Sonicwall firewall Configure remote user access SSL VPN

From Notes_Wiki

Home > Enterprise security devices or applications > Sonicwall firewall > Sonicwall firewall Configure remote user access SSL VPN

To configure remote access SSL VPN with Sonicwall firewall use:

  1. Identify a public WAN interface with static IP for configuring remote access VPN. Note the interface name and public IP.
  2. Go to Manage -> Connecitivity -> VPN -> Base settings
  3. Click on Add to create a new VPN settings for selected ISP public IP
  4. In General
    1. Choose "Policy Type" as Tunnel Interface
    2. Choose "Authentication Method" as "IKE using Preshared Secret"
    3. Enter appropriate Name
    4. For "IPSec Primary Gateway Name or Address" enter ISP public IP noted earlier
    5. In "IKE Authentication" enter random string for Shared secret and exactly same again for "Confirm shared secret"
      Users would have to give this "Shared secret" while connecting to VPN before authenticating with username/password
    6. For both "Local IKE ID" and "Peer IKE ID" leave "IPv4 Address" selected
  5. In Proposals:
    1. In IKE Phase 1 proposal choose IKEv2 mode, Group 5, AES-256, SHA256 and 28800
    2. In Ipsec Phase 2 poropsal use ESP, AES-256, SHA256, Enable perfect forward secrecy - Group 5 and 28800
  6. In Advanced Enable only these
    1. Enable keep-alive
    2. User login via this SA : Both http and https
    3. VPN bound to interface : Select ISP interface noted in first step
  7. Click "Add/ok" to add
  8. Test by connecting from outside organization eg mobile hotspot


Home > Enterprise security devices or applications > Sonicwall firewall > Sonicwall firewall Configure remote user access SSL VPN