How to configure a Small Business VPN
Small Business SSL VPNs is one of the most used methods of allowing Remote Small Business Users to connect to the SonicWall (or other firewalls) and access internal network resources. Today I am going to show you how to setup and use a SSL VPN Connection and how to connect using NetExtender, the Small Business SSL VPN client.
Sonicwall Small Business VPN firewalls come by default licensed for a maximum of 2 users connecting remotely over a SSL VPN and you can buy more licenses ,should you need more users connecting to your intranet resources.
First, login to your Sonicwall VPN firewall using your admin credentials
Click on “Manage” at the top menu
You can check your existing licenses for SSL-VPN users by clicking on Licenses and scrolling down to SSL VPN, as you can see I have 2 users available of the 102 maximum
When a SSL VPN client connects , it is assigned an IP address on the network, lets define an address object to indicate what IP addresses will be available for this purpose
ON screen title “Creating an Address Object for the SSLVPN IPv4 Address Range”
Click Manage in the top navigation menu
Click on Objects on the left menu and then Click on Address Objects Now, lets “+Add” at the top on the right pane
In the pop-up window, enter the information for your SSL VPN Range.
Name: SSL VPN Pool
Type a Friendly Name for the IP address pool.
Zone Assignment select SSLVPN
On the field “Type” you can define if you want to make available a single IP, a range of IP addresses or an entire subnet, I am going to use a range
On the Range field
- Starting IP Address for the range: 192.168.1.180
- Ending IP Address: 192.168.1.190
Click the “Add” button to complete adding the SSL-VPN IP allocation address object
ON screen title “SSLVPN Configuration”
Now, let’s configure the SSL VPN, to do so,
Navigate to the “SSL-VPN” option on the left menu
Click on “Server Settings”
Click on the Red Bubble for “WAN” to enable VPN connections from the internet, it should become Green. This indicates that SSL VPN Connections will be allowed on the WAN Zone.
Set the “SSL VPN Port”, and “Domain” as desired. I will leave the defaults Now let’s configure the client settings,
Navigate to the “SSL VPN” option on the left
Then click on “Client Settings”, The SSL VPN | Client Settings page allows the administrator to configure the client address range information and NetExtender client settings, the most important being where the SSL-VPN will terminate
Click on the “Configure” button for the Default Device Profile. Set the “Zone IP V4” as SSLVPN.
Set “Network Address IP V4” as the Address Object you created earlier (SSL-VPN-IP Range). Click on the “Client Routes” here you can control what network access SSL VPN Users are allowed.
Click on the left pane the object or object you will like to create routes and grant access over the VPN connection
Click the Right pointing arrow to add the object to the allowed client routes I am just going to add a single host named “192.168.1.16” since that’s all I need for my client’s The “Client Settings” tab allows the Administrator to input DNS, WINS, and Suffix information while also controlling the caching of passwords, user names, and the behavior of the NetExtender Client.
Input the necessary DNS/WINS information and a DNS Suffix if SSL VPN Users need to find Domain resources by name.
I am just going to change the DNS server Enable “Create Client Connection Profile” to allow the NetExtender client software to save the connection-