• Secure Mobile Access 12.4
• About This Guide
• CMS Configuration
  • Introduction to CMS
    • Overview
    • CMS Deployment Options
    • What’s New in This Release
      • Global Policy Settings
      • CMS Alerts Logging
    • Central Management Server
    • Central Management Console
    • Managed Appliances
    • Licensing CMS
    • Central User Licenses
    • Global Traffic Optimizer
    • FIPS and CMS
    • Getting Started in Five Steps
  • Installing and Configuring the Central Management Server
    • Overview
    • Kernel based Virtual Machine
    • Supported Platforms for CMS with Global HA
    • Hardware Resource Requirements
    • Installation Files
    • Setting Up a CMS
  • Configuring Appliances for Central Management
    • Overview
    • Firmware Compatibility with the CMS
    • Enabling Central Management on SMA Appliance
    • Registering an SMA Appliance with the CMS
    • Previously Configured Appliances
  • Using the Management Console Menus
    • Overview
    • Dashboard
      • Alerts
      • Appliances Pane
      • Appliance Load
      • Central License Usage Pane
      • About Pane
    • Management Server
      • Alerts
        • View Alerts
        • Configure Alerts
        • Notification
      • Configure
        • Central Management Settings
        • CMS Address Pool
        • Licensing
        • Administrators
          • General Settings
        • Network Settings
        • SSL Settings
        • Services
          • Manage SSH settings from CMS
      • Monitor
        • Configure the logging setting for Managed appliances
      • Maintain
    • Managed Appliances
      • Add/Remove
      • Configure
        • Overview
        • Configuring the Managed Appliances
          • Define Policy
          • Synchronize
        • Support multiple policies with CMS and shared licensing
          • Applying authentication servers to specific appliance
          • Applying SMTP configuration service to specific appliance
          • Applying SMS service to specific appliance
          • Applying realms to a subset of appliance
          • Assign rules to a subset of appliances
          • Support multiple GTO services
      • Monitor
        • User Sessions
        • Reports
        • Health
      • Maintain
  • Central User Licensing
    • Overview
    • How Central User Licenses Work
      • Central Spike User Licenses
      • Central Email Licenses
      • Perpetual Pooled Licenses
    • Enabling Central User Licensing
    • Getting Started with Central User Licensing
      • Setting Up CMS to Use Central User Licenses
      • Setting up CMS for Centralized Appliance Configuration and Management
      • Resetting a CMS License
  • Global High Availability
    • High Availability of the VPN Service
    • High Availability of the CMS
    • Disaster Recovery for the VPN Service
  • Alerts and SNMP
    • Overview
    • Pre-Configured Alerts
    • Configuring SNMP
  • Capture Advanced Threat Protection
    • Enabling Capture ATP
    • File Options
    • Web Services
    • Advanced Settings
  • Central FIPS Licensing
• Global High Availablity
  • Introduction to Global HA and GTO
  • Planning GTO Deployment
    • Choosing a Deployment Model
    • Minimizing Configuration Differences
    • GTO Service Names and DNS Delegations
    • Provisioning Certificates
      • Let's Encrypt
      • Adding Certificates to SMA Appliances
      • Generating a Certificate Signing Request (CSR)
      • Importing SSL Certificates
  • Setting up GTO
    • Setting up the CMS and SMA appliances
    • Enabling GTO service for managed appliances with the CMS
    • Setting up a Basic GTO Service
    • Monitoring and Configuring GTO
    • Defining the Central Policy
  • Extending GTO Deployment
    • Enabling Cached Credentials
    • Additional Deployment Notes
• SonicWall Support
  • About This Document

Central Management Settings

Use the Central Management Settings option to configure CMS location, Central User Licensing, Global Traffic Optimizer, and Policy Synchronization.

To configure the Central Management Settings

1. Navigate to Management Server > Configure.

2. Click on Central Management.

   The Central Management page displays.

3. Under Locale, select your Country or region and enter your Location.

4. Under Central User Licensing, select Enable central user licensing. The current CMS license will support 50 users and 50 email users across all appliances.

5. Under Global Traffic Optimizer Service, select Users connect to this global high availability service from anywhere in the world and are routed to a nearby appliance.

   Central User Licensing must be enabled to activate the Global Traffic Optimizer service.

   

6. Under Policy Synchronization, select Enable pushing policy configuration from this server to managed appliances . This feature is recommended so that users will have a consistent experience on all GTO-enabled appliances and the required Address Pools option.

7. Under Address Pools, select one of the following:

   • All appliance address pool settings configuration is controlled by the central policy on the CMS (recommended).
   • Each appliance has its own address pool configuration (not recommended).

   For configuring CMS address pool and to use convert address pool option, refer to CMS Address Pool.

8. Under Authentication Servers, select one of the following:
   • Appliance share the same authentication servers.
   • Each appliance has its own authentication server and OTP settings.

   

9. Under Other Service, select the following services:

   Once the configurations are saved and pushed, a warning message is displayed indicating that the settings are pushed to CMC or overwritten on synchronization with AMC.

   1. Enable the synching of settings for the services by selecting the checkbox.

   2. For fresh installation, the four service options (SSH, Syslog, NTP, and Ping (ICMP)) are enabled. For upgrade or import, these options are disabled.

   Service Option	Description
   Secure Shell (SSH)	Includes SSH service enabled/disabled, allowed remote hosts, and authorized keys.
   Syslog	Includes the syslog servers to which all log information is sent.
   NTP	Includes NTP service enabled/disabled and NTP servers.
   Ping (ICMP)	Includes ping (ICMP) enabled/disabled and supported network interfaces (internal, external, or both).

10. Under Advanced, in the Pool IP field, enter the CMS IP address that is reachable by managed appliances.

    This is required only if the CMS internal address is not reachable by managed appliances.

    

11. Click Save.