quarrel.netlify.app

For SSL VPN, SonicWall NetExtender provides thin client connectivity and clientless Web-based remote access for Windows, Windows Mobile, Mac and Linux-based systems. For IPSec VPN, SonicWall Global VPN Client enables the client system to download the VPN client for a more traditional client-based VPN. SonicWall Mobile Connect™ provides users full network-level access to corporate and academic resources over encrypted SSL VPN connections. The client provides anytime, anywhere access to critical applications such as email, virtual desktop sessions and other macOS applications.

Global Vpn Client (32-Bit) Content Filtering Client. SMA 500v Hyper-V Virtual Appliance; SONICWALL SWITCH SWS12-10FPOE; SONICWALL SWITCH SWS12-8; SONICWALL SWITCH SWS12-8POE; SONICWALL SWITCH SWS14-24. GMS UMA EM5000 – Appliance Firmware; SMA 8200v Virtual Appliance Free Download; SRA SMB Virtual Appliance Upgrade; WXA 500 Live CD; WXA. SonicWall has the functionality to allow remote users to connect to the network behind the SonicWall using L2TP inbuilt client on MAC OS X using IPSEC VPN protocol. This article focuses on configuration of L2TP VPN on MAC OS X clients to connect to SonicWall UTM appliances. RESOLUTION: Configure WAN group VPN on the SonicWall appliance. Sonicwall vpn client free download - Cisco VPN Client, VPN Client, Apani VPN Client for Nortel, and many more programs.

Overview:

Businesses large and small need to address the growing demands of more distributed work sites and an increasingly mobile workforce in order to compete in today’s global marketplace. Remote access has become a business imperative.

SonicWall VPN Clients offer a flexible easy-to-use, easy-to-manage Virtual Private Network (VPN) solution that provides distributed and mobile users with secure, reliable remote access to corporate assets via broadband, wireless and dial-up connections. For remote client-to-host secure access, SonicWall offers both SSL VPN and IPSec VPN connectivity options. For SSL VPN, SonicWall NetExtender provides thin client connectivity and clientless Web-based remote access for Windows, Windows Mobile, Mac and Linux-based systems. For IPSec VPN, SonicWall Global VPN Client enables the client system to download the VPN client for a more traditional client-based VPN experience.

• Enhanced layered security
• Easy VPN management
• Ease-to-follow wizards
• Extended user reach and productivity
• VPN session reliability
• Clientless connectivity
• NetExtender technology
• Mobile device support

Simple, policy-enforced secure access to mission-critical applications and data

Give your employees safe, easy access to the data and resources they need to be productive from a range of devices, including iOS, OS X, Android, Chrome OS, Kindle Fire and Windows. At the same time, ensure that your corporate network is protected from unauthorized access and mobile security threats.

Mobile Connect

• Provide fast, secure mobile access through an intuitive, easy-to-use app
• Provision and manage mobile device access via SonicWall appliances
• Deliver biometric authentication, per-app VPN and endpoint control enforcement

Netextender

• Enforce granular access policies and extend network access through native clients
• Enhance firewall encryption and security by redirecting all client traffic through VPN
• Reduce administrative overhead by simplifying remote access management

Connect Tunnel

• Provide strong security for mobile employees who need full access
• Deliver “in-office” experience from any location
• Get centralized control of all users, groups, resources and devices

Global VPN Client

• Offer an easy-to-use solution for secure, encrypted access
• Establish IPSec Layer-3 connection between your endpoint and corporate network
• Maintain the confidentiality of corporate data

Features and Benefits:

Enhanced layered security is enabled when a SonicWall Network Security Appliance uses powerful deep packet inspection technology to scan VPN traffic for malicious threats such as viruses, worms, Trojans and spyware. The combined solution is known as SonicWall Clean VPN*.

Easy VPN management SonicWall’s award-winning Global Management System (GMS) provides simplified management of SonicWall VPN Client connections.

SSL VPN for Network Security:

• NetExtender - Clientless connectivity removes the need for a pre-installed or “fat” VPN client, thus freeing administrators from the tedious and costly task of installing and updating a client on users’ Windows, Mac or Linux-based systems.
• NetExtender technology provides enhanced capabilities such as network level access to additional resources, services and applications on the corporate network.
• Mobile device support to access an entire intranet as well as Web-based applications provides greater flexibility for a remote workforce.

Global VPN Client:

• Easy-to-follow wizards help users install and configure a VPN connection quickly and easily. IPSec VPN users simply enter the domain name or IP address of the SonicWall VPN gateway and the Global VPN Client configuration policy is automatically downloaded.
• Extended user reach and productivity by connecting from any single or dualprocessor computer running one of a broad range of Microsoft® Windows® platforms. Further extending secure remote access, the Global VPN Client enables encapsulated VPN traffic to traverse any IP network using Network Address Translation (NAT).
• VPN session reliability provides simultaneous Global VPN Client connections that can be established to multiple SonicWall VPN gateways. The Global VPN Client supports redundant SonicWall VPN gateways to ensure mission-critical network access in the event the primary gateway fails.

*Clean VPN requires an active Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention subscription for the governing SonicWall network security appliance.

Mobile Connect:

Simple, policy-enforced secure access to mission-critical applications and data for iOS, OS X, Android, Chrome OS, Kindle Fire and Windows mobile devices.

Give your employees safe, easy access to the data and resources they need to be productive from a range of devices, including iOS, OS X, Android™, Chrome OS, Kindle Fire and Windows. At the same time, ensure that the corporate network is protected from mobile security threats.

The SonicWall™ Mobile Connect™ application works in combination with SonicWall Secure Mobile Access (SMA) or next-generation firewall appliances. Mobile workers simply install and launch the Mobile Connect application on their iOS, OS X, Android, Chrome OS or Windows mobile device to establish a secure connection to an SMA or next-generation firewall appliance. The encrypted SSL VPN connection will protect traffic from being intercepted and keep in-flight data secure. Contextaware authentication ensures only authorized users and trusted devices are granted access.

Behind the scenes, IT can easily provision and manage access policies via SonicWall appliances through a single management interface, including restricting VPN access to a set of trusted mobile apps allowed by the administrator. Plus, the SonicWall solution integrates easily with most back-end authentication systems, including two-factor authentication, so you can efficiently extend your preferred authentication practices to your mobile workers.

Features and Benefits

Ease of use
iOS, OS X, Windows 10, Android, Chrome OS and Kindle users can easily download and install the Mobile Connect app via the App Store™, Google Play, Chrome Web Store, Amazon App Store, or Windows Store. For Windows 8.1 mobile device users, Mobile Connect is embedded in the Windows 8.1 operating system so there is no need to download and install another VPN client app.

Centralized policy management
IT can provision and manage mobile device access via SonicWall appliances — including control of all web resources, file shares and client-server resources — through a single management interface. Unlike other VPN solutions, the SonicWall solution allows you to quickly set rolebased policy for mobile and laptop devices and users with a single rule across all objects; as a result, policy management can take only minutes instead of hours.

Verification of both user and device
A Mobile Connect user is granted access to the corporate network only after the user has been authenticated and mobile device integrity has been verified. End Point Control can determine whether an iOS device has been jailbroken or an Android device has been rooted, as well as whether a certificate is present or the OS version is current, and then reject or quarantine the connection as appropriate.

Easy access to appropriate resources
iOS, Android, Chrome OS, Kindle and Windows mobile devices can connect to all allowed network resources, including web-based, client/server, server-based, host-based and back-connect applications. Once a user and device are verified, Mobile Connect offers pre-configured bookmarks for one-click access to corporate applications and resources for which the user and device has privileges.

Malware protection
When deployed with a SonicWall nextgeneration firewall, Mobile Connect establishes a Clean VPN™, an extra layer of protection that decrypts and scans all SSL VPN traffic for malware before it enters the network.

Mobile device registration and authorization policy management
With Mobile Connect and Secure Mobile Access OS (versions 11.0 and above) for Secure Mobile Access 1000 Series appliances, prior to granting network access, if a mobile device has not previously registered with the SMA appliance, the user is presented with a device authorization policy for acceptance. The user must accept the terms of the policy to register the device and gain access to allowed corporate resources and data. The terms of the policy are customizable by the administrator.

Per-application VPN
Mobile Connect in combination with Secure Mobile Access OS (versions 11.0 and above) for Secure Mobile Access 1000 Series appliances, enables administrators to establish and enforce policies to designate which apps on a mobile device can be granted VPN access to the network. This ensures that only authorized mobile business apps utilize VPN access. Mobile Connect is the only solution that requires no modification of mobile apps for per app VPN access. Any mobile app or secure container can be supported with no modifications, app wrapping or SDK development.

One-click Secure Intranet File Browse and On-Device Data Protection
Protect company data at rest on mobile devices. Authenticated users can securely browse and view allowed intranet file shares and files from within the Mobile Connect app. Administrators can establish and enforce mobile application management policy for the Mobile Connect app to control whether files viewed can be opened in other apps, copied to the clipboard, printed or cached securely within the Mobile Connect app. For iOS devices, this allows administrators to isolate business data from personal data stored on the device and reduces the risk of data loss. In addition, if the user’s credentials are revoked, content stored in the Mobile Connect app is locked and can no longer be accessed or viewed.

Auto-launch VPN
URL control allows apps that require a VPN connection for business (including Safari) to create a VPN profile and automatically initiate or disconnect Mobile Connect on launch (requires compatible server firmware). In addition, for iOS or OS X devices, to simplify use when a secure connection is required, VPN on Demand automatically initiates a secure SSL VPN session when a user requests internal data, applications, websites or hosts.

Integration with existing authentication solutions
The SonicWall solution supports easy integration with most back-end authentication systems, such as LDAP, Active Directory and Radius, so you can efficiently extend your preferred authentication practices to your mobile workers. For increased security, you can enable one-time password generation and easily integrate with two-factor authentication technologies.

Application intelligence and control
When deployed with a next-generation firewall, IT can easily define and enforce how application and bandwidth assets are used.

Specifications Compatibility

SonicWall SMA and NextGeneration Firewall

• TZ, NSA, E-Class NSA or Super Massive 9000 Series appliances running SonicOS 5.9, 6.2 or higher
• SMA 100 Series/SRA appliances running 7.5 or higher
• SMA 1000 Series/E-Class SRA appliances running 10.7 or higher

SonicWall Mobile Connect

• Devices running iOS version 7.0 or higher
• Devices running OS X 10.9 or higher
• Devices running Android 4.1 or higher
• Kindle Fire devices based on Android 4.1 or higher
• Devices running ChromeOS 45 or higher
• Devices running Windows 8.1
• Devices running Windows Phone 8.1
• Devices running Windows 10

Netextender:

Deliver seamless, secure network layer access from anywhere.

Abstract

While pre-configured or “fat” client is preferential for most network users, many IT organizations are making the switch to a thin client or SSL VPN model in order to reduce costs and better protect their network from security risks. Unlike a fat clients or IPSec VPN, thin client enables remote users to access the network from any computer equipped with an Internet connection and standard web browser.

No longer are remote users limited to using speciallyconfigured laptops provided by the IT department, as is the case with more traditional VPN models. IPSec VPN may be especially useful in areas where the IT administrator tightly controls and manages only a small number of remote workstations, while with fat client VPN systems administrators can allow users to have a greater level of access. However, users now can have the best of both worlds with SonicWall™ Secure Remote Access (SRA) NetExtender thin client technology. The tech brief below explains how.

Introduction

With SonicWall NetExtender, users enjoy seamless and secure network layer access to the intranet, file, desktop and terminal resources, including Microsoft® Outlook® and Microsoft SharePoint. Pushed transparently onto the client’s desktop, laptop or smartphone, the thin client enhances users’ capabilities and significantly reduces the IT administrative costs and time required to maintain and manage remote access.

SonicWall NetExtender

Simplified and secure end user access for anywhere, NetExtender adds more power to the SonicWall SRA 4600 and 1600, adding capabilities such as seamless and secure access to any resource on the corporate network including servers or custom applications. Unlike a fat client, NetExtender extends thin client transparently to the client’s desktop or laptop, and installs it automatically to facilitate this broader level of access. It assigns remote users an IP address from a preset pool of IP addresses, enabling them to access any TCP/IP-based resource on the corporate network including a wide variety of legacy applications and services. Remote users gain Layer-3 level access to the protected internal network.

The user experience is similar to that of a traditional IPSec VPN client, except that manual client installation is not required. Additionally, users do not have to worry about Network Address Translation (NAT) devices and proxies, which are the bane of traditional IPSec-based VPNs.

NetExtender creates a virtual adapter for secure point-to-point access to any allowed host or subnet on the internal network. Unlike the stateless nature of the traditional SSL VPN, NetExtender stays resident on the client machine even after the connection is closed.

The advantage of running NetExtender as a resident application on the remote system is that it speeds up login times in subsequent uses. Of course, if a remote user chooses to deploy the standalone NetExtender client on their remote machine, but later logs in from a separate machine, he or she can still gain access with no problems at all.

Users can access NetExtender easily in the traditional way from any machine using the browser portal. They can also select the Uninstall on browser exit option to have NetExtender remove itself after the session ends.

Extend network access through native clients

With NetExtender technology, remote users will gain: Access to email through native clients residing on the user’s laptop, including everything from Microsoft Outlook and Lotus Notes Access to commercial or property applications and flexible network access.

Enforce granular access control policies

By deploying the SonicWall NetExtender, along with Enforced Client Anti-Virus and Anti-Spyware, on the remote workstations, administrators can enforce a policy that requires every remote workstation that accesses the network to have current versions of anti-virus and anti-spyware software up and running.

Multiple NetExtender IP range and route support, permits the administrator to impose granular access control policies by assigning specific IP addresses or ranges of IP addresses, and specific routes to individual users or groups. This feature also helps to provide control that is more granular over who can access which network resources through NetExtender.

Enhance firewall encryption and security

SonicWall Secure Remote Access (SRA) provides a high level of security on its own. Besides the encryption that is inherent to the SSL model, the personalized SonicWall web portal enforces a high level of granularity for each user that the administrator controls. The SRA Series appliance grants remote users access only to authorized areas through the portal. NetExtender also provides enhanced security benefits. With NetExtender, you can force all client traffic through the SSL VPN tunnel, and apply all security services that are running on your primary SonicWall Network Security Appliance (NSA) or SonicWall TZ Series firewall — including enforcement of the SonicWall hostbased, anti-virus solution.

Versatile, bidirectional support for remote PCs

While the application proxies support specific protocols such as FTP, HTTP, RDP or VNC, NetExtender is not protocol specific. Rather, it can support any TCP/IP-based application that is running on the local client. Besides extended access, this also means that communications are bidirectional. In other words, the remote client can initiate communications with a host on the internal network, and the reverse is also true — hosts on the internal network can also initiate communications with the remote PC. This functionality is particularly useful for management and administration of remote PCs.

Flexible support for multiple platforms

Available as a standalone application for all SRA Series appliances, the NetExtender client can be launched through the Virtual Office web portal, or as a native application on Windows, Mac OS and Linux PCs and laptops, to access any authorized resource on the corporate network.

NetExtender utilizes a standard interface across all SSL VPN clients, creating a unified look and feel. Support for multiple platforms provides users with greater flexibility to access remote resources from various endpoints. Initial distribution of NetExtender is either through the Virtual Office portal or via a standalone installer. After initial distribution, users can launch NetExtender independently as a standard application. The NetExtender client supports domain login scripts, and implements a custom dialer that allows launch from the Windows Network Connections menu.

For mobile devices and operating systems, SonicWall Mobile Connect™, a single unified client app for Apple iOS, OS X, Google Android™, Kindle Fire and Windows 8.1 or newer, provides smartphone, tablet, laptop and desktop users network-level access to corporate and academic resources over encrypted SSL VPN connections.

Connect Tunnel:

Enable simple, secure remote access through SonicWall E-Class SRA Connect

E-Class SRA Connect™ provides users of IT-managed Windows, Macintosh and Linux devices with unmatched ease-of-use and a complete “in-office” experience. E-Class SRA Connect delivers the easiest, most complete method of secure remote access available and is ideal for providing strong security for wireless LAN users and mobile employees who need full access away from the office.

“In-office” experience from any location

Connect provides remote users of IT-managed devices with full access to key business applications — including back- connect applications such as VoIP soft phones and remote help desk — as if they were in the office. E-Class SRA Smart Access™ technology automatically determines and deploys the right remote access method for the corporate resources that they need, based on policy. Connect also supports Single Sign-On (SSO), network auto-discovery and integration with third-party dialers.

Easy administration with robust control

The lightweight Connect client can be pre-installed on an IT-managed device, or downloaded from a Web portal. Administrators can update new versions and configuration changes easily and automatically without further intervention. Connect integrates directly with E-Class SRA Unified Policy™ and E-Class SRA End Point Control™ (EPC™ ) for centralized control of all users, groups, resources and devices. Additionally, split tunnel control enables IT to control a user’s ability to log on to multiple networks while on the VPN. In addition, features such as NAT traversal, proxy detection, and traversal and mitigation of address conflicts ensure universal application access.

Secure access to VoIP and remote help desk

Connect support for UDP, TCP and IP protocols, as well as granular bidirectional access control for any applications, including back-connect applications like VoIP and remote help desk. Connect can interrogate a VoIP device and authenticate the user before connection, preventing the threat of malware attacks. With Connect, you get the granular access control, split-tunneling capability and NAT and firewall traversal you need to provide users with truly secure everywhere access. In addition, its adaptive addressing and routing dynamically adapts to networks, eliminating addressing and routing conflicts common with other solutions.

Tunnel agent Web policy and SSO configuration

Administrators can define Web policy for E-Class SRA Smart Tunneling agents (E-class SRA Connect Tunnel and OnDemand Tunnel) as well as the E-Class SRA WorkPlace portal, providing more granular access control options for the tunnel agents, allowing for consistent policy enforcement across all access options.

Mobility solutions

SonicWall Mobile Connect™ , available as a mobile app for Apple iOS, Mac OSX, Kindle Fire and Google Android™ mobile devices and embedded with Windows 8.1 devices, provides users with simple, policy-enforced mobile access to corporate and academic resources over encrypted SSL VPN connections. The E-Class SRA Appliances also feature clientless Microsoft ActiveSync support for Apple iPhone, iPad™ and Android devices through the appliance. ActiveSync support allows an administrator to securely access email, contacts and calendar functions through the SSL VPN, without having to expose an Exchange server at the edge of the network. ActiveSync features the ability to require users to authenticate through the SSL VPN (username/password), as well as require device identification against information stored in the user’s Active Directory or LDAP account.

Application-to-application Connect Service Edition

The E-Class SRA Connect Service Edition offers policy-driven application-toapplication access, perfect for branch office applications that need dedicated or scheduled connections without human intervention.

License Bundles:

System Requirements:

Videos:

Setup SSL VPN on a SonicWall Firewall

Setup a Site to Site VPN

Configure WAN Group VPN on a SonicWall Firewall

Pricing Notes:

• Pricing and product availability subject to change without notice.

SSL_VPN

SSL VPN

This chapter provides information on how to configure the SSL VPN features on the Dell SonicWALL security appliance. Dell SonicWALL’s SSL VPN features provide secure remote access to the network using the NetExtender client.

NetExtender is an SSL VPN client for Windows, Mac, or Linux users that is downloaded transparently and that allows you to run any application securely on the company’s network. It uses Point-to-Point Protocol (PPP). NetExtender allows remote clients seamless access to resources on your local network. Users can access NetExtender two ways:

• Logging in to the Virtual Office web portal provided by the Dell SonicWALL security appliance and clicking on the NetExtender button.

• Launching the standalone NetExtender client.

The NetExtender standalone client is installed the first time you launch NetExtender. Thereafter, it can be accessed directly from the Start menu on Windows systems, from the Application folder or dock on MacOS systems, or by the path name or from the shortcut bar on Linux systems.

This chapter contains the following sections:

• SSL VPN NetExtender Overview

• Configuring Users for SSL VPN Access

• SSL VPN > Status

• SSL VPN > Server Settings

• SSL VPN > Client Settings

• SSL VPN > Portal Settings

• SSL VPN > Virtual Office

– Accessing the Dell SonicWALL SSL VPN Portal

– Using NetExtender/windows-os-free-download-for-mac.html.

– Configuring SSL VPN Bookmarks

– Using SSL VPN Bookmarks

SSL VPN NetExtender Overview

This section provides an introduction to the SonicOS Enhanced SSL VPN NetExtender feature. This section contains the following subsections:

• What is SSL VPN NetExtender?

• Benefits

• NetExtender Concepts

What is SSL VPN NetExtender?

Dell SonicWALL’s SSL VPN NetExtender feature is a transparent software application for Windows, Mac, and Linux users that enables remote users to securely connect to the remote network. With NetExtender, remote users can securely run any application on the remote network. Users can upload and download files, mount network drives, and access resources as if they were on the local network. The NetExtender connection uses a Point-to-Point Protocol (PPP) connection.

Benefits

NetExtender provides remote users with full access to your protected internal network. The experience is virtually identical to that of using a traditional IPSec VPN client, but NetExtender does not require any manual client installation. Instead, the NetExtender Windows client is automatically installed on a remote user’s PC by an ActiveX control when using the Internet Explorer browser, or with the XPCOM plugin when using Firefox. On MacOS systems, supported browsers use Java controls to automatically install NetExtender from the Virtual Office portal. Linux systems can also install and use the NetExtender client.

After installation, NetExtender automatically launches and connects a virtual adapter for secure SSL-VPN point-to-point access to permitted hosts and subnets on the internal network.

NetExtender Concepts

The following sections describe advanced NetExtender concepts:

• Stand-Alone Client

• Client Routes

• Tunnel All Mode

• Connection Scripts

• Proxy Configuration

• Dell SonicWALL Mobile Connect

Stand-Alone Client

NetExtender is a browser-installed lightweight application that provides comprehensive remote access without requiring users to manually download and install the application. The first time a user launches NetExtender, the NetExtender stand-alone client is automatically installed on the user’s PC or Mac. The installer creates a profile based on the user’s login information. The installer window then closes and automatically launches NetExtender. If the user has a legacy version of NetExtender installed, the installer will first uninstall the old NetExtender and install the new version.

Once the NetExtender stand-alone client has been installed, Windows users can launch NetExtender from their PC’s Start > Programs menu and configure NetExtender to launch when Windows boots. Mac users can launch NetExtender from their system Applications folder, or drag the icon to the dock for quick access. On Linux systems, the installer creates a desktop shortcut in /usr/share/NetExtender. This can be dragged to the shortcut bar in environments like Gnome and KDE.

Client Routes

NetExtender client routes are used to allow and deny access for SSL VPN users to various network resources. Address objects are used to easily and dynamically configure access to network resources.

Dell Sonicwall Vpn Client Download

Tunnel All Mode

Tunnel All mode routes all traffic to and from the remote user over the SSL VPN NetExtender tunnel—including traffic destined for the remote user’s local network. This is accomplished by adding the following routes to the remote client’s route table:

NetExtender also adds routes for the local networks of all connected Network Connections. These routes are configured with higher metrics than any existing routes to force traffic destined for the local network over the SSL VPN tunnel instead. For example, if a remote user is has the IP address 10.0.67.64 on the 10.0.*.* network, the route 10.0.0.0/255.255.0.0 is added to route traffic through the SSL VPN tunnel.

Tunnel All mode is configured on the SSL VPN > Client Routes page.

Connection Scripts

Dell SonicWALL SSL VPN provides users with the ability to run batch file scripts when NetExtender connects and disconnects. The scripts can be used to map or disconnect network drives and printers, launch applications, or open files or Web sites. NetExtender Connection Scripts can support any valid batch file commands.

Proxy Configuration

Dell SonicWALL SSL VPN supports NetExtender sessions using proxy configurations. Currently, only HTTPS proxy is supported. When launching NetExtender from the Web portal, if your browser is already configured for proxy access, NetExtender automatically inherits the proxy settings. The proxy settings can also be manually configured in the NetExtender client preferences. NetExtender can automatically detect proxy settings for proxy servers that support the Web Proxy Auto Discovery (WPAD) Protocol.

NetExtender provides three options for configuring proxy settings:

• Automatically detect settings - To use this setting, the proxy server must support Web Proxy Auto Discovery Protocol (WPAD)), which can push the proxy settings script to the client automatically.

• Use automatic configuration script - If you know the location of the proxy settings script, you can select this option and provide the URL of the script.

• Use proxy server - You can use this option to specify the IP address and port of the proxy server. Optionally, you can enter an IP address or domain in the BypassProxy field to allow direct connections to those addresses and bypass the proxy server. If required, you can enter a user name and password for the proxy server. If the proxy server requires a username and password, but you do not specify them, a NetExtender pop-up window will prompt you to enter them when you first connect.

When NetExtender connects using proxy settings, it establishes an HTTPS connection to the proxy server instead of connecting to the Dell SonicWALL security appliance. server directly. The proxy server then forwards traffic to the SSL VPN server. All traffic is encrypted by SSL with the certificate negotiated by NetExtender, of which the proxy server has no knowledge. The connecting process is identical for proxy and non-proxy users.

Dell SonicWALL Mobile Connect

Dell SonicWALL Mobile Connect is an app for iPhone, iPad, and iPod Touch that enables secure, mobile connections to private networks protected by Dell SonicWALL security appliances. The Dell SonicWALL Mobile Connect app for iPhone and iPad provides secure, mobile access to sensitive network resources using the iPhone and iPad. Dell SonicWALL Mobile Connect establishes a Secure Socket Layer Virtual Private Network (SSL VPN) connection to private networks that are protected by Dell SonicWALL security appliances. All traffic to and from the private network is securely transmitted over the SSL VPN tunnel.

The process for using Dell SonicWALL Mobile Connect is as follows:

1. Install Dell SonicWALL Mobile Connect from the App Store.

2. Enter connection information (server name, username, password, etc.).

3. Initiate a connection to the network.

4. Dell SonicWALL Mobile Connect establishes a SSL VPN tunnel to the Dell SonicWALL security appliance.

5. You can now access resources on the private network. All traffic to and from the private network is securely transmitted over thtrouble shooting reporte SSL VPN tunnel.

From the administrator’s perspective, Dell SonicWALL Mobile Connect functions virtually the same as NetExtender. Two administrator configurations are required

• Configure Users for NetExtender – In order for a user to be able to connect with Dell SonicWALL Mobile Connect, their user account must be assigned to the SSLVPN Services group. See Configuring Users for SSL VPN Access for details.

Configuring Users for SSL VPN Access

In order for users to be able to access SSL VPN services, they must be assigned to the SSLVPN Services group. Users who attempt to login through the Virtual Office who do not belong to the SSLVPN Services group will be denied access.

The maximum number of SSL VPN concurrent users for each Dell SonicWALL network security appliance model supported in Release 5.9 is shown in the table below:

The following sections describe how to configure user accounts for SSL VPN access:

• Configuring SSL VPN Access for Local Users

• Configuring SSL VPN Access for RADIUS Users

• Configuring SSL VPN Access for LDAP Users

Configuring SSL VPN Access for Local Users

To configure users in the local user database for SSL VPN access, you must add the users to the SSLVPN Services user group. To do so, perform the following steps:

1. Navigate to the Users > Local Users page.

2. Click on the configure icon for the user you want to edit, or click the Add User button to create a new user. The Edit User window is launched.

3. Click on the Groups tab.

4. In the User Groups column, click on SSLVPN Services and click the right arrow to move it to the Member Of column.

5. Click on the VPN Access tab. The VPN Access tab configures which network resources VPN users (either GVC, NetExtender, or Virtual Office bookmarks) can access. Select one or more network address objects or groups from the Networks list and click the right arrow button (->) to move them to the Access List column. To remove the user’s access to a network address objects or groups, select the network from the Access List, and click the left arrow button (<-).

Note The VPN access tab affects the ability of remote clients using GVC, NetExtender, and SSL VPN Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or Virtual Office users to access a network resource, the network address objects or groups must be added to the “allow” list on the VPN Access tab.

6. Click OK.

Note The feature, One-Time Password, is a two-factor authentication scheme utilizing system-generated, random passwords, in addition to standard user name and password credentials, for users attempting to login through SSL VPN connections.

Configuring SSL VPN Access for RADIUS Users

To configure RADIUS users for SSL VPN access, you must add the users to the SSLVPN Services user group. To do so, perform the following steps:

1. Navigate to the Users > Settings page.

2. In the Authentication Method for login pulldown menu, select RADIUS or RADIUS + Local Users.

3. Click the Configure button for Authentication Method for login. The RADIUS Configuration window displays.

4. Click on the RADIUS Users tab.

5. In the Default user group to which all RADIUS users belong pulldown menu, select SSLVPN Services.

Note The VPN Access tab in the Edit User window is also another granular control on access for both Virtual Office Bookmarks and for NetExtender access.

6. Click OK.

Sonicwall Vpn Client Download

Configuring SSL VPN Access for LDAP Users

To configure LDAP users for SSL VPN access, you must add the LDAP user groups to the SSLVPN Services user group. To do so, perform the following steps:

1. Navigate to the Users > Settings page.

2. Set the Authentication method for login to either LDAP or LDAP + Local Users.

3. Click the Configure button to launch the LDAP Configuration window.

4. Click on the LDAP Users tab.

5. In the Default LDAP User Group pulldown menu, select SSLVPN Services.

Note The VPN Access tab n the Edit User window is also another granular control on access for both Virtual Office Bookmarks and for NetExtender access.

Sonicwall Global Vpn Client Download

6. Click OK.