How to enable SNMPv3 on SonicWall Gen7 managed devices

Auvik requires that SNMP and SSH access be enabled to your SonicWall for the most effective monitoring experience. If you need to enable SNMPv3, please use the following instructions. .

These instructions assume:

• The SonicWall device is running SonicOS version 7.0 or higher.
• The date, time and time zone are correctly set on the firewall.
• You have administrative access to the firewall.
• The IP address of your Auvik collector is known.

1. Enable SNMP on the device

SNMP is typically disabled by default on a factory-reset SonicWall device. You’ll need to manually enable it. From the SonicWall administrative graphical user interface (GUI):

1. Navigate to Device, Settings, then SNMP.
2. Click to enable SNMP.
3. Click on the Accept button.

2. Create SNMP user, group & access

Create the SNMP Group:

1. Navigate to Device, Settings, SNMP, User/Group, and click the “Add Group” button.
2. Group Name: Type any friendly name which you would like to use for SNMP Group.
3. Click OK.

Add users  to the SNMP Group:

1. Navigate to Device, Appliance, SNMP, User/Group, and click the “Add User” button.
2. Username: Type any friendly name which you would like to use for SNMP.
3. Security Level: Select the level which you would like to use.
4. Authentication Method: Select the method which you would like to use.
5. Authentication Key: type the key which you would like to use (it should be more than 8 characters).
6. Encryption Method: Select the method which you would like to use.
7. Privacy Key: type the key which you would like to use.
8. Group: Select the group previously created.
9. Click OK.

Create access for SNMP:

1. Navigate to Device, Settings, SNMP, then Access, and click the “Add” button.
2. Access Name: Type any name which you would like to use.
3. Set “Read View” to “root”.
4. Master SNMPv3 Group: Select any group which you would like to use.
5. Access Security Level: Select the level of security for SNMP.
6. Click OK.

3. Enable SNMP and SSH on the appropriate interface

SonicWall devices have per-interface protocol filters that need to be customized so Auvik can send and receive queries using SNMP and SSH. Which interface you enable them on depends on which firewall interface is pointing towards your Auvik collector. Here are two common scenarios:

Local Connection to the SonicWall

Your collector resides on a host that reaches your SonicWall via a LAN port (e.g. X0). In this example, you would enable SNMP and SSH on local interface X0. To resolve:

1. Navigate to Network, System, and then Interfaces. For SonicOS 7, click “Edit this Interface” (the floating pencil on the Interface line).
2. Within the pop-up menu, in the General tab, enable SNMP and SSH.
3. Click OK.

Remote Connection to the SonicWall (Multi-Site)

Your topology consists of two sites connected by a site-to-site VPN. Your Auvik collector is deployed at one location, and you’d like it to scan the remote site. To accomplish this, enable SNMP and SSH access on the appropriate VPN policy:

1. Navigate to Network, IPSec VPN, then Rules and Settings. Click Edit in the line of the appropriate VPN Policy.
2. A pop-up window with three tabs should appear. Click the Advanced tab.
3. In the “Management via this SA” section, ensure SNMP and SSH are enabled.
4. Click Save.

Important: Configure the SNMPv3 credentials and SSH login credentials to Auvik if you haven’t already done so.