• SonicOSX 7
• Product Overview
  • Enterprise Class High-performance Firewall
  • Feature Summary
    • Simplified Management and Reporting
    • Advanced Threat Protection
    • Capture Cloud Platform
    • Deep Packet Inspection of SSL/TLS (DPI-SSL)
    • Content Filtering Service
    • Intrusion Prevention Service
    • Application Control
    • Unified Policy Configuration and Management
    • Multiple Instances / High Availability
  • System Architecture
  • Hardware Overview
    • Front Panel
    • Rear Panel
    • LEDs
    • Specifications
• System Setup
  • Default Settings
  • System Startup
    • HTTPS Management via X0
    • HTTPS Management via MGMT Port
      • Using SafeMode
      • Using CLI
  • SonicOSXBasic Configuration
  • Connecting LAN and WAN Interfaces
  • Network Configuration
  • Registration and Licensing
• Configuring Multiple Instances
  • Enabling Multi-Instances
  • Configuring Multi-Instances
• Licenses for Multiple Instances
  • Surveying Multiple Instances
  • Instance Registration
  • Instance License Update
  • Deactivating an Instance
  • Instance HA Pair on a Standalone NSsp Node
• Configuring High Availability
  • High Availability Overview
  • Setting Up Unit-to-Unit HA
  • Configuring Advanced Settings
  • Checking High Availability Status
  • Monitoring High Availability
  • Configuring Multi-Appliance Instance-Level HA
• CLI Bring-up
  • Access the Console Port
  • At the ChassisOS Prompt
  • To Change to the Console Port of Another Physical Blade
  • Check Network Address Settings
  • Commands at ChassisOS Prompt
  • Show Commands at ChassisOS Prompt
  • Configure IP Addresses from the CLI
  • Restart SonicOSX from the CLI
  • To Access SonicOSX Console
• Using the SafeMode GUI
  • Accessing SafeMode
  • Rebooting the System
  • Upgrading Firmware
  • Diagnostics
• SonicWall Support
  • About This Document

Enabling Multi-Instances

This feature is enabled from the Settings screen. To enable Multi-instances, we first reserve logical blades and front panel ports that are used for supporting spawned instances.

To Enable Multiple Instances

1. To select the number of logical blades, click and select up to two. Click Accept to save changes. This step requires the chassis to reboot for changes to take effect.
2. The next step is to reserve front panel ports for instances. These ports are the ones available for instance configuration.
3. To select ports, click on ports that are orange. Selected ports turn green. The legend on the right of the display provides details on the colors and the status of ports.
4. Click Accept to save changes. This step does not require a reboot. Front panel port reservations can be modified anytime after multiple instances are enabled.
5. Ports reserved for the instances are green, and ports available to instances, but not yet reserved, are orange. To reserve an orange port for instances, simply click on it to turn it green.

After Multi-Instances are enabled and logical blades are selected and ports are reserved, the reserved ports for Multi-Instances are exclusive, that is, not available for the rest of the sub-system.

Any time Multi-Instances is disabled and the chassis is rebooted, all the Multi-Instance port(s) are unreserved and are available to the rest of the system while all instances configured in the system are lost.

Selecting Ports for Instances

Currently, a maximum of two logical blades might be configured to support instances. With four logical blades in the system, two logical blades are used by the multi-bladed firewall while the other two can be used for instances. However, the configuration is flexible, we could have three logical blades running in multi-bladed firewall mode with one logical blade configured to launch instances.

Allocating CPUs

The previous screen shows the Multi-Instance-enabled settings in the DEVICE | Multi-Instances > Settings screen. In this case, four logical blades are available and one is allocated to instances, while three support multi-bladed firewall operation.

After Multi-Instance (MI) operation is enabled on the GUI and the configuration is saved, the firewall prompts for reboot before the settings can be applied.

Enabling Multi-Instance requires a chassis reboot, which can take up to 15 minutes.

After the reboot firewall confirmation button is clicked, the firewall comes up with one or two logical blades enabled for launching instances. In the left navigation column of the display, the Instances screen is enabled only when MI is enabled. In order to change the number of logical blades selected to launch MI instances, the firewall has to go through the reboot processes. This means the currently running instance-support blades is also rebooted.

In order to revert back, with all the logical blades to work as one big multi-bladed firewall, the MI-enabled settings are disabled and the firewall goes through the reboot process again.

To reserve front panel ports for virtual firewall instances

1. Identify available ports by looking for orange colored ports on the GUI.
2. Click on the port to turn it green.
3. Click Accept.

To allocate CPUs to instances

1. Navigate to DEVICE | Multi-Instance > Settings and locate the controls under Setup Multi-Instance.
2. Move the Enable switch to the right to turn on Multi-Instance capability.
3. Determine the number of CPUs available to support instances.
4. Click Accept and then reboot the system.