• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• About Device Settings
• Managing SonicWall Licenses
  • Licenses
  • Managing Security Services
    • Services Summary
    • Managing Security Services Online
      • Managing Services from SonicOS Management Interface
      • Synchronizing Changes
    • Manual Upgrade for Closed Environments
  • Registering Your SonicWall Appliance
  • Activating the Gateway Anti-Virus, Anti-Spyware, and IPS License
  • Activating FREE TRIALs
• System Administration
  • Configuring the Firewall Name
  • Enabling Wireless LAN and IPv6
  • Changing the Administrator Name and Password
  • Configuring Login Security
    • Configuring Password Compliance
    • Configuring Login Constraints
  • Multiple Administrators Support
    • Working of Multiple Administrators Support
      • Configuration Modes
      • User Groups
      • Priority for Preempting Administrators
      • GMS and Multiple Administrator Support
    • Configuring Multiple Administrator Access
  • Enabling Enhanced Audit Logging Support
  • Configuring the Wireless LAN Controller
  • Enabling SonicOS API and Configuring Authentication Methods
  • Enabling GMS Management
  • Configuring the Management Interface
    • Managing through HTTP/HTTPS
    • Selecting a Security Certificate
    • Controlling the Management Interface Tables
    • Enforcing TLS Version
    • Switching Configuration Modes
    • Deleting Browser Cookies
    • Configuring SSH Management
  • Client Certificate Verification
    • About Common Access Card
    • Configuring Client Certificate Verification
    • Using the Client Certificate Check
    • Checking Certificate Expiration
    • Troubleshooting User Lock Out
  • Selecting a Language
• Configuring Time Settings
  • Setting System Time
  • Configuring NTP Settings
    • Using a Custom NTP Server for Updating the Firewall Clock
    • Adding an NTP Server
    • Editing an NTP Server Entry
    • Deleting NTP Server Entry
• Managing Certificates
  • About Digital Certificates
  • About the Certificates Table
  • About Certificate Details
  • Importing Certificates
    • Importing a Local Certificate
    • Importing a Certificate Authority Certificate
    • Creating a PKCS-12 Formatted Certificate File (Linux Systems Only)
  • Deleting Certificates
  • Generating a Certificate Signing Request
  • Configuring Simple Certificate Enrollment Protocol
• Administering SNMP
  • About SNMP
  • Setting Up SNMP Access
    • Enabling and Configuring SNMP Access
      • Configuring Basic Functionality
      • Configuring SNMPv3 Engine IDs
      • Configuring Object IDs for SNMPv3 Views
    • Setting Up SNMPv3 Groups and Access
      • Creating Groups and Adding Users and Access
        • Creating a Group
        • Adding Access
        • Adding Users
  • Configuring SNMP as a Service and Adding Rules
• Firmware Settings
  • Firmware Management and Backup
    • Firmware Management & Backup Tables
      • Local Table
      • Cloud Table
      • Show Configuration Files Table
    • Searching the Table
  • Creating a Backup Firmware Image
    • Creating a Local Backup Firmware Image
    • Creating a Cloud Backup Firmware Image
    • Scheduling Firmware Image Backups
      • Scheduling a One-Time Backup
      • Scheduling Recurring Backups
      • Deleting Scheduled Backups
  • Updating Firmware
    • Updating Firmware Manually
    • Firmware Auto Update
    • Using SafeMode to Upgrade Firmware
  • Importing and Exporting Settings
    • Importing Settings
    • Exporting Settings
  • Configuring Firmware and Backup Settings
    • Send Settings or Reports by FTP
    • Sending Diagnostic Reports to Technical Support
    • Boot Settings
    • One-Touch Configuration Overrides
    • Enabling FIPS Mode
    • Enabling NDPP mode
• Storage
  • Storage Overview Tab
    • Diagnostics Data
    • Configuration Backup
    • System Logs
    • Threat Logs
    • Packet Captures
    • Logs (Legacy)
• Restarting the System
• SonicWall Support
  • About This Document

Enabling GMS Management

For more information on SonicWall Global Management System, see the SonicWall GMS and SonicWall Management Services administration documentation, available at https://www.sonicwall.com/support/technical-documentation/.

To configure the Security Appliance for GMS management

1. Navigate to Device | Settings > Administration.
2. Click Audit / SonicOS API.
3. Scroll to the ADVANCED MANAGEMENT section.



4. Enable Management using GMS. The Configure button becomes available.
5. Click Configure. The GMS Settings screen in displayed.



6. Enter the host name or IP address of the GMS Console in the GMS Host Name or IP Address field.
7. Enter the port in the GMS Syslog Server Port field. The default value is 514.
8. To send only heartbeat status instead of log messages, select Send Heartbeat Status Messages Only.
9. If the GMS Console is placed behind a device using NAT on the network, select GMS behind NAT Device. When you select GMS behind NAT Device, the NAT Device IP Address field becomes active.
10. Enter the IP address of the NAT device in the NAT Device IP Address field.
11. Select one of the following GMS modes from the Management Mode drop-down menu:
    • IPSEC Management Tunnel - Allows the firewall to be managed over an IPsec VPN tunnel to the GMS management console. If you selected this option, go to step 11.
    • Existing Tunnel - Uses an existing VPN tunnel over the connection between the GMS server and the firewall. If you selected this option, go to step 13.
    • HTTPS - Allows HTTPS management from two IP addresses: the GMS Primary Agent and the Standby Agent IP address. The SonicWall firewall also sends encrypted syslog packets and SNMP traps using 3DES and the firewall administrator’s password. Options for configuring the GMS reporting server display. If you selected this option, go to step 12.

12. The default IPsec VPN settings are displayed with values populated by SonicOS. Verify the settings.

    

    1. From Encryption Algorithms, select the appropriate algorithm.

    2. Optionally, enter a new encryption key in the Encryption Key field:

       For	The key must be
       DES	16 hexadecimal characters
       3DES	48 hexadecimal characters

    3. Optionally, enter a new authentication key in the Authentication Key field:

       For	The key must be
       MD5	32 hexadecimal characters
       SHA1	40 hexadecimal characters

    4. Go to Step 13.

13. SonicOS needs to know the GMS reporting server.

    

    1. Select Send Syslog Messages to a Distributed GMS Reporting Server. The GMS Reporting Server IP Address and GMS Reporting Server Port options become available.
    2. In the GMS Reporting Server IP Address field, enter the IP address of the GMS server.
    3. In the GMS Reporting Server Port field, enter the port of the GMS server. The default port is 514.
14. Click OK.
15. Click Accept.