Creating UTM SSL-VPN Bookmarks using FQDN or NetBIOS names

03/26/2020 1111 12578

DESCRIPTION:

This article describes the process of creating a bookmark using FQDN or NetBIOS name  instead of IP address and the prerequisites for doing so. Although bookmarks can be created for both User Groups and inidividual users, this article uses individual users. Please refer How to create Bookmarks for specific users for the UTM-SSLVPN service  for more information on creating bookmarks.

RESOLUTION:

In this example we have a Terminal Server on the LAN zone of the SonicWall which needs to be accessed by SSL VPN users from the WAN. We’ll be using the following IP addresses and Domain Names as examples. You can use your own in place of the examples shown here:

• Terminal Server IP: 192.168.168.2
• Terminal Server FQDN: terminalserver.hal.local
• DNS Server IP: 192.168.168.1
• DNS Server FQDN: server.hal.local

1. Login the SonicWall Management GUI.
2. Navigate to the Network | DNS page.
3. Select the radio button Specify DNS Servers Manually
4. Under DNS Server 1, enter your internal DNS server IP address. In this example 192.168.168.1
5. Under DNS Server 2 you may enter your ISP's DNS server address.
6. Click on Apply to save changes.

1. Navigate to the Users | Local Users page.
2. Click on Add User.
3. Enter username and password of the new user.
4. Click on the Groups tab and add SSL VPN Users to the Member of section.
5. Click on the Bookmark tab.
6. Click on the Add Bookmark button. Please note that in order for the Add Bookmark button to be clickable, the user must be added to the SSL VPN Users group as above.
7. In the Add Bookmark window, enter a Bookmark Name. In this example Terminal Server.
8. Under Name or IP Address, enter either the FDQN or NetBIOS name of the Terminal Server. In this example: terminalserver.hal.local.
9. Under Service select either Terminal Service (RPD5 - ActiveX) if using IE or Terminal Service (RPD5 - Java) for Firefox and other browsers.
10. Click on OK to save the changes.

How to Test:

To test it, have a user from the WAN (or LAN if SSL VPN is enabled on the LAN zone) access the SSL-VPN page. On successfully authenticating with the above username, the SSL VPN Virtual Office page will presented with the above bookmark. Click on the bookmark and the RDP login window of the Terminal Server will be presnted before the user. Remember, as we have created the bookmark under this user, no other user will be shown the bookmark. If the bookmark is added under a user group, all members of the user group will be presented with the bookmark.

Troubleshooting:

1. Error: Hostname can't be resolved! Please reconfigure it by editing the bookmark! - This error occurs when SonicWall is unabl to resolve the FQDN. Check whether the DNS server is resolving the name by pinging the name from within SonicWall | System | Diagnostics. If unable to ping, then check whether the DNS server is enter under Network | DNS.
2. If able to resolve the name but unable to connect to the server: check whether the Terminal Server is configured to accept remote connections.
3. If unable to see the bookmark: Check whether the user has the bookmark added or the group the user belongs to has the bookmark added.