SonicOS 7 System

Table of Contents

Configuring Network Interfaces and Activating L2B Mode

In this scenario, the WAN interface is used for:

  • Access to the management interface for the administrator
  • Subscription service updates on MySonicWall
  • The default route for the device and subsequently the “next hop” for the internal traffic of the SSL VPN appliance (this is why the WAN interface must be on the same IP segment as the internal interface of the SSL VPN appliance)

The LAN interface on the appliance is used to monitor the unencrypted client traffic coming from the external interface of the SSL VPN appliance. This is the reason for running in Layer 2 Bridged Mode (instead of reconfiguring the external interface of the SSL VPN appliance to see the LAN interface as the default route).

To activate L2B mode on an interface

  1. Navigate to NETWORK | System > Interfaces.
  2. Click the Configure icon for the WAN interface. The Edit Interface dialog displays.
  3. Assign the interface an address that can access the Internet so that the appliance can obtain signature updates and communicate with NTP. The gateway and internal/external DNS address settings must match those of your SSL VPN appliance:
    • IP address: This must match the address for the internal interface on the SSL VPN appliance.
    • Subnet Mask, Default Gateway, and DNS Server(s): Make these addresses match your SSL VPN appliance settings.
  4. For the Management setting, choose HTTPS and Ping.
  5. Click OK to save and activate the changes.

To configure the LAN interface settings

  1. Navigate to NETWORK | System > Interfaces.
  2. Click the Configure icon for the LAN interface.
  3. For the Mode / IP Assignment setting, select Layer 2 Bridged Mode.
  4. For the Bridged to setting, select X1.
  5. If you also need to pass VLAN tagged traffic, supported on the appliance, click VLAN Filtering.
  6. Add all of the VLANs that need to be passed.
  7. Click OK to save and activate the change.

You might be automatically disconnected from the appliance’s management interface. You can now disconnect your management laptop or desktop from the appliance’s X0 interface, and power the appliance off before physically connecting it to your network.