Dell Sonicwall™ Sonicos 5.8.4.2: Release Notes

Dell SonicWALL™ SonicOS 5.8.4.
2
Release Notes
November 2015
These release notes provide information about the Dell SonicWALL™ SonicOS 5.8.4.2 release.
• About SonicOS 5.8.4.2

• Supported platforms
• Resolved issues
• Known issues
• Supported features by model
• System compatibility
• Product licensing
• Upgrading SonicOS image procedures
• Technical support resources
• About Dell
About SonicOS 5.8.4.2

SonicOS 5.8.4.2 is a maintenance release that fixes the RSA-CRT vulnerability. See Resolved issues.
SonicOS 5.8.4.2 provides all the features and contains all the resolved issues that were included in previous
releases of SonicOS 5.8.4.x and 5.8.1.x. For detailed information, see the previous release notes, available on
https://mysonicwall.com/ or on https://support.software.dell.com/release-notes-product-select.
SonicOS 5.8.4.2
1
Release Notes
Supported platforms
The SonicOS 5.8.4.2 release is supported on the following Dell SonicWALL network security appliances:
• NSA E8510 • NSA 5000 • TZ 215 / 215 Wireless
• NSA 250M / 250M Wireless • TZ 100 / 100 Wireless
• NSA 220 / 220 Wireless
Resolved issues
The following issue is resolved in the SonicOS 5.8.4.2 release:
System
Resolved issue Issue ID
A specialized RSA-CRT attack can cause private key leakage in relatively rare cases. 166825
This security vulnerability has not been publically disclosed and it is very difficult to
perform this attack. To be cautious, Dell SonicWALL recommends that customers
upgrade firmware.
Occurs when the SonicOS management interface or a port on the firewall is accessed
using SSL, and the following conditions are met:
• A highly sophisticated tool is used to harvest this vulnerability; this tool is not
available to the general public
• The Enable Hardware RSA option is enabled in the internal SonicOS settings
(by default this option is disabled, in which case the firewall is not
vulnerable)
SonicOS 5.8.4.2
2
Release Notes
Known issues
This section contains a list of known issues in the SonicOS 5.8.4.2 release.
Application Firewall
Known issue Issue ID

The Ultrasurf browser plugin is not blocked by an App Rule or App Control Advanced. 161651
Occurs when using the Chrome browser plugin for Ultrasurf.
Enabling a Custom App Rules policy reduces throughput between zones by about 50%. 155319
Occurs when Custom Policy is the selected policy type and App Rules is enabled, even
if no rules exist or there is only one simple rule. App Rule categories other than
Custom Policy do not reduce throughput nearly as much.
DPI-SSL

Client DPI-SSL does not inspect traffic on the WWAN interface. No messages such as 163672
“connection is untrusted” are displayed when connecting to a secure website using
HTTPS.
Occurs when the firewall is using a 3G or 4G card for the WAN connection and Client
DPI-SSL is enabled, but the default Dell SonicWALL DPI-SSL CA certificate is not
installed on the browser.
The DPI-SSL cipher method reverts to the default setting. 149442
Occurs when the DPI-SSL cipher method is changed and then the firewall is restarted.
Excluding a User Object or User Group for Server DPI-SSL causes Client DPI-SSL to not 118962
work properly.
Occurs when accessing HTTPS websites from a client computer without logging in as a
user on the client computer. Client DPI-SSL does not change the site certificate to
the SonicWALL certificate.
Networking

Under certain customer deployment conditions there could be temporary link 145764
instability experienced by physical interfaces on NSA 2400 units.
This is an intermittent condition that is resolved in the majority of cases when using
SonicOS 5.8.1.15 and newer. However, it may still persist in a very small number of
units.
The L2TP client on the WAN interface of the firewall gets disconnected every two 143953
minutes.
Occurs when the WAN interface IP Assignment is L2TP and the WAN interface is
connected to an L2TP/PPP server. When PPP messages are exchanged, there is no
magic number negotiation on the client side during the Link Control Protocol (LCP)
configuration request. Only the server attempts to negotiate the magic numbers. The
LCP echo reply from the firewall has the same magic numbers as the server. After 4
attempts, the server terminates the connection, but the firewall continues to retry
the connection every 2 minutes.
FTP or HTTP traffic cannot pass through a pair of interfaces configured in Wire Mode 101359
and set to Secure.
Occurs when using a Stateful High Availability pair and Active-Active DPI is enabled.
SonicOS 5.8.4.2
3
Release Notes
Security Services

Gateway Anti-Virus (GAV) does not block a gzip’d file containing a virus. 113230
Occurs when GAV is enabled on the firewall, inbound and outbound inspection is
enabled for the SMTP protocol, and an email with the gzip’d file attached is sent
from LAN to WAN through the firewall. The email is delivered to the recipient by the
WAN SMTP server.
User Interface
Internet Explorer redirects the HTTP URL to HTTPS, but drops the connection to the 162540
appliance immediately and does not allow the administrator to log into the SonicOS
management interface.
Occurs when using Internet Explorer 8 and entering the appliance IP address with
“http://” in the URL.
Workaround: Use a newer version of Internet Explorer or use Chrome or Firefox on a
client machine running an operating system that supports TLSv1.1 or above.
Users

A limited administrator can log out the firewall administrator on the Users > Status 145005
page.
Occurs when a limited administrator is in non-configuration mode.
Supported features by model

The following tables list the key features in SonicOS 5.8 and which appliance models support them. Blank table
cells indicate that the feature is not supported. Features that are affected by licensing status are also listed.
• NSA E-Class, NSA Series, TZ 210/200/100 Series

• TZ 205 Series and TZ 105 Series
• NSA 250M Series, NSA 220 Series, TZ 215 Series
• Supported features and licensing
SonicOS 5.8.4.2
4
Release Notes
NSA E-Class, NSA Series, TZ 210/200/100 Series
Specifically, this table indicates supported features for:
• NSA E-Class Series — E8510 / E8500 / E7500 / E6500 / E5500
• NSA Series — 5000 / 4500 / 3500 / 2400 / 240
• TZ 210 Series — 210 / 210 Wireless
Feature/Enhancement NSA E-Class NSA Series TZ 210 TZ 200 TZ 100

Series Series Series Series
Accept Multiple VPN Client

Supported Supported Supported Supported Supported
Proposals.
App Control Advanced Supported Supported Supported Supported Supported
App Control Policy
Configuration via App Flow Supported Supported Supported Supported Supported
Monitor
App Rules Supported Supported Supported
AppFlow > Flow Reporting Supported Supported Supported
AppFlow Dash Supported Supported Supported
AppFlow Monitor Supported Supported Supported
AppFlow Reports Supported Supported Supported
Application Usage and Risk
Supported Supported Supported
Report
Auto-Configuration of URLs to
Bypass User Authentication
Browser NTLM Authentication Supported Supported Supported Supported Supported
CASS 2.0 Supported Supported Supported Supported Supported
CFS Enhancements Supported Supported Supported Supported Supported
Cloud GAV Supported Supported Supported Supported Supported
Connection Monitor Supported Supported Supported Supported Supported
Current Users and Detail of
Users Options for TSR
Customizable Login Page Supported Supported Supported Supported Supported
DHCP Scalability
Enhancements
DPI-SSL Supported Supported
Dynamic WAN Scheduling Supported Supported Supported Supported Supported
Enhanced Connection Limit Supported Supported Supported Supported Supported
Geo-IP Filtering and Botnet
Command & Control Filtering
Global BWM Ease of Use
Enhancements
IKEv2 Supported Supported Supported Supported Supported
IPFIX & NetFlow Reporting Supported Supported Supported
SonicOS 5.8.4.2
5
Release Notes
Feature/Enhancement NSA E-Class NSA Series TZ 210 TZ 200 TZ 100
Series Series Series Series
LDAP Primary Group Attribute Supported Supported Supported Supported Supported

Link Aggregation Supported
Log Monitor Supported Supported Supported Supported Supported
Management Traffic Only
Option for Network Interfaces
NTP Authentication Type Supported Supported Supported Supported Supported
Packet Monitor Enhancements Supported Supported Supported Supported Supported
Port Redundancy Supported
Preservation of Anti-Virus
Exclusions After Upgrade
Real-Time Monitor Supported Supported Supported
SIP Application Layer
Enhancements
SonicPoint N DR Supported Supported Supported Supported Supported
SonicPoint Ne/Ni Supported Supported Supported Supported Supported
SonicPoint VAPs Supported Supported Supported Supported Supported
SSL VPN NetExtender Client
Update
SSO User Import from LDAP Supported Supported Supported Supported Supported
Stateless High Availability Supported Supported Supported Supported Supported
Top Global Malware Supported Supported Supported Supported Supported
User Monitor Tool Supported Supported Supported
VLAN Subinterfaces Supported Supported Supported Supported Supported
WAN Acceleration Supported Supported Supported Supported Supported
NSA 3500
Wire and Tap Mode Supported
and above
Wireless Client Bridge
Support
YouTube for Schools Supported Supported Supported Supported Supported
SonicOS 5.8.4.2
6
Release Notes
TZ 205 Series and TZ 105 Series
Feature / Enhancement TZ 205 Series TZ 105 Series
Accept Multiple VPN Client Proposals Supported Supported

App Control Advanced Supported Supported
App Control Policy Configuration via App Flow Monitor
App Rules Supported Supported
AppFlow > Flow Reporting
AppFlow Dash
AppFlow Monitor
AppFlow Reports
Application Usage and Risk Report
Auto-Configuration of URLs to Bypass User Authentication Supported Supported
Browser NTLM Authentication Supported Supported
CASS 2.0 Supported Supported
CFS Enhancements Supported Supported
Cloud GAV Supported Supported
Connection Monitor Supported Supported
Current Users and Detail of Users Options for TSR Supported Supported
Customizable Login Page Supported Supported
DHCP Scalability Enhancements Supported Supported
DPI-SSL
Dynamic WAN Scheduling Supported Supported
Enhanced Connection Limit Supported Supported
Geo-IP Filtering and Botnet Command & Control Filtering
Global BWM Ease of Use Enhancements Supported Supported
IKEv2 Supported Supported
IPFIX & NetFlow Reporting
LDAP Primary Group Attribute Supported Supported
Link Aggregation
Log Monitor Supported Supported
Management Traffic Only Option for Network Interfaces Supported Supported
NTP Authentication Type Supported Supported
Packet Monitor Enhancements Supported Supported
Port Redundancy
Preservation of Anti-Virus Exclusions After Upgrade Supported Supported
Real-Time Monitor
SonicOS 5.8.4.2
7
Release Notes
Feature / Enhancement TZ 205 Series TZ 105 Series
SIP Application Layer Enhancements Supported Supported

SonicPoint Ne/Ni Supported Supported
SonicPoint VAPs Supported Supported
SonicPoint-N DR Supported Supported
SSL VPN NetExtender Client Update Supported Supported
SSO User Import from LDAP Supported Supported
Stateless High Availability Supported
Top Global Malware
User Monitor Tool Supported Supported
VLAN Subinterfaces Supported Supported
WAN Acceleration Support Supported Supported
Wire and Tap Mode
Wireless Client Bridge Support Supported Supported

YouTube for Schools Supported Supported
NSA 250M Series, NSA 220 Series, TZ 215 Series

• NSA 250M Series — 250M / 250M Wireless
• NSA 220 Series — 220 / 220 Wireless
Feature / Enhancement NSA 250M Series NSA 220 Series TZ 215 Series
Accept Multiple Proposals for Clients Supported Supported Supported

App Control Advanced Supported Supported Supported
App Control Policy Configuration via AppFlow
Monitor
App Rules Supported Supported Supported
AppFlow > Flow Reporting Supported Supported Supported
AppFlow Dash Supported Supported Supported
AppFlow Monitor Supported Supported Supported
AppFlow Reports Supported Supported Supported
Application Usage and Risk Report Supported Supported Supported
Auto-Configuration of URLs to Bypass User
Authentication
Browser NTLM Authentication Supported Supported Supported
CASS 2.0 Supported Supported Supported
CFS Enhancements Supported Supported Supported
Cloud GAV Supported Supported Supported
Connection Monitor Supported Supported Supported
SonicOS 5.8.4.2
8
Release Notes
Feature / Enhancement NSA 250M Series NSA 220 Series TZ 215 Series
Current Users and Detail of Users Options for

TSR
Customizable Login Page Supported Supported Supported
DHCP Scalability Enhancements Supported Supported Supported
DPI-SSL Supported Supported
Dynamic WAN Scheduling Supported Supported Supported
Enhanced Connection Limit Supported Supported Supported
Geo-IP Filtering and Botnet Command &
Control Filtering
Global BWM Ease of Use Enhancements Supported Supported Supported
IKEv2 Supported Supported Supported
IPFIX & NetFlow Reporting Supported Supported Supported
LDAP Primary Group Attribute Supported Supported Supported
Link Aggregation
Log Monitor Supported Supported Supported
Management Traffic Only Option for Network
Interfaces
NSA Modules Supported
NTP Authentication Type Supported Supported Supported
Packet Monitor Enhancements Supported Supported Supported
Port Redundancy
Preservation of Anti-Virus Exclusions After
Upgrade
Real-Time Monitor Supported Supported Supported
SIP Application Layer Enhancements Supported Supported Supported
SonicPoint Ne/Ni Supported Supported Supported
SonicPoint VAPs Supported Supported Supported
SonicPoint-N DR Supported Supported Supported
SSL VPN NetExtender Client Update Supported Supported Supported
SSO User Import from LDAP Supported Supported Supported
Top Global Malware Supported Supported Supported
User Monitor Tool Supported Supported Supported
VLAN Subinterfaces Supported Supported Supported
WAN Acceleration Support Supported Supported Supported
Wire and Tap Mode
Wireless Client Bridge Support Supported Supported Supported
YouTube for Schools Supported Supported Supported
SonicOS 5.8.4.2
9
Release Notes
NSA 250M Series module support
The following SonicWALL NSA modules are supported on the NSA 250M series appliances:
WARNING: You MUST power down the appliance before installing or replacing the modules.
• 1 Port ADSL (RJ-11) Annex A – Provides Asymmetric Digital Subscriber Line (ADSL) over plain old
telephone service (POTS) with a downstream rate of 12.0 Mbit/s and an upstream rate of 1.3 Mbit/s.
• 1 Port ADSL (RJ-45) Annex B – Provides Asymmetric Digital Subscriber Line (ADSL) over an Integrated
Services Digital Network (ISDN) with a downstream rate of 12.0 Mbit/s and an upstream rate of 1.8
Mbit/s.
• 1-port T1/E1 Module – Provides the connection of a T1 or E1 (digitally multiplexed telecommunications

carrier system) circuit to a SonicWALL firewall using a RJ-45 jack.
• 2-port LAN Bypass Module – Removes a single point of failure so that essential business communication
can continue while a network failure is diagnosed and resolved.
• 2-Port SFP Module – This small form-factor pluggable (SFP) network interface module offers a fiber
alternative to the 4-Port GbE Module, enabling more flexible and scalable deployments in a wide
range of environments. Note that port 0 (802.3at) is disabled by default and should be enabled
manually from the SonicOS management interface.
• 4-Port Gigabit Ethernet Module – Expands port density of a SonicWALL NSA 250M Series firewall by
adding four 1-Gbps Ethernet networking interfaces that negotiate the best Ethernet speeds available.
SonicOS 5.8.4.2
10
Release Notes
Supported features and licensing
Some pages in the SonicOS management interface do not display if the license is not activated for the feature
on that page.
Here is an example of the Dashboard > Real-Time Monitor page with App Visualization not licensed:
The following table lists the key features in SonicOS 5.8 that depend on licenses and other settings for the
related management interface pages to display and function properly:
SonicOS Feature No license (SGSS) With license and With license and
disabled in flow enabled in flow
reporting reporting
Dashboard > Real-Time Blocks the page with a All charts are All charts are enabled.
Monitor license popup window. independently enabled The App charts content
or disabled from the depends on whether
AppFlow > Flow Visualization or App
Reporting page. It is Control Advanced is
not dependent on enabled with zone
Visualization being settings.
enabled.
Dashboard > AppFlow Blocks the page with a The AppFlow Monitor All tabs are visible and
Monitor/Dash/Reports license popup window. page displays the fully operational.
message “flow
reporting and
visualization is
disabled”. Content is
not shown.
Dashboard > BWM Blocks the page with a Always on if Global Always on if Global
Monitor license popup window. BWM and Interface are BWM and Interface are
enabled. enabled.
AppFlow > Flow Available and displays Available Available
Reporting a statement that App
Visualization is not
licensed.
Security Services > Blocks the page with a Not available Available
GeoIP Filter license popup window.
Security Services > Blocks the page with a Available Available
Botnet Filter license popup window.
* This is a separate
license and is not part
of the Comprehensive
Gateway Security Suite
(CGSS).
SonicOS 5.8.4.2
11
Release Notes
System compatibility
This section provides additional information about hardware and software compatibility with this release.
WAN Acceleration (WXA) support

The Dell SonicWALL WXA series appliances (WXA 6000 Software, WXA 500 Live CD, WXA 5000 Virtual Appliance,
WXA 2000/4000 Appliances) are supported for use with Dell SonicWALL NSA E-Class, NSA, and TZ products
running 5.8.4.2. The recommended firmware version for the WXA series appliances is 1.3.2. SonicOS 5.8.4.2 is
only compatible with WXA 1.2.2 and newer. Earlier versions of WXA are not supported.
Browser support
SonicOS with Visualization uses advanced browser technologies such as HTML5, which are supported in most
recent browsers. SonicWALL recommends using the latest Chrome, Firefox, Internet Explorer, or Safari
browsers for administration of SonicOS.
This release supports the following Web browsers:
• Chrome 18.0 and higher (recommended browser for dashboard real-time graphics display)
• Firefox 16.0 and higher
• Internet Explorer 8.0 and higher (do not use compatibility mode)
• Safari 5.0 and higher
NOTE: On Windows machines, Safari is not supported for SonicOS management.
NOTE: Mobile device browsers are not recommended for Dell SonicWALL appliance system
administration.
Product licensing
Dell SonicWALL network security appliances must be registered on MySonicWALL to enable full functionality
and the benefits of Dell SonicWALL security services, firmware updates, and technical support. Log in or
register for a MySonicWALL account at https://mysonicwall.com/.
A number of security services are separately licensed features in SonicOS. SonicOS periodically checks the
license status with the SonicWALL License Manager. When a service is licensed, full access to the functionality
is available.
The System > Status page displays the license status for each security service.
SonicOS 5.8.4.2
12
Release Notes
Upgrading SonicOS image procedures
The following procedures are for upgrading an existing SonicOS image to a newer version:
• Obtaining the latest SonicOS image version
• Creating a system backup and exporting your settings
• Upgrading firmware with current settings
• Upgrading firmware with factory default settings
• Using SafeMode to upgrade firmware
• Importing configuration settings
• Importing settings from SonicOS Standard to SonicOS 5.8.4.2 Enhanced
• Support matrix for importing preferences
Obtaining the latest SonicOS image version

To obtain a new SonicOS firmware image file for your SonicWALL security appliance:
1 Connect to your mysonicwall.com account at http://www.mysonicwall.com.
2 In MySonicWALL, click Downloads in the left navigation pane to display the Download Center screen.
3 Select your product in the Software Type drop-down list to display available firmware versions.
4 To download the firmware to your computer, click the link for the firmware version you want. You can
download the Release Notes and other associated files in the same way.
You can update the SonicOS image on a SonicWALL security appliance remotely if the LAN interface or the
WAN interface is configured for management access.
Creating a system backup and exporting your

settings
Create Backup
Before beginning the update process, you can use the Create Backup button to make a system backup on your
Dell SonicWALL appliance.
On Dell SonicWALL NSA 2400 and above, the backup feature saves a copy of the current system state,
firmware, and configuration settings on your appliance, protecting all your existing settings in the event that
it becomes necessary to return to a previous configuration state.
NOTE: The TZ series, NSA 220 series, NSA 240, and NSA 250M series do not support a full
firmware image backup.
Create Backup Settings

On TZ 105 series, TZ 205 series, TZ 215 series, NSA 220 series, NSA 240, and NSA 250M series, you can use the
Create Backup Settings button to save a copy of the configuration settings locally on the firewall. The saved
settings can be used with the current firmware version or with a newly uploaded firmware version.
NOTE: The TZ 100 series and TZ 200 series do not support saving a copy of the settings
directly on the unit.
SonicOS 5.8.4.2
13
Release Notes
Export Settings
On all appliance platforms, you can export the appliance configuration settings to a file on your local
management station. This file serves as an external backup of the configuration settings, and can be imported
into another appliance or into the same appliance if it is necessary to reboot the firmware with factory default
settings.
To save a system backup on your appliance and export configuration settings to a file on your
local management station:
1 To save a system backup or backup settings in the System > Settings page, do one of the following:
• On an NSA 2400 or above, click Create Backup. SonicOS takes a “snapshot” of your current
system state, firmware, and configuration preferences, and makes it the new System Backup
firmware image. Clicking Create Backup overwrites the existing System Backup image, if any.
The System Backup entry is displayed in the Firmware Management table.
• On a TZ, NSA 220, NSA 240, or NSA 250M, click Create Backup Settings. SonicOS saves a small
file on the appliance with all your configuration settings. Any previous backup settings file is
overwritten. The Firmware Management table displays the Current Firmware with Backup
Settings entry.
NOTE: A Download button is displayed in the Firmware Management table for System Backup and
for Current/Uploaded Firmware with Backup Settings. However, the downloaded files cannot be
imported into another appliance, nor can they be uploaded like firmware. Use Export Settings to
save your configuration settings for import into another appliance.
2 To export your settings to a local file, click Export Settings and then click Export in the popup window
that displays the name of the saved file.
3 On the System > Diagnostics page, under Tech Support Report, select the following checkboxes and
then click the Download Report button:
• VPN Keys
• ARP Cache
• DHCP Bindings
• IKE Info
• SonicPointN Diagnostics
• Current users
• Detail of users
The information is saved to a “techSupport_” file on your management computer.
Upgrading firmware with current settings

You can update the SonicOS image on a Dell SonicWALL security appliance by connecting your computer to the
LAN (X0) port or you can update it remotely if the LAN or WAN interface is configured for remote management
access.
To upload new firmware to your Dell SonicWALL appliance and use your current configuration
settings upon startup:
1 Download the SonicOS firmware image file from mysonicwall.com and save it to a location on your local
computer.
2 Point your browser to the appliance IP address, and log in as an administrator.
3 On the System > Settings page, click Upload New Firmware.
4 Browse to the location where you saved the SonicOS firmware image file, select the file, and click
Upload. After the firmware finishes uploading, it is displayed in the Firmware Management table.
SonicOS 5.8.4.2
14
Release Notes
5 On the System > Settings page, click the Boot icon in the row for Uploaded Firmware - New!
6 In the confirmation dialog box, click OK. The appliance restarts and then displays the login page.
7 Enter your user name and password. Your new SonicOS image version information is listed on the
System > Settings page.
Upgrading firmware with factory default

settings
To upload new firmware to your Dell SonicWALL appliance and start it up using the default
configuration:
1 Download the SonicOS firmware image file from mysonicwall.com and save it to a location on your local
computer.
2 Point your browser to the appliance IP address, and log in as an administrator.
3 On the System > Settings page, click Upload New Firmware.
4 Browse to the location where you saved the SonicOS firmware image file, select the file, and click
Upload.
5 On the System > Settings page, click the Boot icon in the row for Uploaded Firmware with Factory
Default Settings.
6 In the confirmation dialog box, click OK. The appliance restarts and then displays the options to launch
the Setup Wizard or go to the login page of the SonicOS management interface.
NOTE: The IP address for the X0 (LAN) interface reverts to the default, 192.168.168.168. You can
log into SonicOS by connecting to X0 and pointing your browser to https://192.168.168.168.
7 Enter the default user name and password (admin / password) to access the SonicOS management
interface.
Using SafeMode to upgrade firmware

If you are unable to connect to the SonicOS management interface, you can restart the Dell SonicWALL
security appliance in SafeMode. The SafeMode feature allows you to quickly recover from uncertain
configuration states with a simplified management interface that includes the same settings available on the
System > Settings page.
The SafeMode procedure uses a recessed reset button in a small pinhole for which the location varies:
• On the NSA models, the button is near the USB ports on the front.
• On the TZ models, the button is next to the power connection on the back.
To use SafeMode to upgrade firmware on a Dell SonicWALL security appliance:

1 Connect your computer to the X0 port on the appliance and configure your computer with an IP address
on the 192.168.168.0/24 subnet, such as 192.168.168.20.
2 Do one of the following to restart the appliance in SafeMode:
• Use a narrow, straight object, like a straightened paper clip or a toothpick, to press and hold
the reset button on the security appliance for more than 20 seconds.
• On platforms with an LCD screen and control buttons on the front bezel, you can use the LCD
control buttons to set the appliance to SafeMode. Once selected, the LCD displays a
confirmation prompt. Select Y and press the Right button to confirm. The Dell SonicWALL
security appliance changes to SafeMode.
SonicOS 5.8.4.2
15
Release Notes
The Test light starts blinking when the appliance has rebooted into SafeMode.
NOTE: Holding the reset button for two seconds will send a diagnostic snapshot to the console.
Holding the reset button for six to eight seconds will reboot the appliance in regular mode.
3 Point the browser on your computer to 192.168.168.168. The SafeMode management interface displays.
4 Click Upload New Firmware, and then browse to the location where you saved the SonicOS firmware
image, select the file, and click Upload.
5 Click the Boot icon in the row for one of the following:
• Uploaded Firmware – New!
Use this option to restart the appliance with your current configuration settings.
• Uploaded Firmware with Factory Default Settings – New!
Use this option to restart the appliance with factory default configuration settings.
6 In the confirmation dialog box, click OK to proceed.
7 If you booted with current configuration settings, reconfigure your computer as needed to
automatically obtain an IP address and DNS server address, or reset it to its normal static values.
8 Connect the computer to your network or leave it connected to the X0 (LAN) interface of the
appliance, and point your browser to the WAN or LAN (depending on how you are connected) IP address
of the Dell SonicWALL appliance.
After successfully booting the firmware, the login screen is displayed. If you booted with factory
default settings, enter the default user name and password (admin / password) to access the SonicOS
management interface. The default IP address of the X0 interface is 192.168.168.168.
Importing configuration settings

You can import configuration settings from one appliance to another, which can save a lot of time when
replacing an older appliance with a newer model. This feature is also useful when you need multiple
appliances with similar configuration settings.
Importing configuration settings, or preferences (“prefs”), to Dell SonicWALL network security appliances
running SonicOS 5.8.4 is generally supported from the following Dell SonicWALL appliances:
• NSA E-Class Series
• NSA Series
• TZ 215/210/205/200/105/100/190/180/170 Series
• PRO Series
There are certain exceptions to preferences importing on these appliances running the SonicOS 5.8.4.2
release. Preferences cannot be imported in the following cases:
• Settings files containing Portshield interfaces created prior to SonicOS 5.x
• Settings files containing VLAN interfaces are not accepted by the TZ 100/200 Series firewalls
• Settings files from a PRO 5060 with optical fiber interfaces where VLAN interfaces have been created
SonicOS 5.8.4.2
16
Release Notes
Importing settings from SonicOS Standard to
SonicOS 5.8.4.2 Enhanced
The SonicOS Standard to Enhanced Settings Converter is designed to convert a source Standard Network
Settings file to be compatible with a target SonicOS Enhanced appliance. Due to the more advanced nature of
SonicOS Enhanced, its Network Settings file is more complex than the one SonicOS Standard uses. They are not
compatible. The Settings Converter creates an entirely new target Enhanced Network Settings file based on
the network settings found in the source Standard file. This allows for a rapid upgrade from a Standard
deployment to an Enhanced one with no time wasted in re-creating network policies.
NOTE: SonicWALL recommends deploying the converted target Network Settings file in a testing
environment first and always keeping a backup copy of the original source Network Settings file.
The SonicOS Standard to Enhanced Settings Converter is available at:

https://convert.global.sonicwall.com/
If the preferences conversion fails, email your SonicOS Standard configuration file to
settings_converter@sonicwall.com with a short description of the problem. In this case, you may also consider
manually configuring your SonicWALL appliance.
To convert a Standard Network Settings file to an Enhanced one:

1 Log in to the management interface of your SonicOS Standard appliance, navigate to System >
Settings, and save your network settings to a file on your management computer.
2 On the management computer, point your browser to https://convert.global.sonicwall.com/.
3 Click the Settings Converter button.
4 Log in using your MySonicWALL credentials and agree to the security statement.
The source Standard Network Setting file must be uploaded to MySonicWALL as part of the conversion
process. The Setting Conversion tool uses MySonicWALL authentication to secure private network
settings. Users should be aware that SonicWALL retains a copy of their network settings after the
conversion process is complete.
5 Upload the source Standard Network Settings file:
• Click Browse.
• Navigate to and select the source SonicOS Standard Settings file.
• Click Upload.
• Click the right arrow to proceed.
6 Review the source SonicOS Standard Settings Summary page.
This page displays useful network settings information contained in the uploaded source Network
Settings file. For testing purposes, the LAN IP and subnet mask of the appliance can be changed on this
page in order to deploy it in a testing environment.
• (Optional) Change the LAN IP address and subnet mask of the source appliance
to that of the target appliance.
• Click the right arrow to proceed.
7 Select the target SonicWALL appliance for the Enhanced deployment from the available list.
SonicOS Enhanced is configured differently on various SonicWALL appliances, mostly to support
different interface numbers. As such, the converted Enhanced Network Settings file must be
customized to the appliance targeted for deployment.
8 Complete the conversion by clicking the right arrow to proceed.
9 Optionally click the Warnings link to view any differences in the settings created for the target
appliance.
10 Click the Download button, select Save to Disk, and click OK to save the new target SonicOS Enhanced
Network Settings file to your management computer.
SonicOS 5.8.4.2
17
Release Notes
11 Log in to the management interface for your SonicWALL appliance.
12 Navigate to System > Settings, and click the Import Settings button to import the converted settings to
your appliance.
Support matrix for importing preferences

Legend
This legend defines the letter-codes used in the tables below.
Tables:
• NSA / E-Class NSA configuration import support
• TZ / NSA configuration import support
SonicOS 5.8.4.2
18
Release Notes
NSA / E-Class NSA configuration import support
The following matrix shows the Dell SonicWALL firewalls whose configuration settings can be imported to Dell
SonicWALL NSA and E-Class NSA platforms. The source firewalls are in the left column, and the destination
firewalls are listed across the top.
SonicOS 5.8.4.2
19
Release Notes
TZ / NSA configuration import support
The following matrix shows the Dell SonicWALL firewalls whose configuration settings can be imported to Dell
SonicWALL TZ 100/200/105/205/210/215 series and NSA 220/240/250M series platforms. The source firewalls
are in the left column, and the destination firewalls are listed across the top.
SonicOS 5.8.4.2
20
Release Notes
Technical support resources
Technical support is available to customers who have purchased Dell software with a valid maintenance
contract and to customers who have trial versions.
The Support Portal provides self-help tools you can use to solve problems quickly and independently, 24 hours
a day, 365 days a year. In addition, the portal provides direct access to product support engineers through an
online Service Request system. To access the Support Portal, go to http://software.dell.com/support/.
The site enables you to:
• View Knowledge Base articles at:
https://support.software.dell.com/kb-product-select
• View instructional videos at:
https://support.software.dell.com/videos-product-select
• Engage in community discussions
• Chat with a support engineer
• Create, update, and manage Service Requests (cases)
• Obtain product notifications
SonicOS Administration Guides and related documents are available on the Dell Software Support site at
https://support.software.dell.com/release-notes-product-select.
About Dell
Dell listens to customers and delivers worldwide innovative technology, business solutions and services they
trust and value. For more information, visit www.software.dell.com.
Contacting Dell
Technical support:
Online support
Product questions and sales:
(800) 306-9329
Email:
info@software.dell.com
SonicOS 5.8.4.2
21
Release Notes
© 2015 Dell Inc.
ALL RIGHTS RESERVED.
This guide contains proprietary information protected by copyright. The software described in this guide is furnished under a
software license or nondisclosure agreement. This software may be used or copied only in accordance with the terms of the
applicable agreement. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying and recording for any purpose other than the purchaser’s personal use without the
written permission of Dell Inc.
The information in this document is provided in connection with Dell products. No license, express or implied, by estoppel or
otherwise, to any intellectual property right is granted by this document or in connection with the sale of Dell products.
EXCEPT AS SET FORTH IN THE TERMS AND CONDITIONS AS SPECIFIED IN THE LICENSE AGREEMENT FOR THIS PRODUCT, DELL
ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS
PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL DELL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL,
PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS
INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF DELL HAS
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Dell makes no representations or warranties with respect to the
accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and
product descriptions at any time without notice. Dell does not make any commitment to update the information contained
in this document.
If you have any questions regarding your potential use of this material, contact:
Dell Inc.
Attn: LEGAL Dept.
5 Polaris Way
Aliso Viejo, CA 92656
Refer to our web site (software.dell.com) for regional and international office information.
Patents
For more information about applicable patents, refer to http://software.dell.com/legal/patents.aspx.
Trademarks
Dell, the Dell logo, and SonicWALL are trademarks of Dell Inc. Other trademarks and trade names may be used in this
document to refer to either the entities claiming the marks and names or their products. Dell disclaims any proprietary
interest in the marks and names of others.
Legend
CAUTION: A CAUTION icon indicates potential damage to hardware or loss of data if instructions are not
followed.
WARNING: A WARNING icon indicates a potential for property damage, personal injury, or death.
IMPORTANT NOTE, NOTE, TIP, MOBILE, or VIDEO: An information icon indicates supporting information.
______________________
Last updated: 11/18/2015
232-003092-00 Rev A
SonicOS 5.8.4.2
22
Release Notes

Dell Sonicwall™ Sonicos 5.8.4.2: Release Notes

Uploaded by

Document Informationclick to expand document informationsonicos_5.8.4.2_releasenotes

Document Informationclick to expand document information

Copyright:

Available Formats

Dell Sonicwall™ Sonicos 5.8.4.2: Release Notes

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Dell Sonicwall™ Sonicos 5.8.4.2: Release Notes

Uploaded by

Copyright:

Available Formats

Dell SonicWALL™ SonicOS 5.8.4.

• About SonicOS 5.8.4.2

About SonicOS 5.8.4.2

Resolved issue Issue ID

Known issue Issue ID

Known issue Issue ID

Known issue Issue ID

Known issue Issue ID

Known issue Issue ID

Known issue Issue ID

Supported features by model

• NSA E-Class, NSA Series, TZ 210/200/100 Series

Feature/Enhancement NSA E-Class NSA Series TZ 210 TZ 200 TZ 100

Accept Multiple VPN Client

LDAP Primary Group Attribute Supported Supported Supported Supported Supported

Feature / Enhancement TZ 205 Series TZ 105 Series

Accept Multiple VPN Client Proposals Supported Supported

SIP Application Layer Enhancements Supported Supported

Wire and Tap Mode

Wireless Client Bridge Support Supported Supported

NSA 250M Series, NSA 220 Series, TZ 215 Series

Accept Multiple Proposals for Clients Supported Supported Supported

Current Users and Detail of Users Options for

• 1-port T1/E1 Module – Provides the connection of a T1 or E1 (digitally multiplexed telecommunications

WAN Acceleration (WXA) support

NOTE: On Windows machines, Safari is not supported for SonicOS management.

Obtaining the latest SonicOS image version

Creating a system backup and exporting your

Create Backup Settings

Upgrading firmware with current settings

Upgrading firmware with factory default

Using SafeMode to upgrade firmware

To use SafeMode to upgrade firmware on a Dell SonicWALL security appliance:

Importing configuration settings

The SonicOS Standard to Enhanced Settings Converter is available at:

To convert a Standard Network Settings file to an Enhanced one:

Support matrix for importing preferences

You might also like