and Network settings.
Configuring Settings on the Appliance Web Interface
This section provides procedures to configure the remaining appliance settings as you would for the SonicWall SRA hardware appliance.
To complete the host configuration
- Launch a browser and enter the URL of the virtual appliance.
- On the appliance interface login page, type in the default credentials and then click Login.
The default credentials are:
user - admin
password - password
After you login, the SRA management interface is displayed.
- Configure your setting for the SonicWall SRA Virtual appliance.
CAUTION: If high latency and low throughput occurs on the device make sure to add VMXNET3 to your VMware platform and change the Network Adapter for the instance to VMXNET3