Sonicwall SSLVPN Quick-Start Guide
Alright, exciting! You most likely have a user who travels, but needs to access documents or resources inside the office. This is a quick start guide to get SSLVPN setup on the Sonicwall and users connected in.
Login to your Sonicwall > SSL VPN module (left) > Server Settings > Confirm WAN light is green. If not, click WAN to flip it on. Confirm your SSLVPN port, by default it is TCP 4433.
Creating VPN Users
Sonicwall > Users module > Local Groups > Users
Add User > Name/Password field.
Needs to be a member of the groups:
- Trusted Users
- SSLVPN Services
- Pick your subnet. If it’s a simple network, you can do “Firewalled Subnet”. If you have isolated zones/subnets, actually pick the subnet(s) the user needs. Generally your X0 (LAN) will be called “LAN Primary Subnet”
Connecting to the VPN with NetExtender
Enter the DNS (or worst case, direct IP) of your Sonicwall, and browse to https://domain.name.com:4433
If you’re pulling a SSL Version Mismatch (Chrome), you need to upgrade your Sonicwall firmware, or use Internet Explorer, which has no concept of security 😉
Previously you had to use GlobalVPN, which is very oldschool and lacked a lot of features built into SSLVPN. Login, download the Windows NetExtender Client.
The quick and dirty installer is NXSetupU.exe. It’s not uncommon for these to be super outdated and have a million bugs, in which case to snag a new version, you need to login to https://mysonicwall.com
I highly, highly, recommend getting the newest version of the SSL NetExtender. Sonicwall actually does a decent job of bug fixes with this program.
The Sonicwall Download Center is kind of vague, I wish it would just say “NetExtender Windows”, but it’s the download just labeled “NetExtender”. Anyways, download and run the .MSI,
When logging in, note that capitalization does matter for a Sonicwall user. It’s effectively because Sonicwalls run a *nix OS, where everything is case-sensitive.
You’ll need to include the port in your Server path, no https://, an example: vpn.domain.com:4433
Domain is by default, LocalDomain.
Hopefully that is a decent quickstart, post a comment if you have questions!