Sonicwall SSLVPN Setup Guide

Sonicwall SSLVPN Quick-Start Guide

Alright, exciting! You most likely have a user who travels, but needs to access documents or resources inside the office. This is a quick start guide to get SSLVPN setup on the Sonicwall and users connected in.


Enabling VPN

Login to your Sonicwall > SSL VPN module (left) > Server Settings > Confirm WAN light is green. If not, click WAN to flip it on. Confirm your SSLVPN port, by default it is TCP 4433.

Creating VPN Users

Sonicwall > Users module > Local Groups > Users

Add User > Name/Password field.

Needs to be a member of the groups:

  • Everyone
  • Trusted Users
  • SSLVPN Services

VPN Access

  • Pick your subnet. If it’s a simple network, you can do “Firewalled Subnet”. If you have isolated zones/subnets, actually pick the subnet(s) the user needs. Generally your X0 (LAN) will be called “LAN Primary Subnet”

Connecting to the VPN with NetExtender

Enter the DNS (or worst case, direct IP) of your Sonicwall, and browse to

If you’re pulling a SSL Version Mismatch (Chrome), you need to upgrade your Sonicwall firmware, or use Internet Explorer, which has no concept of security 😉


Previously you had to use GlobalVPN, which is very oldschool and lacked a lot of features built into SSLVPN. Login, download the Windows NetExtender Client.

The quick and dirty installer is NXSetupU.exe. It’s not uncommon for these to be super outdated and have a million bugs, in which case to snag a new version, you need to login to

I highly, highly, recommend getting the newest version of the SSL NetExtender. Sonicwall actually does a decent job of bug fixes with this program.

The Sonicwall Download Center is kind of vague, I wish it would just say “NetExtender Windows”, but it’s the download just labeled “NetExtender”. Anyways, download and run the .MSI,

Sonicwall SSLVPN NetExtender Client

Sonicwall SSLVPN NetExtender Download

When logging in, note that capitalization does matter for a Sonicwall user. It’s effectively because Sonicwalls run a *nix OS, where everything is case-sensitive.

You’ll need to include the port in your Server path, no https://, an example:

Domain is by default, LocalDomain.

Sonicwall SSLVPN NetExtender Client


Hopefully that is a decent quickstart, post a comment if you have questions!

Leave a Reply

Your email address will not be published. Required fields are marked *