Setup UTM SSL-VPN from the SonicWall Command-Line Interface (CLI)
This article describes how to setup SSL-VPN from the SonicWall UTM CLI.
Note: There is no option to configure user settings in the CLI. SSL-VPN Users have to be created and VPN Access List set in the GUI.
Login to the SonicWall CLI using either SSH or Serial connection. For more information on how to login to the CLI, please refer this KB
Enter the administrator username and password. You will be presented with the root prompt of the CLI. Enter the following commands to setup SSL-VPN. All commands should be in lowercase. SSL-VPN in the CLI has three Modules -
Configuring Client settings
The following commands are available in the sslvpn client prompt:
>config <enter> >sslvpn client <enter> >address <IP address range begin> <IP address range end> <Interface> <enter> (Example: address 192.168.168.100 192.168.168.200 X0) >sslvpn-access <zone> <enter> (Example: sslvpn-access WAN) >dns1 <IP address of DNS server> <enter> >dns2 <IP address of DNS server> <enter> >user-domain LocalDomain <enter> >dns-domain <name of Domain Controller> <enter> >auto-update <enter> >cache-username-password username-only OR password-username OR prohibitclient-communicate <enter> OR no client-communicate <enter> >create-connection-profile <enter> OR no create-connection-profile <enter> >exit-after-disconnect <enter> OR no exit-after-disconnect <enter> >uninstall-after-exit OR no uninstall-after-exit <enter> >wins1 <IP address of WINS server> <enter> >wins2 <IP address of WINS server> <enter>
Configuring Client Route settings
The following commands are available in the sslvpn routes prompt:
>client routes <enter> >add-routes<name of an Address Object or Address Group> (Example: LAN Subnets) <enter> >tunnel-all <enter> (If Tunnel All mode is required) >exit
Configuring Portal settings
The following commands are available in the sslvpn portal prompt, which can be enabled by invoking the following commands.