SonicWALL 4000 manual Scenario a Allowing DMZ LAN Connection in SonicOS Standard

Page 25

If you are allowing HTTP access to the SonicWALL SSL VPN appliance, create a public server access rule for HTTP:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select Public Server Rule. Click Next.

4.In the Step 2: Public Server page, perform the following selections and click Next:

Service

Web (HTTP)

 

 

Server IP Address

The X0 IP address of the SonicWALL SSL VPN appliance,

 

192.168.200.1 by default

 

 

Destination Interface

DMZ

 

 

5.In the Congratulations page, click Apply to create the rules and allow access from the WAN to the SonicWALL SSL VPN appliance on the DMZ.

Scenario A: Allowing DMZ -> LAN Connection in SonicOS Standard

When users have connected to the SSL VPN, they need to be able to connect to resources on the LAN. You need to create two rules--one to allow traffic from the SonicWALL SSL VPN appliances X0 interface to your LAN, and one to allow traffic from NetExtender to your LAN.

Note: This procedure uses the Access Rule Wizard to create the rules. You can add the rules manually by clicking Add at the bottom of the Firewall > Access Rules page.

Create access to the LAN for the SSL VPN X0 interface:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the SonicWALL Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select General Rule. Click Next.

4.In the Step 2: Access Rule Service page, select Any. Click Next.

5.In the Step 3: Access Rule Action page configure:

Select Action for this

Allow

Rule

 

 

 

TCP Connection

30 minutes

Inactivity Timeout

 

 

 

Click Next.

Page 24

Image 25
Contents SonicWALL SSL VPN Getting Started Guide SonicWALL Sslvpn 4000 Appliance Getting Started Guide SonicWALL Sslvpn 4000 Configuration StepsBefore You Begin Check Package Contents Any Items Missing?What You Need to Begin Other Information Network Configuration InformationScenario a SSL VPN on a New DMZ Selecting a SonicWALL Recommended  Deployment ScenarioScenario B Scenario C SSL VPN on the LANPower LED Test LED Alarm LED 2 Applying Power to the SonicWALL Sslvpn Accessing the Management Interface If You Cannot Login to the SSL VPN  Configuring Your SonicWALL Sslvpn Adding a Local User Setting Your Administrator PasswordSelect the Users Local Users Select Users Local UsersConfiguring SSL VPN Network Settings Setting Time ZoneConfiguring DNS / Wins Select the Network Interfaces Configuring the X0 IP address for Scenario B and Scenario CPage Adding a NetExtender Client Route Configuring a Default RouteSelect the Network Routes Select the NetExtender Client RoutesRoute Destination Network Subnet Mask Setting your NetExtender Address RangeScenario a 192.168.200.100 toScenario C Select the NetExtender Client SettingsPage Scenario a Connecting the SonicWALL Sslvpn  Connecting the SonicWALL SslvpnScenario B Configuring Your Network Interface Scenario C Configuring Your Network Interface Scenario B Connecting the SonicWALL SslvpnScenario C Connecting the SonicWALL Sslvpn Scenario a Connecting to the SonicWALL UTM Appliance  Configuring Your Gateway DeviceScenario a SSL VPN on a New DMZ Select the Firewall Access Rules Select the Network SettingsScenario a Allowing WAN DMZ Connection in SonicOS Standard Public Server page, perform the following selections Scenario a Allowing DMZ LAN Connection in SonicOS Standard Interface Congratulations page, click Apply to create the access rule Create access to the LAN for NetExtender Select the Network Interfaces Add Service Group dialog box should display Server Private Network Configuration page, enter Click Next SSL VPN Click OK to create the object Click Add to create the rule Scenario B SSL VPN on Existing DMZ Scenario B Connecting to the SonicWALL UTM ApplianceScenario B Allowing WAN DMZ Connection in SonicOS Standard Public Server page, perform the following selections Scenario B Allowing DMZ LAN Connection in SonicOS Standard IP Address Begin Congratulations page, click Apply to create the access rule Continue to Step Scenario B Allowing WAN DMZ Connection in SonicOS Enhanced Server Private Network Configuration page, enter SonicWALL SSL VPN 4000 Getting Started Guide Scenario B Allowing DMZ LAN Connection in SonicOS Enhanced Click OK to create the object Click OK to create the rule Scenario C Configuring SSL VPN LAN Connectivity Scenario C Connecting to the SonicWALL UTM ApplianceScenario C SSL VPN on the LAN Select Public Server Rule Scenario C Setting Public Server Access in SonicOS StandardEnter SSL VPN in the Server Name field Scenario C Setting Public Server Access in SonicOS EnhancedVerifying a User Connection from the Internet  Testing Your SSL VPN ConnectionContinue to Step Before You Register  Registering Your SonicWALL SslvpnRegistering with MySonicWALL Creating a MySonicWALL Account from System LicensesSonicWALL SSL VPN 4000 Getting Started Guide Click Continue CongratulationsConfiguring Dynamic DNS Page SonicWALL SSL VPN 4000 Getting Started Guide Windows XP Configuring a Static IP AddressWindows Open Network Windows NTSelect Specify an IP Address  Mounting Guidelines Glossary of Networking Terms Page Cable Connections Lithium Battery WarningTrademarks Copyright NoticeSonicWALL SSL VPN 4000 Getting Started Guide Page SonicWALL, Inc