• SonicOS NSv 7
• Introducing the NSv Series
  • Feature Support Information
  • Product Matrix and Requirements
  • Backup and Recovery Information
  • Exporting and Importing Firewall Configurations
  • Github Repository
  • Upgrading from SonicOS 6.5
  • Upgrading to a Higher Capacity NSv Model
  • Creating a MySonicWall Account
• Installing SonicOS on the NSv Series
  • Supported NSv Models
  • Resizing NSv Virtual Machine
  • Task List for NSv Instance Setup
  • Deploying AWS from Console
  • Deploying AWS from Cloud Template
  • Accessing the SonicWall NSv Web Interface
  • Forwarding Traffic to your NSv
  • Configuring Internet/Public Access Through the NSv
  • SonicWall Nsv Firewall on AWS GovCloud
    • Deploying AWS Government Cloud from Console
    • Configuring Security Profile
    • Applying Security Services on Policies in NSv for Outbound Traffic
    • Deploying Windows 10 from Console
    • Creating a Security Policy and NAT Policy for Inbound RDP to the VM
  • Troubleshooting Installation Configuration
    • Insufficient Memory Assignment
    • PAYG Installation Errors
• Licensing and Registering Your NSv
  • Registering the NSv Virtual Machine as BYOL from SonicOS
  • Registering the NSv Virtual Machine as PAYG
• SonicOS Management
  • Managing SonicOS on the NSv Series
  • Using System Diagnostics
• Using the Virtual Console and SafeMode
  • Connecting to the Management Console with SSH
  • Navigating the NSv Management Console
    • System Info
    • Management Network or Network Interfaces
    • Test Management Network
    • Diagnostics
    • NTP Server
    • Lockdown Mode
      • Temporary Lockdown Mode
    • System Update
    • Reboot | Shutdown
    • About
    • Logs
  • Using SafeMode on the NSv
    • Enabling SafeMode
    • Disabling SafeMode
    • Configuring the Management Network in SafeMode
      • Configuring Interface Settings
      • Disabling an Interface
  • Using the SafeMode Web Interface
    • Accessing the SafeMode Web Interface
    • Entering/Exiting SafeMode
    • Locking and Unlocking the Management Console
    • Downloading the SafeMode Logs
    • Uploading a New Image in SafeMode
• SonicWall Support
  • About This Document

Creating a Security Policy and NAT Policy for Inbound RDP to the VM

To add address object for Windows 10 VM

1. Navigate to the Object > Match Objects > Addresses page .

2. Click +Add at the top of the page.

   The Address Object Settings dialog displays.

   

3. Enter a friendly description such as Win10-VM-A 172.x.y.z for the server’s private IP address in the Name field.

4. Select the LAN to the server from the Zone Assignment drop-down menu.

5. Choose Host from the Type drop-down menu.

6. Enter the 172.x.y.z IP address in the IP Address field.

7. Click Save.

To add Security policy

1. Navigate to Policy > Rules and Policies > Security Policy.

   The Security Policy page is displayed.

2. Choose WAN to LAN in Zone Matrix Selector.

3. From the bottom of the Security Policy table, click Add.

   The Adding Rule page is displayed.

   

4. Enter the policy Name and any identifying Tags you would like to enter to help sort your policies.

5. Enter a Description of the policy and its intent.

6. Select an Action, whether to Allow, Deny, or Discard access.

7. Specify the IP version in Type, IPv4 or IPv6.

8. Set your Security Policy's Priority.

9. Specify when the rule is applied by selecting a schedule or Schedule Group from the Schedule drop-down menu.

10. Click Enable to activate the policy schedule and enable logging.

11. In the Source/Destination select the following:

    	Source	Destination
    Zone/Interface	WAN	LAN
    Address	Any	X1 IP
    Port/Services	Any	Terminal Services

12. Click Save.

To add NAT Policy

1. Navigate to Policy > Rules and Policies > Security Policy.

   The NAT Policy page is displayed.

2. From the bottom of the Security Policy table, click Add.

   The Adding Rule page is displayed.

   

3. Enter the policy Name and any identifying Tags you would like to enter to help sort your policies.

4. Enter a Comment of the policy and its intent.

5. Set your Original/ Translated.

   1. Under Original select the following:

      Source	Any
      Destination	X1 IP
      Service	Terminal Services
      Inbound Interface	X1
      Outbound Interface	Any

   2. Under Translated select the following:

      Source	Original
      Destination	Win10-VM-A 172.x.y.z
      Service	Original

6. Click Save.

In Remote Desktop Connection, run the VM using the same Elastic public IP used for logging into the NSv web interface, and the VM can get to the internet through the NSv firewall.