Auvik requires that SNMP and SSH access be enabled to your SonicWall for the most effective monitoring experience. If you need to enable SNMPv3, please use the following instructions.
These instructions assume:
- The SonicWall device is on SonicOS version 6.5 or higher.
- The date, time and time zone are correctly set on the firewall.
- You have administrative access to the firewall.
- The IP address of your Auvik collector is known.
1. Enable SNMP on the device
SNMP is typically disabled by default on a factory-reset SonicWall device. You’ll need to manually enable it. From the SonicWall administrative graphical user interface (GUI):
- Navigate to System, then Advanced Management. Click on “Manage”, then navigate to Appliance, then SNMP.
- Click to enable SNMP.
- Click on the Accept button.
Add users to the SNMP Group:
- Navigate to Manage, Appliance, then SNMP. Under “Users/Group, click “Add User” button under Users/Group.
- Username: Type any friendly name which you would like to use for SNMP.
- Security Level: Select the level which you would like to use.
- Authentication Method: Select the method which you would like to use.
- Authentication Key: type the key which you would like to use (it should be more than 8 characters).
- Encryption Method: Select the method which you would like to use.
- Privacy Key: type the key which you would like to use.
- Group: Select the group previously created.
- Click OK.
Create access for SNMP:
- Navigate to Manage, Appliance, then SNMP. Under “Access”, click the “Add” button.
- Access Name: Type any name which you would like to use.
- Set “Read View” to “root”.
- Master SNMPv3 Group: Select any group which you would like to use.
- Access Security Level: Select the level of security for SNMP.
- Click OK.
2. Enable SNMP and SSH on the appropriate interface
SonicWall devices have per-interface protocol filters that need to be customized so Auvik can send and receive queries using SNMP and SSH. Which interface you enable them on depends on which firewall interface is pointing towards your Auvik collector. Here are two common scenarios:
Local Connection to the SonicWall
Your collector resides on a host that reaches your SonicWall via a LAN port (e.g. X0). In this example, you would enable SNMP and SSH on local interface X0. To resolve:
- Navigate to Network, then Interfaces from the left side pane. For SonicOS 6.5 and above click on Manage, then Network, and Interfaces.
- Within the Interfaces settings table, configure the LAN-side interface that’s pointing to the Auvik virtual appliance by clicking the pencil icon on the right-hand side of the row (in our example, X0).
- Within the pop-up menu, in the Management section, enable SNMP and SSH.
- Click OK.
Remote Connection to the SonicWall (Multi-Site)
Your topology consists of two sites connected by a site-to-site VPN. Your Auvik collector is deployed at one location, and you’d like it to scan the remote site. To accomplish this, enable SNMP and SSH access on the appropriate VPN policy:
- Navigate to the VPN tab. Click Settings.
- Click the Configure button for the appropriate VPN policy.
- A pop-up window with four tabs should appear. Click the Advanced tab.
- In the Management via this SA section, ensure SNMP and SSH are checked off.
- Click OK.
Important: Configure the SNMPv3 credentials and SSH login credentials to Auvik if you haven’t already done so.