SMA and CMS on AWS · 2020-04-02 · SMA and CMS on AWS Getting Started Guide 7 2 Click the link in the instructions to go to the EC2 Console. 3 Click Create Key Pair. 4 Type in a

SMA and CMS on AWS Getting Started Guide

SMA and CMS on AWSGetting Started Guide

1

2

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Creating a MySonicWall Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Creating a Key Pair in AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Deploying SMA 8200v on AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Connecting to the Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Connecting to the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Configuring Settings on the Appliance Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Licensing and Registering Your Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Registering the SMA 8200v . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Using the 30-day Trial Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Registering the 30-day Trial Virtual Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Converting a Free Trial License to Full License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Exporting a Copy of Your Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Deploying SMA CMS on AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Connecting to the Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Connecting to the Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Configuring Settings on the Appliance Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Licensing and Registering Your Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Registering the SMA CMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Using the 30-day Trial Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Deployment Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Registering the 30-day Trial Virtual Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Converting a Free Trial License to Full License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Exporting a Copy of Your Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

SonicWall Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30About This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Contents


Part 1

3

Introduction

• Overview

• Before You Begin

• Deploying SMA 8200v on AWS

• Deploying SMA CMS on AWS


1

4

Overview

This Getting Start Guide contains installation procedures and configuration guidelines for deploying the SonicWall SMA 8200v(Virtual Appliance) and SMA CMS Amazon Machine Image (AMI) in your Amazon Web Service (AWS) cloud network. The SMA 8200v and SMA CMS includes a software appliance, which has been pre-installed and pre-configured for AWS environments, and allows for the secure and easy development of Secure Mobile Access AMI solutions within a cloud environment.

SonicWall takes the challenge of rapid pace of cloud transformation and extends the security of the private cloud to public clouds with SonicWall Secure Mobile Access 1000 (SMA8200v) series. The SMA 8200v gives you economy-of-scale benefits of virtualization. This gives you all the security advantages of a physical SMA 1000 appliance with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction.

2

Before You Begin

Topics:

• Creating a MySonicWall Account on page 5

Creating a MySonicWall AccountA MySonicWall account is required for product registration. If you already have an account, continue to the section on Registering the SMA 8200v on page 15.

To create a MySonicWall account:

1 In your browser, navigate to http://www.MySonicWall.com.

2 In the login screen, click the blue Sign-Up link.

3 Complete the account information, including email and password.

4 Enable two-factor authentication if desired.

5 If you enabled two-factor authentication, select one of the following authentication methods:

• Email (one-time passcode) where an email with a one-time passcode is sent each time you log into your MySonicWall account.

NOTE: Your password should be at least eight characters, but no more than 30 characters.


5

• Microsoft/Google Authentication App where you use a Microsoft or Google authenticator application to scan the code provided. If you are unable to scan the code, you can click on a link for a secret code.

6 Click CONTINUE to go to the Company page.

7 Complete the company information and click CONTINUE.

8 On the Your Info page, select whether you want to receive security renewal emails.

9 Identify whether you are interested in beta testing new products.

10 Click CONTINUE to go to the Extras page.

11 Select whether you want to add additional contacts to be notified for contract renewals.

12 If you opted for additional contacts, input the information and click ADD CONTACT.

13 Click DONE.

14 Check your email for a verification code and enter it in the Verification Code* field. If you did not receive a code, contact Customer Support by clicking the link.

15 Click DONE. You are returned to the login window so you can login into MySonicWall with your new account.

Creating a Key Pair in AWSFirst-time users might see a notification to “Please select a key pair” when preparing to launch SMA and CMS on AWS in the Amazon EC2 console:

A key pair provides encrypted login information that allows you to securely access your SMA 8200v and CMS instance. You need to create a key pair and store the file containing the private key in a safe place on your management computer.

To create a key pair:

1 Locate the Key Pair item in the page and click on it.

NOTE: MySonicWall registration information is not sold or shared with any other company.


6

2 Click the link in the instructions to go to the EC2 Console.

3 Click Create Key Pair.

4 Type in a descriptive name for the key pair and then click Create.

5 Click Download Key Pair to download the key pair and store it safely. The downloaded PEM file must be used to connect over SSH. Save the .pem file to a safe location on your computer.

For more information about key pairs, see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html


7

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

3

Deploying SMA 8200v on AWS

This section explains how to deploy the SonicWall SMA 8200v for AWS image in your AWS environment.

To install the SMA 8200v for AWS from the AWS console:

1 Get the SMA 8200v AMI image for AWS.To get the SMA AMI, contact SonicWall Sales at https://www.sonicwall.com/customers/contact-salesORSonicWall Support at https://www.sonicwall.com/support/contact-support

2 Log into the AWS management console at https://aws.amazon.com.

3 In the Choose an Amazon Machine Image (AMI) screen, click My AMIs in the left pane and select Shared with me under Ownership.

4 Select SonicWall CMS 12.4-0-02223-ami-008b50807679826e0 build and click Next.

5 In the Step 2 screen, select the instance type you want and click Next: Configure Instance Details.

6 In the Step 3 screen, configure the instance settings.

7 In the Step 3 screen, select Advanced Details > User Data and fill the form user data like below YAML input.

NOTE: Installation of SMA 8200v on AWS is applicable only in the SMA 12.4 firmware version.


8

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

8 Click Next: Add Storage.

9 In the Step 4 screen, configure the hard disk size and click Next: Add Tags.

10 In the Step 5 screen, page, if tags are desired, click Add Tag and type in the key value pair(s) and then click Next: Configure Security Group.

11 In the Step 6 screen, configure a Security Group for the SonicWall SMA 8200v. If a Security Group was already created for SonicWall SMA 8200v before, you can assign it here. If not, create the rules as shown in the screenshot below.

IMPORTANT: If the YAML input is invalid, the deployment leads to inconsistent state.


9

12 Click Review and Launch.

13 Verify the instance details shown in the next screen and you can make changes to any of the preceding configurations by clicking the Edit link next to each heading.

14 When ready, click Launch to assign a key pair to your instance.

15 Select an existing key pair. ORCreate a new key pair. If you need to create a new key pair, see Creating a Key Pair in AWS on page 6.After you create a new key pair, download the key pair file before continuing. Store the private key file in a secure and accessible location.

IMPORTANT: You can limit the exposure of IPs of the ports 22 and 443 for security reasons.

IMPORTANT: You cannot download the key pair after the instance is launched.


10

16 Click Launch Instances to launch SonicWall SMA 8200v.

After the SMA 8200v instance is launched, you can access the appliance from a browser. To know how to access the SMA 8200v through a browser, see Connecting to the Web Interface.

You are now ready to begin using your SMA 8200v appliance. See:

• Configuring Settings on the Appliance Web Interface on page 13

• Using the 30-day Trial Version on page 16

To Start, Stop, Reboot, or Terminate the instance:

1 In the EC2 console, click Instances in the AWS left pane. All your Amazon machine instances are displayed, along with their EC2 Instance IDs.

2 Right-click on the 8200v AMI instance. In the right-click menu, click on Instance State and select one of:

• Start

• Stop

• Stop - Hibernate

• Reboot

• Terminate

NOTE: The <EC2 Instance ID> is the default password for the administrator account.


11

More information on how to start or stop an instance is available on AWS website: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html

Connecting to the Web InterfaceThe SMA 8200v always starts with the private IP address automatically assigned by EC2 using DHCP addressing. EC2 also automatically assigns a public IP address to allow access from the internet.

To access the SMA 8200v management web interface over HTTPS:

1 Launch a browser and navigate to the SMA 8200v for AWS public IP/ Host name. We use default port 8443 to access SMA 8200v for AWS appliance.

https://<SMA 8200v Public IP/ Host name>/

2 On the web interface login page, enter the default credentials and then click Login.

The default credentials are:

• Default user name = admin

• Default password = <EC2 Instance ID>

NOTE: The public IP address assigned by EC2 can change across reboots. To preserve the same public IP address, configure an Elastic IP for the instance. More information on Elastic IP addresses is available here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

NOTE: To locate the public IP address of your SMA 8200v instance, click SMA 8200v instance on the Instances page in AWS EC2 console.


12

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html


The SMA 8200v management interface is displayed.

3 You can now register the SMA 8200v for AWS and begin management and configuration.

See the SMA Administration Guide for configuration information.

Connecting to the Command Line InterfaceThe Command Line Interface (CLI) is a text-only mechanism for interacting with the SMA 8200v by typing commands to perform specific tasks. The CLI can be launched over SSH.

To connect to the SMA 8200v over SSH:

1 Click the SMA 8200v instance on the Instances page in AWS EC2 console.

2 Copy the Public IP address of the SMA 8200v appliance.

3 In an SSH application, type in the command using your AWS private key to authenticate:

• ssh -i AWSPrivateKey.key admin@<SMA 8200v Public IP>

For example, ssh -i Ohiokey.pem [email protected] If you see a warning, type yes to proceed with the login.

After the SMA 8200v appliance is fully booted, a login prompt is displayed.

Configuring Settings on the Appliance Web InterfaceThis section provides procedures to configure the remaining appliance settings as you would for the SMA hardware appliance.

To complete the host configuration:

1 Launch a browser and enter the URL of the virtual appliance.


13

2 On the appliance interface login page, enter the default credentials and then click LOGIN.


User - admin

Password - <EC2 Instance ID>

After you log in, the SMA 8200V management interface is displayed.

3 Configure your settings for the SMA 8200 EC2 instance on the Status screen.

Refer to the SMA Administration Guide for complete configuration information. This and other documentation are found online at: https://www.sonicwall.com/support/technical-documentation/

Licensing and Registering Your ApplianceThis section contains information about licensing and registering your SMA 8200v on Amazon EC2.

You must purchase a license and register your SMA 8200v on Amazon EC2 before first use. Registration is performed using the management interface. After the registration is completed, the SMA 8200v on Amazon EC2 is licensed and ready to use. For the 30-Day Trial Virtual Appliance registration process, refer to Using the 30-day Trial Version.

SMA 8200v on Amazon EC2 provides user-based licensing. By default, the virtual appliance comes with a 5-user license. Extra licenses can be added in 5, 10, and 25 user denominations, up to a maximum that allows for 50 concurrent user sessions.

Licensing is controlled by SonicWall’s license manager service, and customers can add licenses through their MySonicWall accounts. Unregistered units support the default license allotment for their model, but the unit must be registered in order to activate additional licensing from MySonicWall.

License status is displayed in the SMA 8200v on Amazon EC2 management interface, on the System Configuration > General Settings > Licensing page.

Communication with the SonicWall Licensing Manager is necessary while using the SMA 8200v on Amazon EC2 and requires Internet access.


14

Registering the SMA 8200vAfter you have installed and configured the network settings for your SMA 8200v on AWS, you can log into the management console and register it to your MySonicWall account. Registration of your SonicWall SMA 8200v on AWS follows the same process as for other SonicWall hardware-based appliances.

To register your SMA 8200v for AWS:

1 Log in to your SMA 8200v virtual machine.

Public IP of the SMA 8200v for AWS virtual machine is available in the Instances page in the AWS Management Console.

2 In the System Configuration group, select General Settings > Licensing > Edit.The Manage Licenses page is displayed.

3 Under Online Licensing, click Register. This should take you to a MySonicWall login.

4 Enter your MySonicWall.com account username or email address and password in the appropriate fields and click Submit.

5 In the License Management page, enter the Serial Number or Activation Key for your new appliance. Enter the Authentication Code for your new appliance.

6 Enter a Friendly Name.

7 Click Submit to finish the registration process.

8 You have successfully registered your 8200v virtual machine. Click Continue to view the License Management screen or continue configuring other settings within the appliance.OR

NOTE: System functionality is extremely limited when registration is not completed.


15

You can import your license file into the management console. To import the license:

1 Log in to the management console.


3 In the Manage License page, click Import License.

4 In the Import License page, click Choose File to select the license file and click Upload.The License file is uploaded into the appliance.

Using the 30-day Trial VersionThe SMA 8200v for AWS is offered in a 30-day Trial version. The installation, registration, and functionality of the 30-Day Trial appliance is the same as the full SMA 8200v, except for differences noted in Deployment Considerations. An email is sent from the SonicWall License Manager to warn you when your trial is near its expiration date.

To upgrade to the full version:

• Purchase the full SMA 8200v for AWS.

• Export your settings from the 30-day Trial version.

• Install and register the full SMA 8200v for AWS.

• Import your settings.

You must install the SMA 8200 for AWS software before registering for your 30-Day Trial. For more information on obtaining the software, see Deploying SMA 8200v on AWS.

Topics:

• Deployment Considerations on page 17

• Registering the 30-day Trial Virtual Appliance on page 17

• Converting a Free Trial License to Full License on page 18


16

Deployment ConsiderationsThe following is a list of deployment considerations for the 30-day Trial version:

• The SMA 8200v for AWS is disabled after 30 days.

• A maximum of two concurrent users are allowed to log into the appliance.

• Communication with the SonicWall Licensing Manager is required during the entire trial period.

• It is recommended that you save a copy of your appliance configuration settings before upgrading to the full version of the SMA 8200v for AWS.

Registering the 30-day Trial Virtual ApplianceThis section gives details for registration of the SonicWall 30-day Trial virtual appliance.

To register the 30-day Trial:

1 Log in to your SMA 8200v for AWS.

Public IP of the SMA 8200v for AWS virtual machine is available in the Instances page in the AWS Management Console.







8 You have successfully registered your SMA 8200v for AWS. Click Continue to view the License Management screen or continue configuring other settings within the appliance.

9 Click Login.

10 When the registration confirmation page displays, click Continue.

NOTE: Before starting the registration process, contact SonicWall Sales to obtain your serial number and authorization code.


17

Converting a Free Trial License to Full LicenseAn SMA 8200v for AWS instance is installed as a 30-day free trial can easily be converted to a full production license.

To convert your free trial to a production version:

1 Purchase an SMA 8200v for AWS license from a distributor. You should receive a fulfillment email with the new serial number and authentication code.


3 In MySonicWall, click to Register a new instance.

4 Enter the Serial Number and Authentication Code you received after purchasing your SMA 8200v for AWS instance. Your SMA 8200v for AWS is now registered.

Exporting a Copy of Your Configuration SettingsBefore beginning the update process, export a copy of your SMA 8200v for AWS configuration settings to your local machine. The Export Settings feature saves a copy of your current configuration settings on your SMA 8200v for AWS, protecting all your existing settings in the event that it becomes necessary to return a previous configuration state.

To save a copy of your configuration settings and export them to a file on your local management station, go to AMC> Maintenance > Import/ Export and save the settings file to your local machine. The default settings file is named <SMAHostName>_12.4.0-02179_20200207-005220.aea


18

4

Deploying SMA CMS on AWS

This section explains how to deploy the SonicWall SMA CMS for AWS image in your AWS environment.

To install the CMS for AWS from the AWS console:

1 Get the SMA CMS AMI image for AWS.To get the SMA AMI, contact SonicWall Sales at https://www.sonicwall.com/customers/contact-salesORSonicWall Support at https://www.sonicwall.com/support/contact-support

2 Log into the AWS management console at https://aws.amazon.com.

3 In the Choose an Amazon Machine Image (AMI) screen, click My AMIs in the left pane and select Shared with me under Ownership.

4 Select SonicWall CMS 12.4-0-02223-ami-008b50807679826e0 build and click Next.

5 In the Step 2 screen, select the instance type you want and click Next: Configure Instance Details.

6 In the Step 3 screen, configure the instance settings and click Next: Add Storage.

7 In the Step 4 screen, configure the hard disk size and click Next: Add Tags.

8 In the Step 5 screen, page, if tags are desired, click Add Tag and type in the key value pair(s) and then click Next: Configure Security Group.

9 In the Step 6 screen, configure a Security Group for the SonicWall SMA CMS. If a Security Group was already created for SonicWall SMA CMS before, you can assign it here. If not, create the rules as shown in the screenshot below.

NOTE: Installation of CMS on AWS is applicable from the CMS 12.3 and later firmware versions.

SMA and CMS on AWS 12.4Getting Started Guide

19


10 Click Review and Launch.

11 Verify the instance details shown in the next screen and you can make changes to any of the preceding configurations by clicking the Edit link next to each heading.

12 When ready, click Launch to assign a key pair to your instance.

13 Select an existing key pair. ORCreate a new key pair. If you need to create a new key pair, see Creating a Key Pair in AWS on page 6.After you create a new key pair, download the key pair file before continuing. Store the private key file in a secure and accessible location.

IMPORTANT: You can limit the exposure of IPs of the ports 22 and 443 for security reasons.

IMPORTANT: You cannot download the key pair after the instance is launched.


20

14 Click Launch Instances to launch SonicWall SMA CMS.

After the CMS instance is launched, you can access the appliance from a browser. To know how to access the CMS through a browser, see Connecting to the Web Interface.

You are now ready to begin using your SMA CMS appliance. See:

• Configuring Settings on the Appliance Web Interface on page 23

• Using the 30-day Trial Version on page 26

To Start, Stop, Reboot, or Terminate the instance:

1 In the EC2 console, click Instances in the AWS left pane. All your Amazon machine instances are displayed, along with their EC2 Instance IDs.

2 Right-click on the SMA and CMS on AWS AMI instance. In the right-click menu, click on Instance State and select one of:

• Start

• Stop

• Stop - Hibernate

• Reboot

• Terminate

NOTE: The <EC2 Instance ID >is the default password for the administrator account.


21

More information on how to start or stop an instance is available on AWS website: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html

Connecting to the Web InterfaceThe SMA CMS always starts with the private IP address automatically assigned by EC2 using DHCP addressing. EC2 also automatically assigns a public IP address to allow access from the internet.

To access the CMS management web interface over HTTPS:

1 Launch a browser and navigate to the CMS public IP/Host name. We use default port 8443 to access the CMS for AWS appliance.

https://<SMA CMS Public IP/Host name>/

2 On the web interface login page, enter the default credentials and then click Login.


• Default user name = admin

• Default password = <EC2 Instance ID>

NOTE: The public IP address assigned by EC2 can change across reboots. To preserve the same public IP address, configure an Elastic IP for the instance. More information on Elastic IP addresses is available here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

NOTE: To locate the public IP address of your CMS instance, click CMS instance on the Instances page in AWS EC2 console.


22

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html


The CMS management interface is displayed.

3 You can now register the CMS for AWS and begin management and configuration.

See the SMA Administration Guide for configuration information.

Connecting to the Command Line InterfaceThe Command Line Interface (CLI) is a text-only mechanism for interacting with the SMA CMS by typing commands to perform specific tasks. The CLI can be launched over SSH.

To connect to the CMS over SSH:

1 Click the SMA CMS instance on the Instances page in AWS EC2 console.

2 Copy the Public IP address of the SMA CMS appliance.

3 In an SSH application, type in the command using your AWS private key to authenticate:

• ssh -i AWSPrivateKey.key admin@<SMA CMS Public IP>

For example, ssh -i Ohiokey.pem [email protected] If you see a warning, type yes to proceed with the login.

After the CMS software has fully booted, a login prompt is displayed.

Configuring Settings on the Appliance Web InterfaceThis section provides procedures to configure the remaining appliance settings as you would for the SMA CMS hardware appliance.


23

To complete the host configuration:

1 Launch a browser and enter the URL of the virtual appliance.

2 On the appliance interface login page, enter the default credentials and then click LOGIN.


User - admin

Password - <EC2 Instance ID>

After you log in, the SMA management interface is displayed.

3 Configure your settings for the SMA CMS on the Status screen.

Refer to the SMA Administration Guide for complete configuration information. This and other documentation are found online at: https://www.sonicwall.com/support/technical-documentation/

Licensing and Registering Your ApplianceThis section contains information about licensing and registering your SMA CMS on AWS.

You must purchase a license and register your SMA CMS before first use. Registration is performed using the management interface. After the registration is completed, the SMA CMS is licensed and ready to use. For the 30-Day Trial Virtual Appliance registration process, refer to Using the 30-day Trial Version.

SMA CMS for AWS provides user-based licensing. By default, the virtual appliance comes with a 5-user license. Extra licenses can be added in 5, 10, and 25 user denominations, up to a maximum that allows for 50 concurrent user sessions.

Licensing is controlled by SonicWall’s license manager service, and customers can add licenses through their MySonicWall accounts. Unregistered units support the default license allotment for their model, but the unit must be registered in order to activate additional licensing from MySonicWall.

License status is displayed in the SMA CMS management interface, on the Management Server > Configure > Licensing page.

Communication with the SonicWall Licensing Manager is necessary while using the SMA CMS for AWS, and requires Internet access.


24

Registering the SMA CMS After you have installed and configured the network settings for your SMA CMS on AWS, you can log into the management console and register it to your MySonicWall account. Registration of your SonicWall SMA CMS follows the same process as for other SonicWall hardware-based appliances.

To register your SMA CMS on AWS:

1 Log in to your SMA CMS appliance.

Public IP of the SMA CMS on AWS is available in the Instances page in the AWS Management Console.

2 In the CMS home page, select Management Server > Configure > Licensing.The Manage Licenses page is displayed.






NOTE: System functionality is extremely limited when registration is not completed.


25

8 You have successfully registered your SMA CMS for AWS. Click Continue to view the License Management screen or continue configuring other settings within the appliance.ORYou can import your license file into the management console. To import the license file:

1 Log in to the SMA CMS appliance.

2 Navigate to Management Server > Configure > Licensing.The Manage Licenses page is displayed.

3 In the Manage License page, click Import License.

4 In the Import License page, click Choose File to select the License file and click Upload.

The License file is uploaded into the appliance.

Using the 30-day Trial VersionThe CMS on AWS is offered in a 30-day Trial version. The installation, registration, and functionality of the 30-Day Trial appliance is the same as the full CMS appliance, except for differences noted in Deployment Considerations. An email is sent from the SonicWall License Manager to warn you when your trial is near its expiration date.

To upgrade to the full version:

• Purchase the full CMS for AWS.

• Export your settings from the 30-day Trial version.

• Install and register the full CMS for AWS.

• Import your settings.

You must install the CMS software before registering for your 30-Day Trial. For more information on obtaining the software, see Deploying SMA CMS on AWS on page 19.

Topics:

• Deployment Considerations on page 27

• Registering the 30-day Trial Virtual Appliance on page 27

NOTE: By default, the CMS will automatically activate a spike license during periods of high usage if available. It is not recommended to override this behavior.


26

• Converting a Free Trial License to Full License on page 28

Deployment ConsiderationsThe following is a list of deployment considerations for the 30-day Trial version:

• The SMA CMS is disabled after 30 days.

• A maximum of two concurrent users are allowed to log into the appliance.

• Communication with the SonicWall Licensing Manager is required during the entire trial period.

• It is recommended that you save a copy of your appliance configuration settings before upgrading to the full version of the SMA CMS.

Registering the 30-day Trial Virtual ApplianceThis section gives details for registration of the SonicWall 30-day Trial virtual appliance.

To register the 30-day Trial:

1 Log in to your CMS appliance.

Public IP of the CMS virtual machine is available in the Instances page in the AWS Management Console.







8 You have successfully registered your CMS for AWS. Click Continue to view the License Management screen or continue configuring other settings within the appliance.

9 Click Login.

NOTE: Before starting the registration process, contact SonicWall Sales to obtain your serial number and authorization code.


27

10 When the registration confirmation page displays, click Continue.

Converting a Free Trial License to Full LicenseAn CMS instance for AWS is installed as a 30-day free trial can easily be converted to a full production license.

To convert your free trial to a production version:

1 Purchase an CMS for AWS license from a distributor. You should receive a fulfillment email with the new serial number and authentication code.


3 In MySonicWall, click to Register a new instance.

4 Enter the Serial Number and Authentication Code you received after purchasing your CMS for AWS instance. Your CMS for AWS is now registered.

Exporting a Copy of Your Configuration SettingsBefore beginning the update process, export a copy of your CMS configuration settings to your local machine. The Export Settings feature saves a copy of your current configuration settings on your CMS, protecting all your existing settings in the event that it becomes necessary to return a previous configuration state.

To save a copy of your configuration settings and export them to a file on your local management station, go to CMS> Management Server >Maintain > Import/ Export and save the settings file to your local machine. The default settings file is named <SMAHostName>_12.4.0-02179_20200207-005220.aea


28


Part 2

29

Support

• SonicWall Support

5

SonicWall Support

Technical support is available to customers who have purchased SonicWall products with a valid maintenance contract and to customers who have trial versions.

The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours a day, 365 days a year. To access the Support Portal, go to https://www.SonicWall.com/support.

The Support Portal enables you to:

• View knowledge base articles and technical documentation

• View video tutorials

• Access MySonicWall

• Learn about SonicWall professional services

• Review SonicWall Support services and warranty information

• Register for training and certification

• Request technical support or customer service

To contact SonicWall Support, visit https://www.SonicWall.com/support/contact-support.


30

https://www.sonicwall.com/support

https://www.sonicwall.com/support/contact-support

About This Document

SMA and CMS on AWS Updated - February 2020Software Version - 12.4232-005243-00 Rev. A

Copyright © 2020 SonicWall Inc. All rights reserved.

SonicWall is a trademark or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective ownersThe information in this document is provided in connection with SonicWall Inc. and/or its affiliates’ products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of SonicWall products. EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, SONICWALL AND/OR ITS AFFILIATES ASSUME NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL SONICWALL AND/OR ITS AFFILIATES BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF SONICWALL AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SonicWall and/or its affiliates make no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. SonicWall Inc. and/or its affiliates do not make any commitment to update the information contained in this document.For more information, visit https://www.SonicWall.com/legal.

End User Product AgreementTo view the SonicWall End User Product Agreement, go to: https://www.SonicWall.com/en-us/legal/license-agreements. Select the language based on your geographic location to see the EUPA that applies to your region.

Open Source CodeSonicWall is able to provide a machine-readable copy of open source code with restrictive licenses such as GPL, LGPL, AGPL when applicable per license requirements. To obtain a complete machine-readable copy, send your written requests, along with certified check or money order in the amount of USD 25.00 payable to “SonicWall Inc.”, to:

General Public License Source Code RequestSonicWall Inc. Attn: Jennifer Anderson1033 McCarthy BlvdMilpitas, CA 95035

Legend

WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death.

CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not followed.

IMPORTANT, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information.


31

https://www.sonicwall.com/legal

https://www.sonicwall.com/en-us/legal/license-agreements

Documents

SMA and CMS on AWS · 2020-04-02 · SMA and CMS on AWS Getting Started Guide 7 2 Click the link in the instructions to go to the EC2 Console. 3 Click Create Key Pair. 4 Type in a