manualshive.com logo in svg

SonicWALL SMA 100 Series, Deployment Manual

The SonicWALL SMA 100 Series provides secure remote access to your network. Easily deploy with our free Deployment Manual available for download from manualshive.com. This comprehensive manual details step-by-step instructions to ensure smooth implementation. Enhance your network security with SonicWALL SMA 100 Series.

Share
Download
background image

Setting Your NetExtender Address Range

The NetExtender address range defines the IP address pool from which addresses will be assigned to
remote users during NetExtender sessions. The range needs to be large enough to accommodate the
maximum number of concurrent NetExtender users you wish to support.

The range should fall within the same subnet as the interface to which the SMA appliance is connected, and
it must not overlap or collide with any assigned addresses if other hosts are on the same segment as the
SMA appliance.

Determine the correct subnet based on your network scenario selection:

Scenario
A

192.168.200.100

to

192.168.200.200

(default range)

Scenario
B

Select a range that falls within your existing DMZ subnet. For example, if your DMZ uses the

10.1.1.0/24

subnet, and you want to support up to 30 concurrent NetExtender sessions,

you could use

10.1.1.220

to

10.1.1.249

.

Scenario
C

Select a range that falls within your existing LAN subnet. For example, if your LAN uses the

192.168.168.0/24

subnet, and you want to support up to 10 concurrent NetExtender

sessions, you could use

192.168.168.240

to

192.168.168.249

.

NOTE:

DHCP/DHCPv6 is supported and can manage the IPv4 and IPv6 addresses in the LAN and the

NetExtender client address ranges.

To set your NetExtender address range:

1. Using Secure Mobile Access, navigate to the

Clients > Settings

page.

2. Enter an address range in the

Client Address Range Begin

and

Client Address Range End

fields.

3. Click

Accept

to add the

Client Address Range

.

Scenario A

192.168.200.100

to

192.168.200.200

(default range)

Scenario B

An unused range within your DMZ subnet.

Scenario C

An unused range within your LAN subnet.

If you do not have enough available addresses to support your desired number of concurrent NetExtender
users, you may use a new subnet for NetExtender. This condition may occur if your existing DMZ or LAN is
configured in NAT mode with a small subnet space, such as

255.255.255.224

, or more commonly if your

DMZ or LAN is configured in Transparent mode and you have a limited number of public addresses from
your ISP. In either case, you may assign a new, unallocated IP range to NetExtender (such as

192.168.10.100

to

192.168.10.200

) and configure a route to this range on your gateway appliance.

For example, if your current Transparent range is

67.115.118.75

through

67.115.118.80

, and you wish to

support 50 concurrent NetExtender clients, configure your SMA X0 interface with an available IP address in
the Transparent range, such as

67.115.118.80

, and configure your NetExtender range as

192.168.10.100

to

192.168.10.200

. Then, on your gateway device, configure a static route to

192.168.10.0

, using

67.115.118.80

.

SMA 10.2 Deployment Guide for the SMA 100 Series

Additional Configuration

19

Summary of Contents for SMA 100 Series

Page 1: ...Secure Mobile Access 10 2 Deployment Guide for the SMA 100 Series...

Page 2: ...SMA to the Gateway 9 Allowing WAN to DMZ Connection 9 Allowing DMZ to LAN Connection 10 Deploying SMA on the LAN 13 Connecting the SMA to the Gateway 13 Configuring SMA to LAN Connectivity 13 Addition...

Page 3: ...3600 This method of deployment offers additional layers of security control plus the ability to use SonicWall s security services including Gateway Anti Virus Anti Spyware Content Filtering Intrusion...

Page 4: ...None For a full list of the supported SonicWall firewall and firmware versions see https www sonicwall com support product lifecycle tables The following illustrations provide an overview of each depl...

Page 5: ...t on the front of your SonicWall Secure Mobile Access 210 410 The X0 Port LED lights up indicating an active connection 3 Configure the SMA X0 IP address Refer to Configuring the X0 IP Address Allowin...

Page 6: ...mation and then click Next Server Name Specify the name for the SMA appliance Server Private IP Address SMA appliance X0 IP address Server Comment Brief description of the server 6 On the Server Publi...

Page 7: ...SMA appliance Name Name of the SMA appliance Zone Assignment SMA Type Host IP Address SMA appliance X0 IP address default 192 168 200 1 4 Click Save to create the object Once done click Close 5 Click...

Page 8: ...dress group you just created Source Zone Interface SMA Source Destination LAN Source Port Any Service Any Source The address group you just created such as SMA and NetExtender Destination Any Users Al...

Page 9: ...t Refer to Configuring the X0 IP Address for more information Allowing WAN to DMZ Connection If you are already forwarding HTTP or HTTPS to an internal server and you only have a single public IP addr...

Page 10: ...lays all configuration actions that are performed Click Apply to create the configuration and allow access from the WAN to the SMA appliance on the DMZ Allowing DMZ to LAN Connection When users have c...

Page 11: ...range l Enter a name for the group l In the left column select the address objects you created and click the right arrow button l Click Save to create the group when both objects are in the right col...

Page 12: ...This completes Scenario B NOTE Some gateway appliances have a default zone named SSLVPN Do not select this zone when configuring for the SMA appliance The SSLVPN zone is intended for use with the mor...

Page 13: ...ress for more information Configuring SMA to LAN Connectivity NOTE Before continuing you must add a new SMA custom zone Refer to Adding a New SMA Custom Zone for more information For users to access l...

Page 14: ...added click Close 8 On the OBJECT Match Objects Addresses page click the Address Groups tab 9 Click Add 10 In the Add Address Groups dialog box create a group for the X0 interface IP address of your S...

Page 15: ...Fragmented Packets 15 Click OK to create the rule This completes Scenario C NOTE Some gateway appliances have a default zone named SSLVPN Do not select this zone when configuring for the SMA appliance...

Page 16: ...b browser TIP For additional information see the SMA 210 410 Quick Start Guide 2 Using SonicOS navigate to the NETWORK System Interfaces page 3 In the Interface Settings table click the Configure icon...

Page 17: ...SMA on the LAN The LAN interface IP address To configure a default route 1 Using Secure Mobile Access navigate to the Network Routes page 2 Enter the upstream gateway device s IPv4 address in the Defa...

Page 18: ...u would like to provide access with NetExtender in the Destination Network field For example if you are connecting to an existing DMZ on the 10 1 1 0 24 subnet and you want to provide access to your L...

Page 19: ...nder address range 1 Using Secure Mobile Access navigate to the Clients Settings page 2 Enter an address range in the Client Address Range Begin and Client Address Range End fields 3 Click Accept to a...

Page 20: ...our gateway appliance as an administrator and navigate to the NETWORK System Interfaces page 2 Click the Configure icon for the interface connected to your SMA such as X2 3 Select Create new zone in t...

Page 21: ...168 168 x 10 Enter your Subnet Mask 11 Optionally enter the Default Gateway which is the WAN address of the gateway appliance 12 If you want to allow management of the gateway appliance over this inte...

Page 22: ...et You can verify your connection using a remote client on the WAN To verify a User Connection from the Internet 1 From a WAN connection outside of your corporate network launch a Web browser and ente...

Page 23: ...A appliance If you do not manage your own public DNS servers contact your ISP for assistance Policy Access Rules Matrix View If the SMA zone does not appear in the POLICY Rules and Policies Access Rul...

Page 24: ...knowledge base articles and technical documentation l View and participate in the Community forum discussions at https community sonicwall com technology and support l View video tutorials l Access h...

Page 25: ...LIATES BE LIABLE FOR ANY DIRECT INDIRECT CONSEQUENTIAL PUNITIVE SPECIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF PROFITS BUSINESS INTERRUPTION OR LOSS OF INFORMATION ARIS...

Reviews:

No comments

Related manuals for SMA 100 Series

Samsung 6 series Full Manual preview
6 series
Brand: Samsung Pages: 36
Varian 948 Operation And Service Manual preview
948
Brand: Varian Pages: 176
Safety Vision 48 Series User Manual preview
48 Series
Brand: Safety Vision Pages: 24
Samsung Wisenet SNK-D85121BF Quick Start Manual preview
SNK-D85121BF
Brand: Samsung Wisenet Pages: 16
VHD DC-S2812 Quick Start Manual preview
DC-S2812
Brand: VHD Pages: 2
Waters ACQUITY System Manual preview
ACQUITY
Brand: Waters Pages: 116
R-Tech POWER TIG 210EXT Operation Instructions Manual preview
POWER TIG 210EXT
Brand: R-Tech Pages: 27
Halsey Taylor GreenSpec HTHB-HVRGRN Installation, Care & Use Manual preview
GreenSpec HTHB-HVRGRN
Brand: Halsey Taylor Pages: 7
JBL CS680 (230V) Owner'S Manual preview
CS680 (230V)
Brand: JBL Pages: 10
Hitron HDG-3x0 series Instruction Manual preview
HDG-3x0 series
Brand: Hitron Pages: 71
Kopp INFRAcontrol R 180 Instructions preview
INFRAcontrol R 180
Brand: Kopp Pages: 2
CIGWELD Transmig 355i Operating Manual preview
Transmig 355i
Brand: CIGWELD Pages: 116
CAMDEN CX-DE502SO Installation Instructions preview
CX-DE502SO
Brand: CAMDEN Pages: 2
DELTA DORE DMB TYXAL+ Installation Manual preview
DMB TYXAL+
Brand: DELTA DORE Pages: 2
EAW CB423M Technical Specifications preview
CB423M
Brand: EAW Pages: 2
Lanzar OPTIUTA10B Optidrive Series Owner'S Manual preview
OPTIUTA10B Optidrive Series
Brand: Lanzar Pages: 8
Eclipse Security ECL-IP3B100V User Manual preview
ECL-IP3B100V
Brand: Eclipse Security Pages: 28
Onkyo D-N5 Service Manual preview
D-N5
Brand: Onkyo Pages: 9

Brands by name

Popular brands

Load more brands