SMB SSL-VPN: Connecting a SonicWall SSL-VPN appliance on LAN in SonicOS Standard

03/26/2020 9 12851

DESCRIPTION:
SMB SSL-VPN: Connecting a SonicWall SSL-VPN appliance on LAN in SonicOS Standard

RESOLUTION:

Overview / Scenario:

Before continuing to connect the SonicWall SSL-VPN appliance to your network, refer the diagrams on the "SonicWall Recommended Deployment Scenario" in KBID 6122 to determine the proper scenario for your network configuration.

Deployment Steps:

Step 1: Connecting the SonicWall SSL-VPN appliance
Step 2: Connecting to the SonicWall UTM Appliance".
Step 3: Setting Public Server Access in SonicOS Standard".
Step 4: Testing Your SSL-VPN Connection

Procedure:

Step 1: Connecting the SonicWall SSL-VPN appliance

1. Connect one end of an Ethernet cable to an unused port on your LAN hub or switch.
2. Connect the other end of the Ethernet cable to the X0 port on the front of your SonicWall SSL-VPN 2000. The X0 Port LED lights up green indicating an active connection.

Step 2: Connecting to the SonicWall UTM Appliance

1. Using a computer connected to your LAN, launch your Web browser and enter the IP address of your existing SonicWall UTM appliance in the Location or Address field.
2. When the management interface displays, enter your user name and password in the appropriate fields and press the Login button.

Note: Remember that you are logging into your SonicWall UTM appliance, not the SonicWall SSL-VPN appliance. Your user name and password combination may be different from the user name and password you recorded for your SonicWall SSL-VPN appliance.

Step 3: Setting Public Server Access in SonicOS Standard

5. Click the Next button to continue the Wizard.
6. Select HTTPS from the Service drop-down list.
7. Enter 192.168.168.200 (or the IP address to which you have configured your X0 interface on your SonicWall SSL-VPN appliance) in the Private IP field.
8. Select LAN or DMZ in the Destination Interface drop-down list. The destination interface will depend on your deployment configuration.

9. Click the Next button.

10. Click the Apply button to save changes.

 

Tip: If you wish to support automatic redirection of your SSL-VPN users from HTTP to HTTPS, you should repeat the Public Server Rule Wizard process for the HTTP service.

Step 4: Testing Your SSL-VPN Connection

Now you have configured your SonicWall UTM appliance and SonicWall SSLVPN appliance for secure SSL VPN remote access. This section provides instructions to verify your SSL-VPN connection using a remote client on the WAN.

1. From a WAN connection outside of your corporate network, launch a Web browser and enter the following:

https:// <WAN_IP_address_of_gateway_device>

Note: It will be easier for your remote users to access the SonicWall SSL-VPN appliance using an FQDN (fully qualified domain name) rather than an IP address.

For example, browsing to "https://www.sonicwall.com" is simpler than browsing to "http://64.41.140.167". It is therefore recommended, if you have not already done so, that you create a DNS record to allow for FQDN access to your SonicWall SSL-VPN appliance. If you do not manage your own public DNS servers, contact your Internet

Service Provider for assistance.

 

For configurations where your ISP provides dynamic IP addressing rather than a static IP address, refer to the steps in "Configuring Dynamic DNS" on page 51 to set up DDNS for your remote users.

 

2. When prompted, enter the User Name and Password.
3. Select LocalDomain from the drop-down menu and click the Login button. The SonicWall Virtual Office screen appears in your Web browser.
4. Click NetExtender to start the NetExtender client installation.
5. Click the NetExtender   button and complete the client installation. When complete, the following message is displayed:
6. Ping a host on your corporate LAN to verify your SSL-VPN remote connection.

Congratulations! You have successfully set up your SonicWall SSL-VPN appliance.

 

Source: SSL VPN: SonicWall SSL VPN 2000 Getting Started Guide