Sonicwall SSL-VPN is the preferred VPN connection method to access office resources through a secure VPN tunnel. Sonicwall's Global VPN Client (GVC) is deprecated and will be phased out in due course. SSL VPN NetExtender client has the following advantages over the older, buggy and resource clunky GVC:
Now that I have convinced you of the benefits of netExtender, let's install it! First, log in to your Sonicwall Device. Click on Network and select WAN (by default X1) configure.
Make sure the user login has HTTPS enabled. Next, navigate to SSL VPN > server settings.
Click on WAN interface link to change the red dot to green. This enables the SSL VPN feature.
SSL VPN Server Settings
In the SSL Server VPN settings, you may want to change the default port to 443 if the VPN users travel frequently and find themselves behind highly restrictive firewalls that block outbound access by port. Port 443 is usually not blocked by even the most restrictive firewalls.
If you decide to do this, keep in mind that you will need to change the Sonicwall management port to something other than the default port 443. Do this under the system > administration menu. You will also need to double check that port 443 is not being used for other services such as an Exchange/OWA HTTPS connection. For this reason, we will use the default port 4433 for this example.
In SSL VPN > Portal Settings you can customize the message that appears to VPN users. Just edit the HTML text to create custom messages or to link custom logos.
Under Client Settings, follow these instructions:
Interface: Select your LAN Interface, by default X0
NetExtender IP: SSL VPN will not use the DHCP address pool from either the firewall or from a server on your network . For this reason, you must specify a range of usable IP addresses for the VPN client. Make sure the address pool is outside the scope of your DHCP server's pool.
DNS Server: Configure your internal DNS server IP address
Domain: Configure the internal domain
WINS: If you use WINS, enter the IP address of your WINS server.
Default Session Timeout: I like to increase it from the default to avoid constant disconnects.
Enable Web/SSH Management over VPN: Enabled if you want VPN access to manage the Sonicwall device.
Exit Client after Disconnect: Enabled will shut down the NetExtender client program.
Uninstall Client after Exit: If enabled will uninstall client software after disconnect (not recommended in most cases).
Lastly, in the Client Routes, click on Add Client Routes and select LAN Subnet to allow the VPN client access to the LAN subnet.
Now that you have completed the SSL VPN setup, the two remaining things to do are:
Once you have finished, log in using using HTTPS and either the IP address and port or URL and port to access the Virtual Office VPN connect site.
Falcon IT Services provides computer and network services and support to small and medium sized businesses in Miami, Fl.