Adding new network Subnet to route the traffic over the SSLVPN tunnel

Description

This article describes about adding a new network subnet or FQDN to the allowed vpn access list for any local user/ LDAP user connecting to the SSLVPN.

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

  1. Navigate to Objects|Addresses|add an address object of type host/network/FQDNs based on the requirement.
    Image
  2. Navigate to Network|SSLVPN |Client Settings|Edit|Client Routes|move the address object created to the vpn access list | Click OK.
    Image
  3. For LDAP user access, navigate to Device|Users|Settings|User authentication method|Select LDAP + Local Users, click on Accept.
    Image
  4. In order to provide VPN Access list on per user basis, navigate to Local Users & Groups|Local users|Add the user locally or import from the LDAP. 
    Image
  5.  In order to provide VPN access list per user group basis, navigate to Local User & Groups|Local group|Import the AD group or add a group locally.
  6.  Under Local Groups|SSLVPN Services|Edit|Members|Make sure that user and the group is part of SSLVPN members.
    Image
  7.  Under SSLVPN Services|VPN Access|Search for the address object created and move it to the VPN access list.
    Image

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

  1. Navigate to Manage|Objects|Address object add add an address object of type host/network/FQDNs based on the requirement
    Image

  2. Navigate to SSLVPN |Client Settings|Edit|Client Routes|move the address object created to the client routes| Click OK
    Image
  3. For LDAP user access, navigate to Users|User authentication method|Select LDAP + Local Users, click on Accept.
    Image
  4. In order to provide VPN Access list on per user basis, navigate to Local Users & Groups|Local users|Add the user locally or import from the LDAP. 
    Image
  5.  In order to provide VPN access list per user group basis, navigate to Local User & Groups|Local group|Import the AD group or add a group locally.
  6.  Under Local Groups|SSLVPN Services|Edit|Members|Make sure that user and the group is part of SSLVPN members.
    Image
  7.  Under SSLVPN Services|VPN Access|Search for the address object created and move it to the VPN access list.
    Image

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
NSa Series
SSLVPN
Firewalls
TZ Series
SSLVPN
not finding your answers?
Ask the Community