Suggested tips when allowing access to SonicWall web management

To enhance the security of administrative sessions, SonicWall recommends administrators to limit SonicOS management access to trusted management sources by modifying the existing SonicOS Web management rules (HTTPS/HTTP Management) to allow management access only from trusted IP addresses. Administrators with firewalls under GMS management should push these rule updates to the firewalls through the GMS interface.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

1. Login to the SonicWall management GUI.
2. Navigate to Objects | Match Objects | Address objects.
3. Create address objects of trusted IP addresses. The following screen captures are only examples.
   
   
   
   
   
   
   
   
   
   
4. Create an address group containing the newly created address objects. In the example below it is named as Trusted Management Sources.
   
   
   
   
5. Navigate to Policy | Rules and Policies | Access rules. By default we see all rules.
6. Edit each rule with Service as HTTP Management or HTTPS management and change the source to the newly created address group Trusted Management sources.

NOTE: By default we cannot edit default access rules. Refer to the following KB article to enable editing default access rules. How To Enable the Ability To Remove and Fully Edit Auto-added Access Rules.

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

1. Login to the SonicWall management GUI
2. Navigate to MANAGE|Objects|Address Objects.
3. Create address objects of trusted IP addresses. The following screen captures are only examples.
   
                    
   
   
                                             
   
   
4. Create an address group containing the newly created address objects. In the example below it is named as Trusted Management Sources.
   
   
5. Navigate to MANAGE|Rules|Access Rules. By default we see ALL Rules.
6. Edit each rule with Service as HTTP Management or HTTPS Management and change the source to the newly created address group Trusted Management Sources.