SonicWALL Secure Remote Access Solutions SSL-VPN 2000 User Manual

Secure Remote Access SolutionsAPPLIANCESSonicWALL SSL-VPN SeriesSSL-VPN 2000Getting Started Guide

SonicWALL SSL-VPN 2000 Getting Started Guide Page 9Setting Time Zone1. Navigate to the System > Time page.2. Select the appropriate

Page 10 4. (Optional) Enter a secondary DNS server in the Secondary DNS Server field.5. (Optional) Enter your DNS Domain in the DNS Domain Field.6.

SonicWALL SSL-VPN 2000 Getting Started Guide Page 113. In the Interface Settings dialog box, set the IP address and netmask to: 4. Clic

Page 12 3. Select X0 in the Interfaces drop down list.4. Click the Accept button.Adding a NetExtender Client RouteNetExtender allows remote clients

SonicWALL SSL-VPN 2000 Getting Started Guide Page 13Setting your NetExtender Address RangeThe NetExtender IP range defines the IP addre

Page 14 To set your NetExtender address range, perform the following steps:1. Navigate to the NetExtender > Client Settings page.2. Enter an addr

SonicWALL SSL-VPN 2000 Getting Started Guide Page 15Connecting the SonicWALL SSL-VPN 2000Before continuing, reference the diagrams on t

Page 16 Scenario B: Configuring Your Network InterfaceConfigure your SonicWALL SSL-VPN 2000 to connect with your SonicWALL UTM appliance under netwo

SonicWALL SSL-VPN 2000 Getting Started Guide Page 17Scenario B: Connecting the SonicWALL SSL-VPN 2000To connect the SonicWALL SSL-VPN 2

Page 18 Scenario C: Configuring Your Network InterfaceConfigure your SonicWALL SSL-VPN 2000 to connect to your SonicWALL UTM appliance under network

SonicWALL SSL-VPN 2000 Getting Started Guide Page 1SonicWALL SSL-VPN 2000 Appliance Getting Started GuideThank you for your purchase of

SonicWALL SSL-VPN 2000 Getting Started Guide Page 19Scenario C: Connecting the SonicWALL SSL-VPN 2000To connect the SonicWALL SSL-VPN 2

Page 20 Configuring Your Gateway DeviceNow that you have set up your SonicWALL SSL-VPN 2000, you need to configure your gateway device to work with

SonicWALL SSL-VPN 2000 Getting Started Guide Page 21Scenario A: Configuring a DMZ or OPT Port in SonicOS Standard1. Navigate to the Net

Page 22 4. In the Step 1: Access Rule Type page, select Public Server Rule and then click Next.5. In the Step 2: Public Server page, perform the fol

SonicWALL SSL-VPN 2000 Getting Started Guide Page 23If you are allowing HTTP access to the SonicWALL SSL-VPN appliance, create a public

Page 24 7. In the Step 4: Access Rule Source Interface and Address page, perform the following selections and then click Next: Interface DMZIP Addre

SonicWALL SSL-VPN 2000 Getting Started Guide Page 258. In the Step 5: Access Rule Destination Interface and Address page, perform the f

Page 26 Create access to the LAN for NetExtender:1. In the Firewall > Access Rules page, click . 2. In the Welcome to the SonicWALL Network Acce

SonicWALL SSL-VPN 2000 Getting Started Guide Page 27Scenario A: Adding a New SSL-VPN Custom Zone in SonicOS Enhanced1. Navigate to the

Page 28 Scenario A: Allowing WAN -> SSL-VPN Connection in SonicOS EnhancedFollow this procedure if you are connecting your SonicWALL SSL-VPN 2000

Page 2 Before You BeginCheck Package Contents • One SonicWALL SSL-VPN 2000 appliance• One SonicWALL SSL-VPN 2000 Getting Started Guide• One SonicWAL

SonicWALL SSL-VPN 2000 Getting Started Guide Page 294. In the Add Service Group dialog box, create a service group for HTTP and HTTPS:

Page 30 7. In the Server Public Information page, either accept the default IP address or enter an IP address in your allowed public IP range.Note:

SonicWALL SSL-VPN 2000 Getting Started Guide Page 31Scenario A: Allowing SSL-VPN -> LAN Connection in SonicOS EnhancedWhen users hav

Page 32 5. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Click OK to create

SonicWALL SSL-VPN 2000 Getting Started Guide Page 339. On the Firewall > Access Rules page in the matrix view, click the SSLVPN >

Page 34 11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Click OK to create the rule.Con

SonicWALL SSL-VPN 2000 Getting Started Guide Page 35Scenario B: SSL-VPN on Existing DMZThis section provides procedures to configure yo

Page 36 4. In the Step 1: Access Rule Type page, select Public Server Rule and then click Next.5. In the Step 2: Public Server page, perform the fol

SonicWALL SSL-VPN 2000 Getting Started Guide Page 37If you are allowing HTTP access to the SonicWALL SSL-VPN appliance, create a public

Page 38 6. In the Step 4: Access Rule Source Interface and Address page, perform the following selections and then click Next: Interface DMZIP Addre

SonicWALL SSL-VPN 2000 Getting Started Guide Page 3Selecting a SonicWALL Recommended Deployment ScenarioThe deployment scenarios descri

SonicWALL SSL-VPN 2000 Getting Started Guide Page 397. In the Step 5: Access Rule Destination Interface and Address page, perform the f

Page 40 Create access to the LAN for NetExtender:1. In the Firewall > Access Rules page, click . 2. In the Welcome to the SonicWALL Network Acce

SonicWALL SSL-VPN 2000 Getting Started Guide Page 41Scenario B: Allowing WAN -> DMZ Connection in SonicOS Enhanced Follow this proce

Page 42 4. In the Add Service Group dialog box, create a service group for HTTP and HTTPS: • Enter a name for the service.• Select both HTTP and HTT

SonicWALL SSL-VPN 2000 Getting Started Guide Page 437. In the Server Public Information page, either accept the default IP address or e

Page 44 3. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Click OK to create

SonicWALL SSL-VPN 2000 Getting Started Guide Page 457. In the Add Address Object Group dialog box, create a group for the X0 interface

Page 46 11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Click OK to create the rule.Con

SonicWALL SSL-VPN 2000 Getting Started Guide Page 47Scenario C: SSL-VPN on the LANThis section provides procedures to configure your ga

Page 48 3. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Click OK to create

Page 4 Applying Power to the SonicWALL SSL-VPN 20001. Plug the power cord into the SonicWALL SSL-VPN 2000 and into an appropriate power outlet. 2. T

SonicWALL SSL-VPN 2000 Getting Started Guide Page 497. In the Add Address Object Group dialog box, create a group for the X0 interface

Page 50 11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Click OK to create the rule.Act

SonicWALL SSL-VPN 2000 Getting Started Guide Page 51Scenario C: Setting Public Server Access in SonicOS Standard 1. Select Wizards in t

Page 52 Scenario C: Setting Public Server Access in SonicOS Enhanced 1. Click the Wizards icon in the top right corner of the SonicOS Enhanced manag

SonicWALL SSL-VPN 2000 Getting Started Guide Page 538. Enter a comment, such as “WAN to SSL-VPN” to describe your connection.9. Click t

Page 54 Testing Your SSL-VPN ConnectionNow you have configured your SonicWALL UTM appliance and SonicWALL SSL-VPN 2000 for secure SSL VPN remote acc

SonicWALL SSL-VPN 2000 Getting Started Guide Page 555. Click the NetExtender button and complete the client installation. When comple

Page 56 Registering Your SonicWALL SSL-VPN 2000Before You RegisterVerify that the time, DNS, and default route settings on your SonicWALL SSL-VPN ar

SonicWALL SSL-VPN 2000 Getting Started Guide Page 573. On the System > Licenses page, click Activate, Upgrade, or Renew services. Th

Page 58 6. Under Product Survey, fill in the requested information and then click Submit. The display changes to inform you that your SonicWALL SSL-

SonicWALL SSL-VPN 2000 Getting Started Guide Page 5Accessing the Management InterfaceTo access the Web-based management interface of th

SonicWALL SSL-VPN 2000 Getting Started Guide Page 59Configuring Dynamic DNSTo begin using Dynamic DNS, you must first set up an account

Page 60 To configure Dynamic DNS on the SonicWALL UTM appliance, perform these steps:1. On the Network > Dynamic DNS page, click the Add button.

SonicWALL SSL-VPN 2000 Getting Started Guide Page 617. Enter the fully qualified domain name (FQDN) of the hostname you registered with

Page 62 Configuring a Static IP AddressIf you did not enable the SonicWALL UTM appliance DHCP server, you must configure each computer with a static

SonicWALL SSL-VPN 2000 Getting Started Guide Page 63Windows 20001. From your Windows Start menu, select Settings. 2. Open Network and D

Page 64 Mounting GuidelinesThe SonicWALL SSL-VPN 2000 is designed to be mounted in a standard 19-inch rack mount cabinet. The following conditions a

SonicWALL SSL-VPN 2000 Getting Started Guide Page 65Glossary of Networking TermsActiveX - A technology that allows the sharing of appli

Page 66 SSL VPN - Secure Socket Layer Virtual Private Networking. A secured private communications network usually used within a company, or by seve

SonicWALL SSL-VPN 2000 Getting Started Guide Page 67SonicWALL Global Support ServicesOn your appliance, on the Web, and on the phone, w

Page 68 Customer Support SonicWALL offers Web-based and telephone support to customers who have a valid Warranty or who purchased a Support Contract

Page 6 5. The SonicWALL SSL-VPN management interface displays and prompts you to enter your user name and password. Enter “admin” in the User Name f

SonicWALL SSL-VPN 2000 Getting Started Guide Page 69Extend Your Support Coverage. SonicWALL Dynamic Support Services extend the support

Page 70 Knowledge PortalThe Knowledge Portal allows users to search for SonicWALL documents based on the following types of search tools:•Browse• Se

SonicWALL SSL-VPN 2000 Getting Started Guide Page 71User ForumsThe SonicWALL User Forums is a resource that provides users the ability

Page 72 TrainingSonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Med

SonicWALL SSL-VPN 2000 Getting Started Guide Page 73Related DocumentationSee the following related documents for more information:• Son

Page 74 SonicWALL Live Product DemosThe SonicWALL Live Demo Site provides free test drives of SonicWALL security products and services through inter

SonicWALL SSL-VPN 2000 Getting Started Guide Page 75SonicWALL Secure Wireless Network Integrated Solutions GuideThe Official Guide to S

Page 76 SonicWALL Global Technical Assistance Center Contact InformationTable 2: Global Technical Assistance Contact ListCountry Toll Free Phone Num

SonicWALL SSL-VPN 2000 Getting Started Guide Page 77Calling from Asia Pacific (Support available in English except for Japan where supp

Page 78 FCC Part 15 Class A Notice SonicWALL SSL-VPN 2000 Regulatory Statement and Safety InstructionsThis regulatory information can also be found i

SonicWALL SSL-VPN 2000 Getting Started Guide Page 7Configuring Your SonicWALL SSL-VPN 2000Once your SonicWALL SSL-VPN 2000 is connected

SonicWALL SSL-VPN 2000 Getting Started Guide Page 79VCCI StatementCanadian Radio Frequency Emissions StatementThis Class A digital appa

Page 80 Declaration of Conformity Regulatory Information for Korea All products with country code “” (blank) and “A” are made in the USA.All prod

SonicWALL SSL-VPN 2000 Getting Started Guide Page 81Copyright Notice© 2008 SonicWALL, Inc.All rights reserved.Under the copyright laws,

Page 82 Declaration of Conformity Notes

SonicWALL SSL-VPN 2000 Getting Started Guide Page 83Notes

Page 84 Declaration of Conformity Notes

©2008 SonicWAL L, Inc. is a registered t r ademark of SonicWALL, Inc. Other product names menti oned herein may be tr ademark s and/or registered trad

Page 8 3. Enter a password for the “admin” account in the Password field. Re-enter the password in the Confirm Password field.4. Click the OK button