SonicOS 7 NSv Getting Started Guide for Azure
- SonicOS NSv 7
- Introducing the NSv Series
- Installing SonicOS on the NSv Series
- Licensing and Registering Your NSv
- SonicOS Management
- Using the Virtual Console and SafeMode
- SonicWall Support
Installing NSv on Azure
SonicWall NSv is deployed on Azure by using a solution template. The template is a JSON file, which is loaded into Azure through a web page. Templates are a means to deploy virtual machines in Azure while also creating/modifying existing resources. Templates use the Azure Resource managers to support not just the deployment of the NSv but also of other virtualized network functions.
This section details two deployment procedures:
To install from Azure Marketplace
- In your browser, navigate to https://portal.azure.com/ and log into your Microsoft Azure account.
- Navigate to SonicWall NSv on Azure Marketplace at https://azuremarketplace.microsoft.com/en-us/marketplace/apps/sonicwall-inc.sonicwall-nsv-firewall-security-vpn-router, click GET IT NOW, and then click Continue to display the SonicWall NSv (Firewall/Security/VPN/Router)-BYOL page.
- On the SonicWall NSv (Firewall/Security/VPN/Router)-BYOL page, click Create at the bottom to get started.
The Basics tab of the NSv configuration window displays.
-
Under Project Details, configure the following options:
- Subscription – Select the Azure subscription on which to deploy the resources for this NSv instance.
-
Resource group – Create new or select an existing resource group from the list.
A resource group is a user defined friendly name for a collection of resources. If you are deploying on Azure for the first time, click Create new. If you already have a network configured and some virtual machines, then you might wish to use an existing resource group. If you are deploying for test purposes, consider creating a new resource group so you can easily delete the resources, if needed.
- If you select Create new, type a name for this resource group into the associated text field, and then select a location for it from the Location drop-down menu.
- If you select Use existing, select the resource group to use from the associated drop-down menu.
-
Under Instance details, do the following:
- Region– Select the Azure location where the resources are deployed.
-
VM Name – Type in a descriptive name for this NSv instance. Consider using lowercase letters, numbers and hyphens, as this name is used to create the default DNS Prefix, which has some restrictions. You can, however, adjust the DNS Prefix as needed.
The SSH username is set to management by default. This is the user name for accessing the NSv console using SSH. This is not the NSv administrator user name, but is a user name created as part of an NSv deployment.
- Authentication type – Select either SSH public key or Password as the authentication method for the previous management SSH username. The default for the template is Password.
- If you selected Password for Authentication Type, type the desired password into the Password and Confirm password fields. The password must be between 12 and 72 characters in length and contain at least three of the following character types:
- Uppercase character
- Lowercase character
- Number
- Special character (non-alpha-numeric, such as !@#$%^&*()_+}{"|:>?<)
- If you selected SSH public key for Authentication Type, type the SSH RSA public key file name as a string into the SSH Public Key field.
- If you selected Password for Authentication Type, type the desired password into the Password and Confirm password fields. The password must be between 12 and 72 characters in length and contain at least three of the following character types:
-
Click Next to continue.
The Instance Details screen displays.
-
Select Virtual machine size,displays the NSv model you want to deploy. Click Change size as per the requirements.
Virtual Machine Size in NSv NSv Model Standard_D2_v2 NSv 270 Standard_D3_v2 NSv 470 Standard_D4_v2 NSv 870 -
Select Virtual Network to configure the virtual network. Create new under Choose virtual network is selected by default and the Create virtual network settings are displayed.
-
Under Create virtual network:
-
Name – This is the name of virtual network the NSv is deployed on. Leave the default, VNET.
-
Address space – The template default is
10.1.0.0/16
. This is a network address in CIDR format representing the virtual network address space. Accept the default or optionally configure a different address space, using the same format.
-
-
-
Select Subnets to configure the subnets for the WAN and LAN zones.
-
WAN X1 subnet – A sub-network of the Address space configured in Step 7, defined for WAN traffic. For example,
10.5.0.0/24
. -
LAN X1 subnet – A sub-network of the Address space configured in Step 7, defined for LAN traffic. For example,
10.5.1.0/24
.
-
-
Select Public IP Address.
-
Create new is selected by default and the Create public IP address settings are displayed. You also have the option to select an existing public IP address to reassign it for use with your NSv.
-
Under Create public IP address, accept the prepopulated name or type a different name into the Name field.
-
For SKU, select Basic or Standard. The default is Basic.
-
For Assignment (if displayed), select Dynamic or Static. The default is Dynamic.
-
-
-
In the DNS Prefix for the public IP Address field, configure the DNS name for the NSv. This must be a unique DNS name for accessing the management interface of the NSv virtual machine. When the NSv virtual machine is created, the WAN uses a public IP and is assigned the DNS name defined here.
-
In the Management source IP field, type in the public IP address that is allowed to access this NSv virtual machine for HTTPS and SSH management.
You can find out your public IP address by typing what is my IP into Google or another search engine in a different browser window/tab. Additional addresses can be added later in Azure.
-
Select Storage Account. Create new is selected by default, displaying the Create storage account settings. You also have the option to select an existing storage account.
-
For a new storage account, type in a unique Name for the storage account using only lowercase letters and numbers.
-
Select the desired options for Account kind, Performance, and Replication.
-
-
Click OK at the bottom of the Instance Details pane.
The Validation Passed screen displays.
-
Under Review+Create, click Create.
Azure begins the deployment process and displays the Azure Dashboard page.
You can click the Notifications icon at the top to display the Deployment in progress notification window, then click Deployment in progress to view the progress.
When finished, the notification window displays Deployment succeeded.
See Accessing Your NSv in the Azure Portal for more information about accessing the pages and settings for your NSv virtual machine available in the Azure portal.
The next step is to register your NSv virtual machine on MySonicWall. See Registering the NSv Virtual Machine with SonicOS for more information about registering your See Accessing Your NSv in the Azure Portal for more information about accessing the pages and settings for your NSv virtual machine available in the Azure portal.
After you have registered the NSv, see Forwarding Traffic to Your NSv for more information about accessing the pages and settings for your NSv virtual machine.
To Install from an Azure template
Templates are a means to deploy virtual machines in Azure while also creating/modifying exiting resources. There are a few different types of templates: Quick, Solution and Simple. The following is an example of a Simple template that creates resources and defines their interconnections.
-
Virtual Machine
-
Storage Group
-
Public IP
-
2 x Network Interfaces
-
Virtual Network
-
Network Security Policy
Deploying NSv by way of Templates
-
Log into Azure.
-
Click to load the webpage: https://github.com/sonicwall/sonicwall-nsv-azure-templates
-
Click Deploy to Azure.
-
The Custom Deployment page should come up:
Enter information to define the custom deployment:
-
Resource Group: The user-defined friendly name for a group of resources.
If you are deploying on a Azure for the first time, use "Create New," however, if you already have a network configured, and some virtual machines then you might wish to use an existing resource group. If you are deploying for test purposes, we suggest you create a new resource group so you can easily delete the resources later if needed.
-
Location: The region where you wish to deploy.
-
Storage Account: A new or existing storage account (we recommend you create a new storage account).
-
Storage Account Type: The type of storage account you wish to use or create.
Currently only “Standard_LRS” is recommended.
-
Storage Account New or Existing: Whether you wish to create or use an existing stage account.
-
User Storage Container Name: The name of the container where the VHD file is stored.
-
DNS Name for Public IP: When the See Accessing Your NSv in the Azure Portal for more information about accessing the pages and settings for your NSv virtual machine available in the Azure portal.
-
The next step is to register your NSv virtual machine on MySonicWall. See Registering the NSv Virtual Machine with SonicOS for more information about registering your NSv.
-
After you have registered the NSv, see Forwarding Traffic to Your NSv and Testing Traffic Through Your NSv for more information about forwarding traffic to it.
-
A virtual machine is created, the WAN uses a public IP, this WAN IP is assigned a DNS name defined here.
-
SSH User Name: The user name required to SSH into the NSv virtual machine.
This is not the NSv administrator’s user name, but rather a username created as part of an NSv deployment.
-
Authentication Type: Select either "password" or "sshPublicKey" as the authentication method.
-
SSH Password: The password for the previously mentioned SSH user.
Password must contain one non alpha-numeric character (such as !@#$%^&*()_+}{"|: >?<), one uppercase alphanumeric character and one numeric character.
-
Management Access IP Source: Public IP address to allowed access to SonicWall NSv HTTPS & SSH management.
-
VM Size: Select the virtual machine you wish to deploy:
SonicWall NSv Model Azure NSv 270 Standard D2 v2 NSv 470 Standard D3 v2 NSv 870 Standard D4 v2
-
Base URL: This is the location of the template resources.
This should remain at the default value unless you are creating your own template.
-
Virtual Network Name: The name of the virtual network the NSv is deployed on.
If you have an existing network on Azure, and would like to install the NSv on this network then this field should be populated with the network name. For example,
192.168.0.0/26
.
-
Virtual Network Address Prefix: The virtual network "Address space."
-
Subnet WAN Name: The name of the WAN subnet.
If you have an existing network on Azure, you might want to change the default value or it can remain at the default.
-
Subnet LAN Name: The name of the LAN subnet.
If you have an existing network on Azure you might want to change the default value else it can remain at default.
-
Subnet WAN prefix: A sub-network of the previous "Virtual Network Address Prefix" defined for WAN traffic, such as
192.168.2.0/24
. -
Subnet LAN prefix: A sub-network of the previous "Virtual Network Address Prefix" defined for LAN traffic, such as
192.168.2.0/24
. -
Subnet WAN Start Address: The starting address from which the virtual network provides through DHCP addresses to host on the WAN subnet.
-
Subnet LAN Start Address: The starting address from which the virtual network provides through DHCP addresses to host on the LAN subnet.
-
-
After filling in all the values, click I agree to the terms and conditions stated above and then click Purchase to deploy the template and create the SonicWall NSv instance.
It takes approximately 10 minutes to deploy NSv respective resources. You can view the progress by clicking the icons indicated in the following image:
-
To connect to the SonicWall NSv management GUI click Virtual Machines from the left menu. Then select the NSv virtual machine name, in the overview section a public IP address is displayed, In the example that follows, that is
http://40.76.216.87/
. -
Login with the default SonicWall credentials "
admin/sonicwall
." -
Now continue with the following section,Accessing Your NSv in the Azure Portal, or go on to Installing NSv on Azure.
Was This Article Helpful?
Help us to improve our support portal