SonicWall NSM FQDN And IP List

08/17/2020 48 People found this article helpful 25,024 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

When a firewall is added manually to NSM (Network Security Manager) the firewall acquisition fails on NSM with ‘Network down or Unit cannot be reached’ error as WAN IP used by  NSM back-end is not the same as the resolved NSM fully qualified domain name (FQDN).

Cause

There is a WAN > WAN rule created on the firewall which allows HTTPS management access to the firewall from NSM. In many cases customer may lock down the access rule to NSM IP only which may prevent firewall acquisition on NSM.

Resolution

Allow access to following NSM FQDN / IPs based on the CSC location to resolve the firewall acquisition issue.

For Oregon AWS Colo:

• FQDN: nsm-uswest.sonicwall.com (Use it in GMS settings under Administration Page)
• Zero Touch FQDN: nsm-uswest-zt.sonicwall.com (Use it in ZeroTouch Settings under Diag page)
• Added below IPs in WAN Management access from WAN>WAN access rule

                13.227.130.81

13.227.130.63

13.227.130.69

13.227.130.12               

52.39.29.75

44.233.105.101

   44.227.248.206

For AWS-FRA Colo:

• FQDN: nsm-eucentral.sonicwall.com (Use it in GMS settings under Administration Page)
• Zero Touch FQDN: nsm-eucentral-zt.sonicwall.com (Use it in ZeroTouch Settings under Diag page)
• Added below IPs in WAN Management access from WAN>WAN access rule

                13.227.130.70

                13.227.130.69

                13.227.130.15

                13.227.130.92

                18.156.16.24

                18.157.240.148

 3.127.176.56

Related Articles

• How to check if my firewall is reporting data?
• Difference between NSM Essential and NSM Advanced License and CSC License Migration.
• What FQDN's and IP's are used by SonicWall products to update their services?

Categories

• Capture Security Center > Management