• SonicOS NSv 7
• Introducing the NSv Series
  • Feature Support Information
  • Product Matrix and Requirements
  • Backup and Recovery Information
  • Exporting and Importing Firewall Configurations
  • Github Repository
  • Upgrading from SonicOS 6.5
  • Upgrading to a Higher Capacity NSv Model
  • Creating a MySonicWall Account
• Installing SonicOS on the NSv Series
  • Supported NSv Models
  • Resizing NSv Virtual Machine
  • Task List for NSv Instance Setup
  • Deploying AWS from Console
  • Deploying AWS from Cloud Template
  • Accessing the SonicWall NSv Web Interface
  • Forwarding Traffic to your NSv
  • Configuring Internet/Public Access Through the NSv
  • SonicWall Nsv Firewall on AWS GovCloud
    • Deploying AWS Government Cloud from Console
    • Configuring Security Profile
    • Applying Security Services on Policies in NSv for Outbound Traffic
    • Deploying Windows 10 from Console
    • Creating a Security Policy and NAT Policy for Inbound RDP to the VM
  • Troubleshooting Installation Configuration
    • Insufficient Memory Assignment
    • PAYG Installation Errors
• Licensing and Registering Your NSv
  • Registering the NSv Virtual Machine as BYOL from SonicOS
  • Registering the NSv Virtual Machine as PAYG
• SonicOS Management
  • Managing SonicOS on the NSv Series
  • Using System Diagnostics
• Using the Virtual Console and SafeMode
  • Connecting to the Management Console with SSH
  • Navigating the NSv Management Console
    • System Info
    • Management Network or Network Interfaces
    • Test Management Network
    • Diagnostics
    • NTP Server
    • Lockdown Mode
      • Temporary Lockdown Mode
    • System Update
    • Reboot | Shutdown
    • About
    • Logs
  • Using SafeMode on the NSv
    • Enabling SafeMode
    • Disabling SafeMode
    • Configuring the Management Network in SafeMode
      • Configuring Interface Settings
      • Disabling an Interface
  • Using the SafeMode Web Interface
    • Accessing the SafeMode Web Interface
    • Entering/Exiting SafeMode
    • Locking and Unlocking the Management Console
    • Downloading the SafeMode Logs
    • Uploading a New Image in SafeMode
• SonicWall Support
  • About This Document

Deploying AWS from Console

To deploy NSv from the console, follow these steps

1. Log into the AWS Console.

   1. Go to the AWS management console at https://aws.amazon.com.

   2. Log into the AWS management console.

   3. From the Services menu select EC2.

      

   4. Select the AWS region into which you want to deploy.

      

2. Configure a VPC

   The virtual machine can be deployed on a new or existing VPC. Refer to the AWS documentation on how to create a VPC at: https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html.

3. Follow these steps to launch the SonicWall NSv:

   1. From the EC2 Dashboard select Launch Instance.

      

   2. From the menu click AWS Marketplace and enter SonicWall NSv into the Search box.

   3. Click Select next to the SonicWall NSv (Firewall/Security/VPM/Router).

      This procedure applies to both BYOL and PAYG installations.

   4. Select the Instance Type corresponding to the SonicWall NSv model you require.

      For guidance, refer to Product Matrix and Requirements and Supported NSv Series Models on AWS. Choose instance size from the table displayed:

      

      NSv Models and Image Types

      SonicWall NSv Model	NSv EC2 Instance Type
      NSv 270	c5.large
      NSv 470	c5.xlarge
      NSv 870	c5.2xlarge

   5. Click Configure Instance Details. From the Network drop-down menu select a VPC to deploy the virtual machine on. Select the subnet that is to be the public or WAN interface (X1) of the virtual machine.

      

   6. To add additional Elastic Network Interfaces click Add Device. The virtual machine MUST at minimum have two ENI attached. The ENI interfaces MUST be on separate subnets and both subnets must be in the same Availability Zone. If these subnets are not in the same Availability Zone you will not see the subnet you have planned to use for ENI eth1 in the Subnet drop-down menu. The eth0 ENI device is connected to the SonicWall NSv X1 interface that is the public interface. The eth1 ENI device is connected to the SonicWall NSv X0 interface that is the private interface.

      

   7. Accept the default storage options by clicking Add Storage.

   8. Click Add tags. Add metadata to the instance configuration to assist in identifying the SonicWall NSv instance.

   9. Click Configure Security Group. At minimum, allow SSH and HTTPS from a predefined source.

      

   10. Click Review and Launch. Review the instance details.

   11. Click Launch. You are prompted to select either Key-Pair or Create a new key pair. Ensure you have access to the key pair.

       

   12. Click Launch Instances to deploy the SonicWall NSv instance. Deployment takes between 5 to 8 minutes. You can monitor the progress by viewing the instance in the EC2 Dashboard.

4. Disable source/destination checking:

   1. Select Network interfaces on the Networking tab.

   2. Choose the interface ID to go to the network interfaces page.

   3. Select Choose Actions, Networking, Change source/destination check.

   4. Clear the Enable , and click Save.

5. Change Routing Tables:

   1. Change your LAN routing table to add a route with Destination 0.0.0.0/0 with Target to NSv's LAN Interface. This routes all your LAN traffic to the NSv X0 interface.

      

   2. Change your WAN routing table to add a route with Destination 0.0.0.0/0 with Target to your Internet Gateway (igw-xxxxx). This route's NSv WAN traffic to the Internet Gateway (IGW).

      

6. To assign an Elastic IP, follow these steps:

   1. From the EC2 Dashboard left menu select Elastic IPs.

   2. Right-click on a free Elastic IP and select Associate. If no Elastic IPs are available, then click Allocate new address.

      

   3. Choose the Resource type and Network Interface. From the Network Interface drop-down menu, choose the first ENI (eth0) connected to the SonicWall NSv Instance. That is the ENI connected to the public subnet. Refer to Instance details page to help identify the ENI.

      

   4. Click Associate. This IP address can now be used to connect to the SonicWall NSv web management interface.

7. Connect to the virtual machine web management interface:

   1. Now that you have associated an Elastic IP to the SonicWall NSv instance, you are able to connect to the web management interface by entering the IP address into your browser.

      

   2. Enter the username admin and the password, which is the AWS instance ID of the newly created SonicWall NSv instance such as i-02axxxxxxxxxxxxxx given by your SonicWall representative.

After logging in you should proceed to registering your SonicWall NSv virtual machine, see Licensing and Registering Your NSv.