- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
SonicWall WAN Acceleration (WXA) Deployment Modes
03/26/2020 
39 People found this article helpful
44,411 Views
Description
Configure DHCP scope for SonicWall WXA to obtain IP address ( Static IP address is not supported), Domain Name, Internal DNS Server for SonicWall WXA to use for provisioning; joining the domain, setting up File Shares
Make sure that proper access rules are in place for SonicWall WXA Appliance to talk to internal Domain Controllers, DNS Servers, File Servers and other servers
SonicWall WXA Supports :
a) TCP Acceleration - Need to explicitly define what networks' traffic should be accelerated in the below described deployment modes
b ) WFS Windows File Sharing Acceleration - When doing Windows File Sharing, user EXPLICITLY accesses Share name that is Mapped to SonicWall WXA Appliance and not the real File Share
Ex: \WXA-Test instead of \FileServer1
Following are the deployment modes where SonicWall WAN Acceleration devices can be deployed in conjunction with SonicWall UTM Appliances to optimize TCP Acceleration
Typical deployment involves two Appliances between Headquarters and remote offices to accelerate traffic
1. Site-Site VPN - IPsec/Tunnel Mode
--- Most common deployments use Site-Site VPN Traffic to be accelerated and involve 2 SonicWall WXA Appliances (one at each end of Site-Site VPN ) and 2 Managing SonicWall UTM appliances
2. Routed Mode - Using Route Statements
---Involves 2 SonicWall WXA Appliances and 2 Managing SonicWall UTM appliances. In this mode, Source and Destination traffic that is specified in the Route Statements are accelerated. This type of TCP acceleration is typically used in a private MPLS scenario .Each end requires that these route statements are in place.
3. Layer 2 Bridge Mode
-- In this mode, typically route statements with source and destination networks with TCP acceleration needs to be enabled.
TCP Acceleration uses transparent TCP Proxy. User has to tell the managing SonicWall Appliance what Network traffic needs to be sent to SonicWall WXA Appliance for TCP acceleration
If using Site-Site IPSec VPN, by default if you enable TCP Acceleration on a VPN Policy, UTM chooses the local and destination network defined for TCP acceleration
If using Site-Site Tunnel Interface VPN, when defining route statements, you can specify if the traffic should be subjected to TCP Acceleration
If using regular Layer 2 bridge or route mode, when defining route statements, you can specify if the traffic should be subjected to TCP Acceleration
NOTE: In Site-Site VPN Policy, Route Mode or Layer 2 bridge mode, there is no need to include SonicWall WXA Appliance Subnets in VPN policy or route statements. This is true for both TCP acceleration and WFS Acceleration (Windows File Sharing).
Related Articles
- How can I configure a VPN between a SonicWall firewall and Microsoft Azure?
- Supported Public Cloud Servers/Instance Sizes on SonicWall NSv Series Models
- How to force an update of the Security Services Signatures from the Firewall GUI
YES
NO