How can I enable or disable SonicWall firewall management access?

12/09/2024 554 People found this article helpful 509,077 Views

Description

If there is a need to enable remote management of the SonicWall security appliance for an interface, enable the supported management service(s): HTTP, HTTPS, SSH, Ping, and SNMP. Also there is options to allow only the authorized Internet IP address(es) to hit the SonicWall on its management service(s). This type of restriction wouldn't provide SonicWall access for non-authorized Internet address(es).

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

Creating address objects for Internet Hosted Address with zone type WAN

- Create an Address Object or group which contains the IP or list of IP addresses to which you want to give access to the management services of firewall.

Click 170504660027820 to get instructions on creating address object / group.

Enabling the management services on WAN interface of SonicWall.

Navigate to Network | System | Interfaces page in the SonicWall GUI.
Click Configure option of the WAN interface.
In General tab, enable the check boxes HTTP, HTTPS, Ping, SNMP and SSH under Management. (If only HTTPS management is required then enable only HTTPS)
Click OK.

Enforcing the address object / group to the WAN to WAN management access rules

Navigate to Policy | Rules and Policies | Access Rules page in the SonicWall GUI.
Click on Matrix icon and select on WAN to WAN.
Click on the Configure option of the management rules.
Choose the newly created or existing address object / group in the Source Address field of the access rule and click Save.
Below screenshot depicts that the management access rules were applied with specific source addresses instead of Any.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

Creating address objects for Internet Hosted Address with zone type WAN

Click 170504660027820 to get instructions on creating address object / group.

Enabling the management services on WAN interface of SonicWall.

Navigate to Manage | System Setup | Network | Interfaces page in the SonicWall GUI.
Click Configure option of the WAN interface.
In General tab, enable the check boxes HTTP, HTTPS, Ping, SNMP and SSH under Management.(If only HTTPS management is required then enable only HTTPS)
Click OK.

Enforcing the address object / group to the WAN to WAN management access rules

Navigate to Manage | Policies | Rules | Access Rules page in the SonicWall GUI.
Choose view style as Matrix and click on WAN to WAN matrix button.
Click on the Configure option of the management rules.
Choose the newly created or existing address object / group in the Source field of the access rule.
Below screenshot depicts that the management access rules were applied with specific source addresses instead any.