-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How to switch from non-config mode to full configuration mode while accessing SonicWall Management
10/14/2021 
1,074 People found this article helpful
491,078 Views
Description
How to switch from non-config mode to full configuration mode while accessing SonicWall Management Interface in SonicOS Enhanced?
Resolution
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Overview / Scenario:
SonicOS Enhanced release 4.0 introduced support for multiple concurrent administrators. This feature allows for multiple users to log-in with full administrator privileges. In addition to using the default admin user name, additional administrator usernames can be created.
Because of the potential for conflicts caused by multiple administrators making configuration changes at the same time, only one administrator is allowed to make configuration changes. The additional administrators are given full access to the GUI, but they cannot make configuration changes.
Configuration Modes
In order to allow multiple concurrent administrators, while also preventing potential conflicts caused by multiple administrators making configuration changes at the same time, the following configuration modes have been defined:
• Configuration mode - Administrator has full privileges to edit the configuration. If no administrator is already logged into the appliance, this is the default behavior for administrators with full and limited administrator privileges (but not read-only administrators).
Note: Administrators with full configuration privilege can also log in using the Command Line Interface (CLI).
• Read-only mode - Administrator cannot make any changes to the configuration, but can view the browse the entire management UI and perform monitoring actions. Only administrators that are members of the SonicWall Read-Only Admins user group are given read-only access, and it is the only configuration mode they can access.
• Non-configuration mode - Administrator can view the same information as members of the read-only group and they can also initiate management actions that do not have the potential to cause configuration conflicts.
Procedure:
Only administrators that are members of the SonicWall Administrators user group can access non-configuration mode. This mode can be entered when another administrator is already in configuration mode and the new administrator chooses not to preempt the existing administrator. By default, when an administrator is preempted out of configuration mode, he or she is converted to non-configuration mode.
To switch from non-config mode to full configuration mode, perform the following steps:
Step 1: Click Manage in the top navigation menu.
Step 2: Navigate to the System Setup | Appliance | Base Settings page.
Step 3: In the Web Management Settings section, click on the Configuration mode button. If there is not currently an administrator in configuration mode, you will automatically be entered into configuration mode.
Step 3: If another administrator is in configuration mode, the following message displays.
Step 4: Click the Config button to enter configuration mode. The current administrator is converted to read-only mode and you are given full administrator access.
Viewing Multiple Administrator Related Log Messages
Log messages are generated for the following events:
• A GUI or CLI user begins configuration mode (including when an admin logs in).
• A GUI or CLI user ends configuration mode (including when an admin logs out).
• A GUI user begins management in non-config mode (including when an admin logs in and when a user in configuration mode is preempted and dropped back to read-only mode).
• A GUI user begins management in read-only mode.
• A GUI user terminates either of the above management sessions (including when an admin logs out).
See Also:
UTM: How Does Multiple Administrators Support Work in SonicOS Enhanced?
UTM: How to Configure Additional Administrators User Profiles in SonicOS Enhanced?
UTM: How to Configure Additional Administrators Locally when Using LDAP or RADIUS in SonicOS Enhanced?
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Overview / Scenario:
SonicOS Enhanced release 4.0 introduced support for multiple concurrent administrators. This feature allows for multiple users to log-in with full administrator privileges. In addition to using the default admin user name, additional administrator username can be created.
Because of the potential for conflicts caused by multiple administrators making configuration changes at the same time, only one administrator is allowed to make configuration changes. The additional administrators are given full access to the GUI, but they cannot make configuration changes.
Configuration Modes
In order to allow multiple concurrent administrators, while also preventing potential conflicts caused by multiple administrators making configuration changes at the same time, the following configuration modes have been defined:
• Configuration mode - Administrator has full privileges to edit the configuration. If no administrator is already logged into the appliance, this is the default behavior for administrators with full and limited administrator privileges (but not read-only administrators).
Note: Administrators with full configuration privilege can also log in using the Command Line Interface (CLI).
• Read-only mode - Administrator cannot make any changes to the configuration, but can view the browse the entire management UI and perform monitoring actions. Only administrators that are members of the SonicWall Read-Only Admins user group are given read-only access, and it is the only configuration mode they can access.
• Non-configuration mode - Administrator can view the same information as members of the read-only group and they can also initiate management actions that do not have the potential to cause configuration conflicts.
Procedure:
Only administrators that are members of the SonicWall Administrators user group can access non-configuration mode. This mode can be entered when another administrator is already in configuration mode and the new administrator chooses not to preempt the existing administrator. By default, when an administrator is preempted out of configuration mode, he or she is converted to non-configuration mode. On the System > Administration page, this behavior can be modified so that the original administrator is logged out.
To switch from non-config mode to full configuration mode, perform the following steps:
Step 1: Navigate to the System > Administration page.
Step 2: In the Web Management Settings section, click on the Configuration mode button. If there is not currently an administrator in configuration mode, you will automatically be entered into configuration mode.
Step 3: If another administrator is in configuration mode, the following message displays.
Step 4: Click the Continue button to enter configuration mode. The current administrator is converted to read-only mode and you are given full administrator access.
Viewing Multiple Administrator Related Log Messages
Log messages are generated for the following events:
• A GUI or CLI user begins configuration mode (including when an admin logs in).
• A GUI or CLI user ends configuration mode (including when an admin logs out).
• A GUI user begins management in non-config mode (including when an admin logs in and when a user in configuration mode is preempted and dropped back to read-only mode).
• A GUI user begins management in read-only mode.
• A GUI user terminates either of the above management sessions (including when an admin logs out).
See Also:
UTM: How Does Multiple Administrators Support Work in SonicOS Enhanced?
UTM: How to Configure Additional Administrators User Profiles in SonicOS Enhanced?
UTM: How to Configure Additional Administrators Locally when Using LDAP or RADIUS in SonicOS Enhanced?
Source: SonicOS Enhanced 5.0 Multiple Administrators Feature Module
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > SonicWall NSA Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > TZ Series
YES
NO