How can we help?

How to enable SNMPv3 and SSH on SonicWall Gen7 managed devices

Follow

Auvik requires that SNMP and SSH access be enabled to your SonicWall for the most effective monitoring experience. If you need to enable SNMPv3, please use the following instructions. .

These instructions assume:

  • The SonicWall device is running SonicOS version 7.0 or higher
  • The date, time and time zone are correctly set on the firewall
  • You have administrative access to the firewall
  • The IP address of your Auvik collector is known

Important: Configure the SNMPv3 credentials and SSH login credentials to Auvik if you haven’t already done so.

1. Enable SNMP on the device

SNMP is typically disabled by default on a factory-reset SonicWall device. You’ll need to manually enable it. From the SonicWall administrative graphical user interface (GUI):

Screen_Shot_2021-07-13_at_10.32.30_AM.png

  • Navigate to Device
  • Go to Settings
  • Go to SNMP
  • Click to Enable SNMP
  • Click on the Accept button

2. Create SNMP user, group & access

Screen_Shot_2021-07-13_at_10.34.17_AM.png

Create the SNMP Group:

  • Navigate to Device
  • Go to Settings
  • Go to SNMP
  • Go to User/Group
  • Click the Add Group button
    • Group Name: Type any friendly name which you would like to use for SNMP Group
  • Click OK

Screen_Shot_2021-07-13_at_10.36.25_AM.png

Add users to the SNMP Group:

  • Navigate to Device
  • Go to Appliance
  • Go to SNMP
  • Go to User/Group
  • Click the Add User button
    • Username: Type any friendly name which you would like to use for SNMP
    • Security Level: Select the level which you would like to use.
    • Authentication Method: Select the method which you would like to use
    • Authentication Key: type the key which you would like to use
      Note: It should be more than 8 characters
    • Encryption Method: Select the method which you would like to use
    • Privacy Key: type the key which you would like to use
    • Group: Select the group previously created
  • Click OK

Screen_Shot_2021-07-13_at_10.37.51_AM.png

Create access for SNMP:

  • Navigate to Device
  • Go to Settings
  • Go to SNMP
  • Go to Access
  • Click the Add button
    • Access Name: Type any name which you would like to use
    • Set Read View to root
    • Master SNMPv3 Group: Select any group which you would like to use
    • Access Security Level: Select the level of security for SNMP
  • Click OK

3. Enable SNMP and SSH on the appropriate interface

SonicWall devices have per-interface protocol filters that need to be customized so Auvik can send and receive queries using SNMP and SSH. Which interface you enable them on depends on which firewall interface is pointing towards your Auvik collector. Here are two common scenarios:

Local Connection to the SonicWall

Screen_Shot_2021-07-13_at_10.40.47_AM.png

Your collector resides on a host that reaches your SonicWall via a LAN port (e.g. X0). In this example, you would enable SNMP and SSH on local interface X0. To resolve:

  • Navigate to Network
  • Go to System
  • Go to Interfaces
  • For SonicOS 7, click Edit this Interface
    • The floating pencil on the Interface line
  • Within the pop-up menu, in the General tab
  • Click enable SNMP and SSH
  • Click OK

Remote Connection to the SonicWall (Multi-Site)

Your topology consists of two sites connected by a site-to-site VPN. Your Auvik collector is deployed at one location, and you’d like it to scan the remote site. To accomplish this, enable SNMP and SSH access on the appropriate VPN policy:

Screen_Shot_2021-07-13_at_10.43.31_AM.png

  • Navigate to Network
  • Go to IPSec VPN
  • Go to Rules
  • Go to Settings
  • Click Edit in the line of the appropriate VPN Policy
  • A pop-up window with three tabs should appear
  • Click the Advanced tab
  • In the Management via this SA section, ensure SNMP and SSH are enabled
  • Click Save

 

Was this article helpful?
0 out of 3 found this helpful
Have more questions? Submit a request