SonicWALL 4000 manual

If you are allowing HTTP access to the SonicWALL SSL VPN appliance, create a public server access rule for HTTP:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select Public Server Rule. Click Next.

4.In the Step 2: Public Server page, perform the following selections and click Next:

Service	Web (HTTP)

Server IP Address	The X0 IP address of the SonicWALL SSL VPN appliance,
	192.168.200.1 by default

Destination Interface	DMZ

5.In the Congratulations page, click Apply to create the rules and allow access from the WAN to the SonicWALL SSL VPN appliance on the DMZ.

Scenario A: Allowing DMZ -> LAN Connection in SonicOS Standard

When users have connected to the SSL VPN, they need to be able to connect to resources on the LAN. You need to create two rules--one to allow traffic from the SonicWALL SSL VPN appliances X0 interface to your LAN, and one to allow traffic from NetExtender to your LAN.

Note: This procedure uses the Access Rule Wizard to create the rules. You can add the rules manually by clicking Add at the bottom of the Firewall > Access Rules page.

Create access to the LAN for the SSL VPN X0 interface:

1.In the Firewall > Access Rules page, click .

2.In the Welcome to the SonicWALL Network Access Rules Wizard page, click Next.

3.In the Step 1: Access Rule Type page, select General Rule. Click Next.

4.In the Step 2: Access Rule Service page, select Any. Click Next.

5.In the Step 3: Access Rule Action page configure:

Select Action for this	Allow
Rule

TCP Connection	30 minutes
Inactivity Timeout

Click Next.

Page 24

Image 25

SonicWALL 4000 manual Scenario a Allowing DMZ LAN Connection in SonicOS Standard

Contents

SonicWALL SSL VPN Getting Started Guide SonicWALL Sslvpn 4000 Appliance Getting Started Guide SonicWALL Sslvpn 4000 Configuration Steps Before You Begin Check Package Contents Any Items Missing?What You Need to Begin Other Information Network Configuration Information Scenario a SSL VPN on a New DMZ Selecting a SonicWALL Recommended Deployment ScenarioScenario B Scenario C SSL VPN on the LAN Power LED Test LED Alarm LED 2 Applying Power to the SonicWALL Sslvpn Accessing the Management Interface If You Cannot Login to the SSL VPN Configuring Your SonicWALL Sslvpn Adding a Local User Setting Your Administrator PasswordSelect the Users Local Users Select Users Local Users Configuring SSL VPN Network Settings Setting Time ZoneConfiguring DNS / Wins Select the Network Interfaces Configuring the X0 IP address for Scenario B and Scenario CPage Adding a NetExtender Client Route Configuring a Default RouteSelect the Network Routes Select the NetExtender Client Routes Route Destination Network Subnet Mask Setting your NetExtender Address RangeScenario a 192.168.200.100 to Scenario C Select the NetExtender Client SettingsPage Scenario a Connecting the SonicWALL Sslvpn Connecting the SonicWALL Sslvpn Scenario B Configuring Your Network Interface Scenario C Configuring Your Network Interface Scenario B Connecting the SonicWALL Sslvpn Scenario C Connecting the SonicWALL Sslvpn Scenario a Connecting to the SonicWALL UTM Appliance Configuring Your Gateway DeviceScenario a SSL VPN on a New DMZ Select the Firewall Access Rules Select the Network SettingsScenario a Allowing WAN DMZ Connection in SonicOS Standard Public Server page, perform the following selections Scenario a Allowing DMZ LAN Connection in SonicOS Standard Interface Congratulations page, click Apply to create the access rule Create access to the LAN for NetExtender Select the Network Interfaces Add Service Group dialog box should display Server Private Network Configuration page, enter Click Next SSL VPN Click OK to create the object Click Add to create the rule Scenario B SSL VPN on Existing DMZ Scenario B Connecting to the SonicWALL UTM ApplianceScenario B Allowing WAN DMZ Connection in SonicOS Standard Public Server page, perform the following selections Scenario B Allowing DMZ LAN Connection in SonicOS Standard IP Address Begin Congratulations page, click Apply to create the access rule Continue to Step Scenario B Allowing WAN DMZ Connection in SonicOS Enhanced Server Private Network Configuration page, enter SonicWALL SSL VPN 4000 Getting Started Guide Scenario B Allowing DMZ LAN Connection in SonicOS Enhanced Click OK to create the object Click OK to create the rule Scenario C Configuring SSL VPN LAN Connectivity Scenario C Connecting to the SonicWALL UTM ApplianceScenario C SSL VPN on the LAN Select Public Server Rule Scenario C Setting Public Server Access in SonicOS Standard Enter SSL VPN in the Server Name field Scenario C Setting Public Server Access in SonicOS Enhanced Verifying a User Connection from the Internet Testing Your SSL VPN Connection Continue to Step Before You Register Registering Your SonicWALL SslvpnRegistering with MySonicWALL Creating a MySonicWALL Account from System Licenses SonicWALL SSL VPN 4000 Getting Started Guide Click Continue Congratulations Configuring Dynamic DNS Page SonicWALL SSL VPN 4000 Getting Started Guide Windows XP Configuring a Static IP AddressWindows Open Network Windows NTSelect Specify an IP Address Mounting Guidelines Glossary of Networking Terms Page Cable Connections Lithium Battery Warning Trademarks Copyright Notice SonicWALL SSL VPN 4000 Getting Started Guide Page SonicWALL, Inc