Use a end user certificate for DPI-SSL

Description

How to restrict access using PKCS #12 certificate. 

Resolution

After uploading this certificate you need to reboot the firewall and can be used for some features on the firewall .

NOTE: After uploading this certificate you will need to reboot the firewall to be able to use it.


Netextender and Global VPN

  •  When you have this certificate on the local machine you are able to connect to the SonicWall.
  • A machine that is trying to connect on the netextender without the end user certificate the connection will be dropped will be the same on the GVC.
  • With the certificate installed on the local machine, you will be able to connect to the firewall.
  • If a machine is trying to connect without the certificate via Netextender the connection will be dropped. The same will happen with the connections via GVC.ImageImage

DPI-SSL

  • The SonicWall is having build in a DPI-SSL you can use this certificate check the end user machine. For example if you want to make a RDP from a VPN tunnel and the DPI-SSL is activated with the end user certificate and the local machine doesn’t have the end user certificate the firewall will drop the RDP connection .
  • SonicWall firewalls have a built in DPI-SSL. You can use the certificate in order to check the end user machine. For example, if you want to use RDP to connect from a VPN tunnel and DPI-SSL is enabled and using the end user certificate and the local machine does not have it, then the firewall will drop the RDP connection.Image


Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
TZ Series
not finding your answers?
Ask the Community