background image

Page 48   

Registering Your SonicWALL SSL-VPN 4000

Before You Register

Verify the DNS and Time settings on your SonicWALL SSL-VPN 4000 are correct when 
you register the device. Configure Time settings in the 

System > Time

 page. Configure 

DNS settings in the 

Network > DNS

 page.

You need a mySonicWALL.com account to register the SonicWALL SSL-VPN 4000. You 
can create a new mySonicWALL.com account directly from the SonicWALL 
management interface. 

Note:

mySonicWALL.com registration information is not sold or shared with any other 

company.

Registering with MySonicWALL

1. If you are not logged into the SonicWALL SSL-VPN 4000 management interface, log 

in with the username 

admin

 and the administrative password you set in the Setup 

Wizard. 

2. If the 

System > Status

 page is not displaying in the management interface, click 

System

 in the left-navigation menu, and then click 

Status

3. Record your 

Serial Number

 and 

Authentication Code

 from the 

Licenses and 

Registration

 box.

4. In the Licenses and Registration box, follow the link to the 

SonicWALL Web site

 (or 

access http://www.mysonicwall.com in your Web browser). The 

mySonicWALL.com Login

 page is displayed.

5. Enter your mySonicWALL.com account username and password.

8

Содержание SSL-VPN 4000

Страница 1: ...Secure Remote Access Solutions APPLIANCES SonicWALL SSL VPN Series SonicWALL SSL VPN 4000 Getting Started Guide...

Страница 2: ...lizing only a standard Web browser users can easily and securely access e mail files intranets applications and other resources on the corporate LAN from any location SonicWALL SSL VPN 4000 Configurat...

Страница 3: ...t Management UTM appliance or your perimeter firewall A computer to use as a management station for initial configuration of the SonicWALL SSL VPN 4000 A Web browser supporting Java version 1 3 1 or h...

Страница 4: ...lect the following information about your current network configuration Primary DNS Secondary DNS optional DNS Domain WINS server s optional Other Information These are the default settings for access...

Страница 5: ...ti Spyware SonicOS Enhanced 3 1 or higher TZ 170 Series PRO 1260 PRO 2040 PRO 3060 PRO 4060 PRO 4100 PRO 5060 Scenario A SSL VPN on a New DMZ OPT or unused interface A new DMZ configured for either NA...

Страница 6: ...orms a series of diagnostic tests When the Test light is no longer lit the SonicWALL SSL VPN 4000 is ready for configuration If the Test or Alarm LEDs remain lit or if the Test LED blinks red after th...

Страница 7: ...ter refer to Configuring a Static IP Address on page 52 Alert A Web browser supporting Java and HTTP uploads such as Internet Explorer 5 01 or higher Netscape Navigator 4 7 or higher Mozilla 1 7 or hi...

Страница 8: ...LL SSL VPN 4000 verify the following configurations Did you plug your management workstation into the interface X0 on the SonicWALL SSL VPN appliance Management can only be performed through X0 Is the...

Страница 9: ...sed management interface This section includes the following subsections Setting Your Administrator Password on page 9 Adding a Local User on page 9 Setting Time Zone on page 10 Configuring SSL VPN Ne...

Страница 10: ...ave to reset the SonicWALL SSL VPN 4000 to factory settings losing your configuration 3 Enter a password for the admin account in the Password field Re enter the password in the Confirm Password field...

Страница 11: ...now configure your SSL VPN 4000 network settings Refer to the notes you took in Network Configuration Information on page 3 to complete this section Configuring DNS WINS 1 Select the Network DNS page...

Страница 12: ...omputer you use to manage the SonicWALL SSL VPN 4000 to have a static IP address in the range you just set for the X0 interface for example 10 1 1 20 or 192 168 200 20 For help with setting up a stati...

Страница 13: ...nation Network field For example if you are connecting to an existing DMZ with the network 192 168 50 0 24 and you want to provide access to your LAN network 192 168 168 0 24 you would enter 192 168 1...

Страница 14: ...cases where there are other hosts on the same segment as the SonicWALL SSL VPN appliance it must not overlap or collide with any assigned addresses You can determine the correct subnet based on your...

Страница 15: ...public addresses from your ISP In either case you may assign a new unallocated IP range to NetExtender such as 192 168 10 100 to 192 168 10 200 and configure a route to this range on your gateway appl...

Страница 16: ...page 16 Scenario C Configuring Your Network Interface on page 17 Scenario C Connecting the SonicWALL SSL VPN 4000 on page 17 Scenario A Connecting the SonicWALL SSL VPN 4000 To connect the SonicWALL S...

Страница 17: ...cenario B Connecting the SonicWALL SSL VPN 4000 To connect the SonicWALL SSL VPN 4000 using Scenario B perform the following steps 1 Connect one end of an Ethernet cable to an unused port on your DMZ...

Страница 18: ...ask in the Subnet Mask field 5 Click the OK button to apply changes Scenario C Connecting the SonicWALL SSL VPN 4000 To connect the SonicWALL SSL VPN 4000 using Scenario C perform the following steps...

Страница 19: ...in SonicOS Standard on page 19 Scenario A Allowing WAN DMZ Connection in SonicOS Standard on page 19 Scenario A Allowing DMZ LAN Connection in SonicOS Standard on page 21 Scenario A Adding a New SSL...

Страница 20: ...hanced skip to Scenario A Allowing WAN SSL VPN Connection in SonicOS Enhanced on page 26 9 Tip Leave the default rule to deny any access from WAN to DMZ in place and use the Public Server Rule Wizard...

Страница 21: ...e perform the following selections Click Next 6 In the Congratulations page click Apply to create the rules and allow access from the WAN to the SonicWALL SSL VPN appliance on the DMZ Service HTTPS Se...

Страница 22: ...e LAN You need to create two rules one to allow traffic from the SonicWALL SSL VPN appliances X0 interface to your LAN and one to allow traffic from NetExtender to your LAN Note This procedure uses th...

Страница 23: ...ress page perform the following selections and click Next Interface DMZ IP Address Begin The X0 IP address of the SonicWALL SSL VPN appliance 192 168 200 1 by default IP Address End The X0 IP address...

Страница 24: ...m the following selections and click Next 8 In the Step 6 Access Rule Time page leave Time Active set to Always Active unless you want to limit when you want SSL VPN clients to have access to the LAN...

Страница 25: ...k Next 7 In the Step 5 Access Rule Destination Interface and Address page perform the following selections and click Next 8 In the Step 6 Access Rule Time page leave Time Active set to Always Active u...

Страница 26: ...rom the Security Type drop down menu 6 Un check the Allow Interface Trust checkbox 7 Check the Gateway AV Intrusion Prevention Service and Anti Spyware checkboxes 8 Click the OK button 9 Enter the IP...

Страница 27: ...is running SonicOS Standard refer to Scenario A Allowing WAN DMZ Connection in SonicOS Standard on page 19 Create a public server access rule for HTTP and HTTPS traffic 1 Select the Firewall Access R...

Страница 28: ...both HTTP and HTTPS and click Click OK when both HTTP and HTTPS are in the right column 6 In the Step 2 Server Private Network Configuration page enter Click Next Server Name A name for your SonicWAL...

Страница 29: ...nicWALL UTM appliance If you accept this default all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SSL VPN 4000 Click Next 8 The Step 4 Public Server Configuration Summary...

Страница 30: ...VPN 4000 Click OK to create the object 4 Click again to create an address object for the NetExtender range 5 In the Add Object dialog box create an address object for the X0 interface IP address of yo...

Страница 31: ...ddress of your SonicWALL SSL VPN 4000 and the NetExtender IP range Enter a name for the group In the left column select the two groups you created in steps 1 through 5 and click Click OK when both obj...

Страница 32: ...dress group you just created access to the LAN Click OK to create the rule Continue to Step Action Allow From Zone SSL VPN To Zone LAN Service Any Source The address group you just created such as Son...

Страница 33: ...your user name and password in the appropriate fields and press the Login button Note Remember that you are logging into your SonicWALL UTM appliance not the SSL VPN Your user name and password combi...

Страница 34: ...ic Server page perform the following selections Click Next 6 In the Congratulations page click Apply to create the rules and allow access from the WAN to the SonicWALL SSL VPN appliance on the DMZ Ser...

Страница 35: ...s one to allow traffic from the SonicWALL SSL VPN appliance s X0 interface to your LAN and one to allow traffic from NetExtender to your LAN Note This procedure uses the Access Rule Wizard to create t...

Страница 36: ...d Address page perform the following selections and click Next Interface DMZ IP Address Begin The X0 IP address of the SonicWALL SSL VPN appliance within your DMZ range for example 10 1 1 200 IP Addre...

Страница 37: ...ions and click Next 8 In the Step 6 Access Rule Time page leave Time Active set to Always Active unless you want to limit when you want SSL VPN clients to have access to the LAN 9 In the Congratulatio...

Страница 38: ...ck Next 7 In the Step 5 Access Rule Destination Interface and Address page perform the following selections and click Next 8 In the Step 6 Access Rule Time page leave Time Active set to Always Active...

Страница 39: ...ffic Note If you are already forwarding HTTP or HTTPS to an internal server and you only have a single public IP address you will need to select different unique ports of operation for either the exis...

Страница 40: ...and HTTPS and click Click OK when both HTTP and HTTPS are in the right column 6 In the Step 2 Server Private Network Configuration page enter Click Next Server Name A name for your SonicWALL SSL VPN...

Страница 41: ...nicWALL UTM appliance If you accept this default all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SSL VPN 4000 Click Next 8 The Step 4 Public Server Configuration Summary...

Страница 42: ...Click again to create an address object for the NetExtender range 5 In the Add Object dialog box create an address object for the X0 interface IP address of your SonicWALL SSL VPN 4000 Click OK to cr...

Страница 43: ...ddress of your SonicWALL SSL VPN 4000 and the NetExtender IP range Enter a name for the group In the left column select the two groups you created in steps 1 through 5 and click Click OK when both obj...

Страница 44: ...address group you just created access to the LAN Click OK to create the rule Continue to Step Action Allow From Zone DMZ To Zone LAN Service Any Source The address group you just created such as Sonic...

Страница 45: ...Scenario C Setting Public Server Access in SonicOS Enhanced on page 46 Scenario C Connecting to the SonicWALL UTM Appliance Using a computer connected to your LAN launch your Web browser and log in to...

Страница 46: ...ect HTTPS from the Service drop down list 7 Enter 192 168 168 200 or the IP address to which you have configured your X0 interface on your SonicWALL SSL VPN appliance in the Private IP field 8 Select...

Страница 47: ...he Wizard 6 Enter SSL VPN in the Server Name field 7 Enter 192 168 168 200 or the address to which you have configured your X0 interface on your SonicWALL SSL VPN appliance in the Private IP field 8 E...

Страница 48: ...o that you create a DNS record to allow for FQDN access to your SonicWALL SSL VPN appliance If you do not manage your own public DNS servers contact your Internet Service Provider for assistance For c...

Страница 49: ...shared with any other company Registering with MySonicWALL 1 If you are not logged into the SonicWALL SSL VPN 4000 management interface log in with the username admin and the administrative password...

Страница 50: ...appropriate fields 8 Enter a friendly name for your SonicWALL SSL VPN in the Friendly Name field 9 Click the Register button 10 When the mySonicWALL com server has finished processing your registrati...

Страница 51: ...ng a unique URL embedded in the confirmation e mail After logging in to the selected provider s page you should visit the administrative link typically add or manage and create your host entries This...

Страница 52: ...cally leave the default settings on this page 10 The On line Settings section provides control over what address is registered with the dynamic DNS provider The options are Let the server detect IP Ad...

Страница 53: ...mple 255 255 255 0 in the Subnet Mask field 5 Type the SonicWALL SSL VPN 4000 LAN IP Address into the Default Gateway field 6 Type the DNS IP address in the Preferred DNS Server field If you have more...

Страница 54: ...IP range in the IP Address field 6 Type the appropriate subnet mask for example 255 255 255 0 in the Subnet Mask field 7 Type the SonicWALL SSL VPN 4000 LAN IP Address in the Default Gateway field 8 C...

Страница 55: ...40 C is recommended Route cables away from power lines fluorescent lighting fixtures and sources of noise such as radios transmitters and broadband amplifiers Ensure that no water or excessive moistur...

Страница 56: ...d as four numbers from 0 to 255 separated by periods for example 172 16 31 254 LAN A Local Area Network is typically a group of computers located at a single location and is commonly based on the Ethe...

Страница 57: ...for subnet with only eight IP addresses TCP IP Transmission Control Protocol Internet Protocol is the basic communication protocol of the Internet It supports sending information in packets and ident...

Страница 58: ...may not be replaced by the user The SonicWALL must be returned to a SonicWALL authorized service center for replacement with the same or equivalent type recommended by the manufacturer If for any reas...

Страница 59: ...o change without notice Trademarks SonicWALL is a registered trademark of SonicWALL Inc Microsoft Windows 98 Windows NT Windows 2000 Windows XP Windows Server 2003 Internet Explorer and Active Directo...

Страница 60: ...SonicWALL SSL VPN 4000 Getting Started Guide Page 59 Notes...

Страница 61: ...Page 60 Notes...

Страница 62: ...erein may be trademarks and or registered trademarks of their respective companies Specifications and descriptions subject to change without notice T 1 408 745 9600 SonicWALL Inc 1143 Borregas Avenue...

Отзывы: