SonicOS 7.0 Objects
- SonicOS 7.0
- Match Objects
- Zones
- How Zones Work
- Default Zones
- Security Types
- Allow Interface Trust
- Effect of Wireless Controller Modes
- Zones Overview
- The Zones Page
- Adding a New Zone
- Adding a New Zone in Policy Mode
- Adding a New Zone in Classic Mode
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Cloning a Zone
- Editing a Zone
- Deleting Custom Zones
- Addresses
- Addresses Page
- About UUIDs for Address Objects and Groups
- Working with Dynamic Address Objects
- Services
- URI Lists
- Schedules
- Dynamic Group
- Email Addresses
- Match Objects
- Countries
- Applications
- Web Categories
- Websites
- Match Patterns
- Custom Match
- Profile Objects
- Endpoint Security
- Bandwidth
- QoS Marking
- Content Filter
- DHCP Option
- Block Page
- Anti-Spyware
- Gateway Anti-Virus
- Log and Alerts
- Intrusion Prevention
- AWS
- Action Profiles
- Security Action Profile
- DoS Action Profile
- Action Objects
- App Rule Actions
- Content Filter Actions
- Object Viewer
- SonicWall Support
Configuration Example
Assume an administrator needs to allow RSVP (Resource Reservation Protocol - IP Type 46) and SRP (Spectralink™ Radio Protocol – IP type 119) from all clients on the WLAN zone (WLAN Subnets) to a server on the LAN zone (for example, 10.50.165.26). You can define custom IP type service objects to handle these two services.
To define a custom IP type service and related configuration
-
Add custom service objects according to Adding Service Objects using Custom Protocols.
Enter the protocol numbers as 46 and 119.
-
Add a service group named myServices according to Adding Custom Service Groups.
Select the custom service objects created in step 1 from Not in Group list and click right arrow to add to the service group.
-
Add an address object for Host type and WLAN zone according to Adding Address Objects that the WLAN Subnets can access using myServices.
Enter the Host IP address as 10.50.165.26.
-
Define a WLAN > LAN access rule or security policy with Source / Destination attributes listed in the below table.
- Classic Mode: An Access Rule on the POLICY | Rules and Policies > Access Rules page. For more information, refer to Configuring Access Rules section in SonicOS 7.0 Rules and Policies Administration Guide for Classic Mode.
- Policy Mode: A Security Policy on the POLICY | Rules and Policies > Security Policy. For more information, refer to Security Policy section in SonicOS 7.0 Rules and Policies Administration Guide for Policy Mode.
Attribute Source Destination Zone/Interface WLAN LAN Address WLAN Subnets Host address object created in step 3 Port/Services Any myServices service group created in step 2 It may be necessary to create an access rule or security policy for bi-directional traffic. For example, an additional access rule or security policy from the LAN > WLAN allowing myServices from 10.50.165.26 to WLAN Subnets.
Now the traffic from IP protocols 46 and 119 is recognized and allowed to pass from WLAN Subnets to the host at 10.50.165.26.
Was This Article Helpful?
Help us to improve our support portal