LED (Top to Bottom) Power LED: Indicates the SonicWALL NSA appliance is powered on.
Test LED: Flickering: Indicates the appliance is initializing. Steady blinking: Indicates the
appliance is in SafeMode. Solid: Indicates that the appliance is in test mode.
Alarm LED: Indicates an alarm condition.
X0 (LAN), X1 (WAN) Gigabit Ethernet ports for LAN and WAN connections.
X2-X5 (LAN) Gigabit Ethernet ports for other configurable Ethernet connections
Configuring Interfaces in Transparent Mode
Transparent Mode enables the SonicWALL security appliance to bridge the WAN subnet onto an internal interface. To configure an interface for transparent mode, complete the following steps:
Step 1 Click on the Configure icon in the Configure column forUnassigned Interface you want to configure. The Edit Interface window is displayed.
Step 2 Select an interface.
•If you select a configurable interface, select LAN or DMZ for Zone.
•If you want to create a new zone for the configurable interface, selectCreate a new zone. The Add Zone window is displayed.
Step 3 Select Transparent Mode from the IP Assignment menu.
Step 4 From the Transparent Range menu, select an address object that contains the range of IP addresses you want to have access through this interface. The address range must be within the WAN zone and must not include the WAN interface IP address. If you do not have an address object configured that meets your needs:
a. In the Transparent Rangemenu, select Create New Address Object.
b. In the Add Address Object window, enter a name for the address range.
a. For Zone Assignment, select WAN.
b. For Type, select:
- Host if you want only one network device to connect to this interface.
- Range to specify a range of IP addresses by entering beginning and ending value of the range.
- Network to specify a subnet by entering the beginning value and the subnet mask. The subnet must be within the WAN address range and cannot include the WAN interface IP address.
d. Click OK to create the address object and return to the Edit Interfacewindow.
Step 5 Enter any optional comment text in the Comment field. This text is displayed in the Comment column of the Interface table.
Step 6 If you want to enable remote management of the SonicWALL security appliance from this interface, select the supported management protocol(s):HTTP, HTTPS, SSH, Ping, SNMP, and/or SSH. To allow access to the WAN interface for management from another zone on the same appliance, access rules must be created.
Step 7 If you want to allow selected users with limited management rights to log directly into the security appliance through this interface, select HTTPand/or HTTPS in User Login.
Configuring Advanced Settings for the Interface
If you need to force an Ethernet speed, duplex and/or MAC address, click theAdvanced tab. The Ethernet Settings section allows you to manage the Ethernet settings of links connected to the SonicWALL. Auto Negotiate is selected by default as the Link Speed because the Ethernet links automatically negotiate the speed and duplex mode of the Ethernet connection. If you want to specify the forced Ethernet speed and duplex, select one of the following options from the Link Speed menu:
•1000 Mbps – Full Duplex ()
•100 Mbps – Full Duplex
•100 Mbps – Half Duplex
•10 Mbps – Full Duplex
•10 Mbps – Half Duplex
You can choose to override the Default MAC Address for the Interface by selecting Override Default MAC Address and entering the MAC address in the field. Check Enable Multicast Support to allow multicast reception on this interface.
Caution: If you select a specific Ethernet speed and duplex, you must force the connection speed and duplex from the Ethernet card to the SonicWALL security appliance as well.
Configuring the hosts connected to the Transparent interface:
The hosts connected to the X2 interface should be configured with the IP addresses within the Transparent Range. The default gateway could either be the upstream ISP router address or the SonicWALL WAN interface IP. Once the hosts are configured appropriately they will be able to go online with the IP address assigned to them without being NAT’ed. Conversely, the hosts can be reached from the WAN side of the SonicWALL with the IP address assigned to them provided a WAN > DMZ Allow rule exists.