SonicWALL 4000 manual Scenario B Allowing DMZ LAN Connection in SonicOS Standard

Page 38

If you are allowing HTTP access to the SonicWALL SSL VPN appliance, create a public server access rule for HTTP:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select Public Server Rule. Click Next.

4.In the Step 2: Public Server page, perform the following selections and click Next:

Service

Web (HTTP)

 

 

Server IP Address

The X0 IP address of the SonicWALL SSL VPN appliance

 

within your DMZ range, for example 10.1.1.200.

 

 

Destination Interface

DMZ

 

 

5.In the Congratulations page, click Apply to create the rules and allow access from the WAN to the SonicWALL SSL VPN appliance on the DMZ.

Scenario B: Allowing DMZ -> LAN Connection in SonicOS Standard

When users have connected to the SSL VPN, they need to be able to connect to resources on the LAN. You need to create two rules--one to allow traffic from the SonicWALL SSL VPN appliance’s X0 interface to your LAN, and one to allow traffic from NetExtender to your LAN.

Note: This procedure uses the Access Rule Wizard to create the rules. You can add the rules manually by clicking Add at the bottom of the Firewall > Access Rules page.

Create access to the LAN for the SSL VPN X0 interface:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the SonicWALL Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select General Rule. Click Next.

4.In the Step 2: Access Rule Service page, select Any. Click Next.

5.In the Step 3: Access Rule Action page, configure:

Select Action for this

Allow

Rule

 

 

 

TCP Connection

30 minutes

Inactivity Timeout

 

 

 

Click Next.

SonicWALL SSL VPN 4000 Getting Started Guide

Page 37

Page 37 Page 39
Image 38
Page 37 Page 39
Contents SonicWALL SSL VPN Getting Started Guide SonicWALL Sslvpn 4000 Configuration Steps SonicWALL Sslvpn 4000 Appliance Getting Started GuideWhat You Need to Begin Check Package Contents Any Items Missing?Before You Begin Network Configuration Information Other InformationScenario B Selecting a SonicWALL Recommended  Deployment ScenarioScenario a SSL VPN on a New DMZ Scenario C SSL VPN on the LAN2 Applying Power to the SonicWALL Sslvpn Power LED Test LED Alarm LED Accessing the Management Interface If You Cannot Login to the SSL VPN  Configuring Your SonicWALL Sslvpn Select the Users Local Users Setting Your Administrator PasswordAdding a Local User Select Users Local UsersConfiguring DNS / Wins Setting Time ZoneConfiguring SSL VPN Network Settings Configuring the X0 IP address for Scenario B and Scenario C Select the Network InterfacesPage Select the Network Routes Configuring a Default RouteAdding a NetExtender Client Route Select the NetExtender Client RoutesScenario a Setting your NetExtender Address RangeRoute Destination Network Subnet Mask 192.168.200.100 toSelect the NetExtender Client Settings Scenario CPage  Connecting the SonicWALL Sslvpn Scenario a Connecting the SonicWALL SslvpnScenario B Configuring Your Network Interface Scenario B Connecting the SonicWALL Sslvpn Scenario C Configuring Your Network InterfaceScenario C Connecting the SonicWALL Sslvpn Scenario a SSL VPN on a New DMZ  Configuring Your Gateway DeviceScenario a Connecting to the SonicWALL UTM Appliance Scenario a Allowing WAN DMZ Connection in SonicOS Standard Select the Network SettingsSelect the Firewall Access Rules Public Server page, perform the following selections Scenario a Allowing DMZ LAN Connection in SonicOS Standard Interface Congratulations page, click Apply to create the access rule Create access to the LAN for NetExtender Select the Network Interfaces Add Service Group dialog box should display Server Private Network Configuration page, enter Click Next SSL VPN Click OK to create the object Click Add to create the rule Scenario B Allowing WAN DMZ Connection in SonicOS Standard Scenario B Connecting to the SonicWALL UTM ApplianceScenario B SSL VPN on Existing DMZ Public Server page, perform the following selections Scenario B Allowing DMZ LAN Connection in SonicOS Standard IP Address Begin Congratulations page, click Apply to create the access rule Continue to Step Scenario B Allowing WAN DMZ Connection in SonicOS Enhanced Server Private Network Configuration page, enter SonicWALL SSL VPN 4000 Getting Started Guide Scenario B Allowing DMZ LAN Connection in SonicOS Enhanced Click OK to create the object Click OK to create the rule Scenario C SSL VPN on the LAN Scenario C Connecting to the SonicWALL UTM ApplianceScenario C Configuring SSL VPN LAN Connectivity Scenario C Setting Public Server Access in SonicOS Standard Select Public Server RuleScenario C Setting Public Server Access in SonicOS Enhanced Enter SSL VPN in the Server Name field Testing Your SSL VPN Connection Verifying a User Connection from the InternetContinue to Step Registering with MySonicWALL  Registering Your SonicWALL SslvpnBefore You Register Creating a MySonicWALL Account from System LicensesSonicWALL SSL VPN 4000 Getting Started Guide Congratulations Click ContinueConfiguring Dynamic DNS Page SonicWALL SSL VPN 4000 Getting Started Guide Windows Configuring a Static IP AddressWindows XP Select Specify an IP Address Windows NTOpen Network  Mounting Guidelines Glossary of Networking Terms Page Lithium Battery Warning Cable ConnectionsCopyright Notice TrademarksSonicWALL SSL VPN 4000 Getting Started Guide Page SonicWALL, Inc
Top Page Image Contents