Secure Remote Access Solutions APPLIANCES SonicWALL SSL-VPN Series SSL-VPN 2000 Getting Started Guide
SonicWALL SSL-VPN 2000 Appliance Getting Started Guide Thank you for your purchase of the SonicWALL SSL-VPN 2000, the solution for secure remote access to mission-critical resources from virtually any end point—including desktops, laptops, PDAs and smartphones. The SonicWALL SSL-VPN 2000 appliance provides organizations of all sizes with an affordable, simple and secure remote network and application access solution that requires no pre-installed client software.
Before You Begin Check Package Contents Any Items Missing? • If any items are missing from your package, contact: SonicWALL Support Web: http://www.sonicwall.com/us/Support.html Email: customer_service@sonicwall.com • • • • • One SonicWALL SSL-VPN 2000 appliance One SonicWALL SSL-VPN 2000 Getting Started Guide One SonicWALL SSL-VPN Release Notes One straight-through Ethernet cable One rack-mount kit One power cord* * A power cord is included only with units shipped to North America.
Selecting a SonicWALL Recommended Deployment Scenario The deployment scenarios described in this section are based on actual customer deployments and are SonicWALL-recommended deployment best practices. This section describes three common deployments of the SonicWALL SSL-VPN 2000. In Table 1, select the scenario that most closely matches your deployment.
Applying Power to the SonicWALL SSL-VPN 2000 1. Plug the power cord into the SonicWALL SSL-VPN 2000 and into an appropriate power outlet. 2. Turn on the power switch on the rear of the appliance next to the power cord. Console Port: Provides access to command line interface. (for future use) Power LED Test LED X1: 10/100 Ethernet X3: 10/100 Ethernet X2: 10/100 Ethernet Alarm LED X0: Default management port. Provides connectivity between the SSL-VPN and your gateway.
Accessing the Management Interface To access the Web-based management interface of the SonicWALL SSL-VPN 2000: 1. Connect one end of an Ethernet cable into the X0 port of your SonicWALL SSLVPN 2000. Connect the other end of the cable into the computer you are using to manage the SonicWALL SSL-VPN 2000. SonicWALL SSL VPN 2000 X0 Management Station 2. Set the computer you use to manage the SonicWALL SSL-VPN 2000 to have a static IP address in the 192.168.200.x/24 subnet, such as 192.168.200.20.
5. The SonicWALL SSL-VPN management interface displays and prompts you to enter your user name and password. Enter “admin” in the User Name field, “password” in the Password field, select LocalDomain from the Domain drop-down list and click the Login button.
4 Configuring Your SonicWALL SSL-VPN 2000 Once your SonicWALL SSL-VPN 2000 is connected to a computer through the management port (X0), it can be configured through the Web-based management interface.
3. Enter a password for the “admin” account in the Password field. Re-enter the password in the Confirm Password field. 4. Click the OK button to apply changes. Adding a Local User 1. 2. 3. 4. 5. 6. Navigate to the Users > Local Users page. Click the Add User button. Enter the desired user name in the User Name field. Select LocalDomain from the GroupDomain drop-down menu. Supply a password for the user in the Password field. Confirm the new password. Select User from the User Type drop-down menu. 7.
Setting Time Zone 1. Navigate to the System > Time page. 2. Select the appropriate time zone from the drop-down menu. 3. Click the Accept button. Note: Setting the time correctly is essential to many of the operations of the SonicWALL SSL-VPN 2000. Be sure to set the time-zone correctly. Automatic synchronization with an NTP server (default setting) is encouraged to ensure accuracy. Configuring SSL-VPN Network Settings You will now configure your SSL-VPN 2000 network settings.
4. (Optional) Enter a secondary DNS server in the Secondary DNS Server field. 5. (Optional) Enter your DNS Domain in the DNS Domain Field. 6. (Optional) Enter your WINS servers in the Primary WINS Server and Secondary WINS Server fields. 7. Click the Accept button.
3. In the Interface Settings dialog box, set the IP address and netmask to: If you are using scenario: Set the X0 interface to: B - SSL-VPN on an Existing DMZ IP Address: An unused address within your DMZ subnet, for example: 10.1.1.240. Subnet Mask: Must match your DMZ subnet mask. C - SSL-VPN on the LAN IP Address: An unused address within your LAN subnet, for example: 192.168.168.200. Subnet Mask: Must match your LAN subnet mask. 4. Click OK.
3. Select X0 in the Interfaces drop down list. 4. Click the Accept button. Adding a NetExtender Client Route NetExtender allows remote clients to have seamless access to resources on your local network. 1. Navigate to the NetExtender > Client Routes page. 2. Click the Add Client Route button. 3. Enter the IP address of the trusted network to which you would like to provide access with NetExtender in the Destination Network field. (For example, if you are connecting to an existing DMZ with the network 192.
Setting your NetExtender Address Range The NetExtender IP range defines the IP address pool from which addresses will be assigned to remote users during NetExtender sessions. The range needs to be large enough to accommodate the maximum number of concurrent NetExtender users you wish to support.
To set your NetExtender address range, perform the following steps: 1. Navigate to the NetExtender > Client Settings page. 2. Enter an address range for your clients in the Client Address Range Begin and Client Address Range End fields. Scenario A 192.168.200.100 to 192.168.200.200 (default range) Scenario B An unused range within your DMZ subnet. Scenario C An unused range within your LAN subnet.
Connecting the SonicWALL SSL-VPN 2000 Before continuing, reference the diagrams on the following pages to connect the SonicWALL SSL-VPN 2000 to your network. Refer to the table in “Selecting a SonicWALL Recommended Deployment Scenario” on page 3 to determine the proper scenario for your network configuration.
Scenario B: Configuring Your Network Interface Configure your SonicWALL SSL-VPN 2000 to connect with your SonicWALL UTM appliance under network configurations given in Scenario B. On your SonicWALL SSL-VPN 2000: 1. Navigate to the Network > Interfaces page. 2. Click the Configure button for the X0 port. 3. If configuring with Scenario B, enter an unused IP address in your DMZ subnet in the IP Address field. 4. Enter your subnet mask in the Subnet Mask field. 5. Click the OK button to apply changes.
Scenario B: Connecting the SonicWALL SSL-VPN 2000 To connect the SonicWALL SSL-VPN 2000 using Scenario B, perform the following steps: 1. Connect one end of an Ethernet cable to an unused port on your DMZ, either directly to the OPT or X2 on your existing SonicWALL UTM appliance or to a hub or switch on your DMZ.
Scenario C: Configuring Your Network Interface Configure your SonicWALL SSL-VPN 2000 to connect to your SonicWALL UTM appliance under network configurations given in Scenario C. On the SonicWALL SSL-VPN 2000: 1. Navigate to the Network > Interfaces page. 2. Click the Configure button for the X0 port. 3. Enter an unused IP address in your LAN in the IP Address field. 4. Enter your subnet mask in the Subnet Mask field. 5. Click the OK button to apply changes.
Scenario C: Connecting the SonicWALL SSL-VPN 2000 To connect the SonicWALL SSL-VPN 2000 using Scenario C, perform the following steps: 1. Connect one end of an Ethernet cable to an unused port on your LAN hub or switch. Scenario C: SSL-VPN on the LAN Gateway Device Switch/ Hub LAN port Internet connection SonicWALL SSL VPN 2000 X0 Network Nodes Remote Users Internet Zone LAN 2. Connect the other end of the Ethernet cable to the X0 port on the front of your SonicWALL SSL-VPN 2000.
Configuring Your Gateway Device Now that you have set up your SonicWALL SSL-VPN 2000, you need to configure your gateway device to work with the SonicWALL SSL-VPN 2000. Refer to the table in “Selecting a SonicWALL Recommended Deployment Scenario” on page 3 to determine the proper scenario for your network configuration.
Scenario A: Configuring a DMZ or OPT Port in SonicOS Standard 1. 2. 3. 4. 5. Navigate to the Network > Settings page. Click the Configure button for the DMZ or OPT interface. Select the DMZ in NAT Mode radio button. Enter 192.168.200.2 in the DMZ Private Address field. Enter 255.255.255.0 in the DMZ Subnet Mask field. 6. Click the OK button.
4. In the Step 1: Access Rule Type page, select Public Server Rule and then click Next. 5. In the Step 2: Public Server page, perform the following selections and then click Next: Service HTTPS Server IP Address The X0 IP address of the SonicWALL SSL-VPN appliance, 192.168.200.1 by default Destination Interface DMZ 6. In the Congratulations page, click Apply to create the rules and allow access from the WAN to the SonicWALL SSL-VPN appliance on the DMZ.
If you are allowing HTTP access to the SonicWALL SSL-VPN appliance, create a public server access rule for HTTP: 1. 2. 3. 4. In the Firewall > Access Rules page, click . In the Welcome to the Network Access Rules Wizard page, click Next. In the Step 1: Access Rule Type page, select Public Server Rule. Click Next. In the Step 2: Public Server page, perform the following selections and click Next: Service Web (HTTP) Server IP Address The X0 IP address of the SonicWALL SSL-VPN appliance, 192.168.200.
7. In the Step 4: Access Rule Source Interface and Address page, perform the following selections and then click Next: Page 24 Interface DMZ IP Address Begin The X0 IP address of the SonicWALL SSL-VPN appliance, 192.168.200.1 by default IP Address End The X0 IP address of the SonicWALL SSL-VPN appliance, 192.168.200.
8. In the Step 5: Access Rule Destination Interface and Address page, perform the following selections and then click Next: Interface LAN IP Address Begin * IP Address End Leave blank 9. In the Step 6: Access Rule Time page, leave Time Active set to Always Active unless you want to limit when you want SSL-VPN clients to have access to the LAN. 10. In the Congratulations page, click Apply to create the access rule.
Create access to the LAN for NetExtender: 1. 2. 3. 4. In the Firewall > Access Rules page, click . In the Welcome to the SonicWALL Network Access Rules page, click Next. In the Step 1: Access Rule Type page, select General Rule. Click Next. In the Step 2: Access Rule Service page, select Any. Click Next. 5. In the Step 3: Access Rule Action page, configure: Select Action for this Rule Allow TCP Connection Inactivity TImeout 30 minutes Click Next. 6.
Scenario A: Adding a New SSL-VPN Custom Zone in SonicOS Enhanced 1. Navigate to the Network > Interfaces page. 2. Click Configure button for the X2 interface (or any other available interface). 3. Select Create New Zone in Zone field. The Add Zone window opens. 4. 5. 6. 7. 8. 9. 10. 11. 12. Type SSLVPN in the Name field. Select Public from the Security Type drop-down menu. Un-check the Allow Interface Trust checkbox. Select the Gateway AV, Intrusion Prevention Service and Anti-Spyware checkboxes.
Scenario A: Allowing WAN -> SSL-VPN Connection in SonicOS Enhanced Follow this procedure if you are connecting your SonicWALL SSL-VPN 2000 to a SonicWALL UTM appliance running SonicOS Enhanced. If your SonicWALL UTM appliance is running SonicOS Standard, refer to “Scenario A: Allowing WAN -> DMZ Connection in SonicOS Standard” on page 21. Create a public server access rule for HTTP and HTTPS traffic: 1. In the top right corner of the management interface, click the Wizards icon. 2.
4. In the Add Service Group dialog box, create a service group for HTTP and HTTPS: • Enter a name for the service. • Select both HTTP and HTTPS and click the right arrow button • Click OK when both HTTP and HTTPS are in the right column. 5. In the Server Private Network Configuration page, enter: . Server Name A name for your SonicWALL SSL-VPN 2000 Server Private IP Address The X0 IP address of the SonicWALL SSL-VPN appliance, 192.168.200.
7. In the Server Public Information page, either accept the default IP address or enter an IP address in your allowed public IP range. Note: The default IP address is the WAN IP address of your SonicWALL UTM appliance. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SSL-VPN 2000. 8. Click Next. 9. The Public Server Configuration Summary page displays all the configuration actions that will be performed to create the public server.
Scenario A: Allowing SSL-VPN -> LAN Connection in SonicOS Enhanced When users have connected to the SSL-VPN, they need to be able to connect to resources on the LAN. 1. In the administration interface, navigate to the Network > Address Objects page. 2. In the Address Objects section, click . 3.
5. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Name Enter a name for NetExtender Zone Assignment SSLVPN Type Range Starting IP Address The start of the NetExtender IP address range, 192.168.200.100 by default Ending IP Address The end of the NetExtender IP address range, 192.168.200.200 by default Click OK to create the object. 6. On the Network > Address Objects page, in the Address Groups section, click . 7.
9. On the Firewall > Access Rules page in the matrix view, click the SSLVPN > LAN icon. 10. On the resulting Firewall > Access Rules page, click .
11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Action Allow From Zone SSLVPN To Zone LAN Service Any Source The address group you just created, such as SonicWALL_SSLVPN_Group Destination Any Users Allowed All Schedule Always on Enable Logging Selected Allow Fragmented Packets Selected Click OK to create the rule.
Scenario B: SSL-VPN on Existing DMZ This section provides procedures to configure your gateway appliance based on Scenario B.
4. In the Step 1: Access Rule Type page, select Public Server Rule and then click Next. 5. In the Step 2: Public Server page, perform the following selections and then click Next: Service HTTPS Server IP Address The X0 IP address of the SonicWALL SSL-VPN appliance within your DMZ range, for example 10.1.1.200. Destination Interface DMZ 6. In the Congratulations page, click Apply to create the rules and allow access from the WAN to the SonicWALL SSL-VPN appliance on the DMZ.
If you are allowing HTTP access to the SonicWALL SSL-VPN appliance, create a public server access rule for HTTP: 1. 2. 3. 4. In the Firewall > Access Rules page, click . In the Welcome to the Network Access Rules Wizard page, click Next. In the Step 1: Access Rule Type page, select Public Server Rule. Click Next.
6. In the Step 4: Access Rule Source Interface and Address page, perform the following selections and then click Next: Page 38 Interface DMZ IP Address Begin The X0 IP address of the SonicWALL SSL-VPN appliance within your DMZ range, for example 10.1.1.200. IP Address End The X0 IP address of the SonicWALL SSL-VPN appliance, the same as above, for example 10.1.1.200.
7. In the Step 5: Access Rule Destination Interface and Address page, perform the following selections and then click Next: Interface LAN IP Address Begin * IP Address End Leave blank 8. In the Step 6: Access Rule Time page, leave Time Active set to Always Active unless you want to limit when you want SSL-VPN clients to have access to the LAN. 9. In the Congratulations page, click Apply to create the access rule.
Create access to the LAN for NetExtender: 1. 2. 3. 4. 5. In the Firewall > Access Rules page, click . In the Welcome to the SonicWALL Network Access Rules page, click Next. In the Step 1: Access Rule Type page, select General Rule. Click Next. In the Step 2: Access Rule Service page, select Any. Click Next. In the Step 3: Access Rule Action page, perform the following selections and then click Next: Select Action for this Rule Allow TCP Connection Inactivity Timeout 30 minutes 6.
Scenario B: Allowing WAN -> DMZ Connection in SonicOS Enhanced Follow this procedure if you are connecting your SonicWALL SSL-VPN 2000 to a SonicWALL UTM appliance running SonicOS Enhanced. If your SonicWALL UTM appliance is running SonicOS Standard, refer to “Scenario A: Allowing WAN -> DMZ Connection in SonicOS Standard” on page 21.
4. In the Add Service Group dialog box, create a service group for HTTP and HTTPS: • Enter a name for the service. • Select both HTTP and HTTPS and click . • Click OK when both HTTP and HTTPS are in the right column. 5. In the Public Server Type page, click Next. 6.
7. In the Server Public Information page, either accept the default IP address or enter an IP address in your allowed public IP range. Note: The default IP address is the WAN IP address of your SonicWALL UTM appliance. If you accept this default, all HTTP and HTTPS traffic to this IP address will be routed to your SonicWALL SSL-VPN 2000. 8. Click Next. 9. The Public Server Configuration Summary page displays all the configuration actions that will be performed to create the public server.
3. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Name Enter a name for the SonicWALL SSL-VPN 2000 Zone Assignment DMZ Type Host IP Address The SonicWALL SSL-VPN 2000’s X0 interface IP address within your DMZ range, for example, 10.1.1.200 Click OK to create the object. 4. Click again to create an address object for the NetExtender range. 5.
7. In the Add Address Object Group dialog box, create a group for the X0 interface IP address of your SonicWALL SSL-VPN 2000 and the NetExtender IP range: • • Enter a name for the group. In the left column, select the two groups you created and click the arrow button . • Click OK when both objects are in the right column to create the group. 8. In the administrative interface, navigate to the Firewall > Access Rules page. 9. On the Firewall > Access Rules page in the matrix view, click the DMZ > LAN icon.
11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Action Allow From Zone DMZ To Zone LAN Service Any Source The address group you just created, such as SonicWALL_SSLVPN_Group Destination Any Users Allowed All Schedule Always on Enable Logging Selected Allow Fragmented Packets Selected Click OK to create the rule.
Scenario C: SSL-VPN on the LAN This section provides procedures to configure your gateway appliance based on Scenario C.
3. In the Add Object dialog box, create an address object for the X0 interface IP address of your SonicWALL SSL-VPN 2000: Name Enter a name for the SonicWALL SSL-VPN 2000 Zone Assignment SSLVPN Type Host IP Address The SonicWALL SSL-VPN 2000’s X0 IP address, 192.168.200.1 by default Click OK to create the object. 4. Click again to create an address object for the NetExtender range. 5.
7. In the Add Address Object Group dialog box, create a group for the X0 interface IP address of your SonicWALL SSL-VPN 2000 and the NetExtender IP range: • • Enter a name for the group. In the left column, select the two groups you created and click the arrow button . • Click OK to create the group when both objects are in the right column. 8. In the administrative interface, navigate to the Firewall > Access Rules page. 9.
11. In the Add Rule window, create a rule to allow access to the LAN for the address group you just created: Action Allow From Zone SSLVPN To Zone LAN Service Any Source The address group you just created, such as SonicWALL_SSLVPN_Group Destination Any Users Allowed All Schedule Always on Enable Logging Selected Allow Fragmented Packets Selected Click OK to create the rule.
Scenario C: Setting Public Server Access in SonicOS Standard 1. 2. 3. 4. Select Wizards in the left navigation bar. Click the Network Access Rules Wizard option and press the Next button. Select Public Server Rule. Enter a comment, such as “WAN to SSL-VPN” to describe your connection. 5. Click the Next button to continue the Wizard. 6. Select HTTPS from the Service drop-down list. 7. Enter 192.168.168.
Scenario C: Setting Public Server Access in SonicOS Enhanced 1. Click the Wizards icon in the top right corner of the SonicOS Enhanced management interface. 2. Select the Public Server Wizard option and then click Next. 3. Select Web Server from the Server Type drop-down menu. 4. Select the HTTP and HTTPS checkboxes. 5. Click the Next button to continue the Wizard. 6. Enter SSLVPN in the Server Name field. 7. Enter 192.168.168.
8. Enter a comment, such as “WAN to SSL-VPN” to describe your connection. 9. Click the Next button to continue the Wizard. 10. Verify that the Public Server field contains the correct IP address (You can generally leave this at the default setting). 11. Click the Next button. 12. Click the Apply button.
Testing Your SSL-VPN Connection Now you have configured your SonicWALL UTM appliance and SonicWALL SSLVPN 2000 for secure SSL VPN remote access.This section provides instructions to verify your SSL-VPN connection using a remote client on the WAN. Verifying a User Connection from the Internet 1.
5. Click the NetExtender button and complete the client installation. When complete, the following message is displayed: 6. Ping a host on your corporate LAN to verify your SSL-VPN remote connection. Congratulations! You have successfully set up your SonicWALL SSL-VPN 2000.
Registering Your SonicWALL SSL-VPN 2000 Before You Register Verify that the time, DNS, and default route settings on your SonicWALL SSL-VPN are correct before you register your appliance. To verify or configure the time settings, navigate to the System > Time page. To verify or configure the DNS setting, navigate to the Network > DNS page. To verify or configure the default route, navigate to the Network > Routes page. You need a MySonicWALL account to register the SonicWALL SSL-VPN 2000.
3. On the System > Licenses page, click Activate, Upgrade, or Renew services. The License Management page is displayed. 4. If you have a mySonicWALL.com account, enter your mySonicWALL.com user name and password into the fields and then click Submit. The display changes. 5. Enter a descriptive name for your SonicWALL SSL-VPN in the Friendly Name field.
6. Under Product Survey, fill in the requested information and then click Submit. The display changes to inform you that your SonicWALL SSL-VPN 2000 is registered. 7. Click Continue. 8. In the License Management page, your latest license information is displayed. Congratulations Your SonicWALL SSL-VPN 2000 is now fully operational. After registration, some network environments require the SSL-VPN appliance to be offline so that it is unable to connect to the SonicWALL licensing server.
Configuring Dynamic DNS To begin using Dynamic DNS, you must first set up an account with one of the four free service providers listed below: • • • • DynDNS.org changeip.com No-IP.com yi.org It is possible to use multiple providers simultaneously. The registration process normally involves a confirmation email from the provider, with a final acknowledgment performed by visiting a unique URL embedded in the confirmation email.
To configure Dynamic DNS on the SonicWALL UTM appliance, perform these steps: 1. On the Network > Dynamic DNS page, click the Add button. The Add DDNS Profile window is displayed. 2. If Enable this DDNS Profile is selected, the profile is administratively enabled, and the SonicWALL UTM appliance takes the actions defined in the Online Settings section on the Advanced tab. 3. If Use Online Settings is selected, the profile is administratively online. 4.
7. Enter the fully qualified domain name (FQDN) of the hostname you registered with dyndns.org. Make sure you provide the same hostname and domain as you configured. 8. You may optionally select Enable Wildcard and/or configure an MX entry in the Mail Exchanger field. 9. Click the Advanced tab. You can typically leave the default settings on this page. 10. The On-line Settings section provides control over what address is registered with the dynamic DNS provider.
Configuring a Static IP Address If you did not enable the SonicWALL UTM appliance DHCP server, you must configure each computer with a static IP address from your LAN or WLAN IP address range. After the SonicWALL SSL-VPN 2000 has restarted, follow the steps below for configuring your network clients running any of the following Microsoft Windows operating systems on your LAN/WLAN: Windows Vista 1. From the Start menu, right-click Network and select Properties. 2.
Windows 2000 1. 2. 3. 4. 5. 6. 7. From your Windows Start menu, select Settings. Open Network and Dial-up Connections. Click Properties. Highlight Internet Protocol (TCP/IP) and click Properties. Select Use the following IP address. Type an IP address from your LAN IP range IP address field. Type the appropriate subnet mask (for example, 255.255.255.0) in the Subnet Mask field. 8. Type the SonicWALL SSL-VPN 2000 LAN IP Address into the Default Gateway field. 9.
Mounting Guidelines The SonicWALL SSL-VPN 2000 is designed to be mounted in a standard 19-inch rack mount cabinet. The following conditions are required for proper installation: • • • • • • • • • Page 64 Use the mounting hardware recommended by the rack manufacturer and ensure that the rack is adequate for the application. SonicWALL includes a rack mounting kit with the SonicWALL SSL-VPN appliance that is compatible with most computer equipment racks.
Glossary of Networking Terms ActiveX - A technology that allows the sharing of applications and data across the Web. For example, Active X allows you to view Microsoft Word and Adobe Acrobat documents within the Internet Explorer Web browser without downloading the files and launching the appropriate application. The SonicWALL SSL VPN network client, NetExtender, uses an ActiveX control when launched or installed from Internet Explorer on Windows. With Firefox, XPCOM is used, which is similar to ActiveX.
SSL VPN - Secure Socket Layer Virtual Private Networking. A secured private communications network usually used within a company, or by several different companies or organizations, communicating over a public network. SSL technology is used either for tunneling the entire network stack, or for securing what is essentially a Web proxy. Subnet - A portion of a network. Each subnet within a network shares a common network address and is uniquely identified by a subnetwork number.
SonicWALL Global Support Services On your appliance, on the Web, and on the phone, we make it easy and fast to find the information you need to keep your SonicWALL solution, and your network, running smoothly and efficiently. Use the Online Help. Every SonicWALL security appliance includes Web-based online help available from the management interface. Clicking the question mark button on the top-right corner of every page accesses the context-sensitive help for that page.
Customer Support SonicWALL offers Web-based and telephone support to customers who have a valid Warranty or who purchased a Support Contract. Please review our Warranty Support Policy for product coverage. SonicWALL also offers a full range of consulting services to meet your needs, from our innovative implementation services to traditional statement of work-based services. For telephone support, please have the serial number of your registered hardware solution ready when you call.
Extend Your Support Coverage. SonicWALL Dynamic Support Services extend the support coverage on your SonicWALL solution beyond the warranty period. Our 8x51 and 24x7 support services include critical software and firmware updates, expert telephone and Web-based support, Advance Exchange hardware replacement, and access to electronic self-help tools — all for one low price. • • • • Take advantage of the latest features through software and firmware updates and upgrades.
Knowledge Portal The Knowledge Portal allows users to search for SonicWALL documents based on the following types of search tools: • • • Browse Search for keywords Full-text search For further information, navigate to the Support > Knowledge Portal page at:
User Forums The SonicWALL User Forums is a resource that provides users the ability to communicate and discuss a variety of security and appliance subject matters.
Training SonicWALL offers an extensive sales and technical training curriculum for Network Administrators, Security Experts and SonicWALL Medallion Partners who need to enhance their knowledge and maximize their investment in SonicWALL Products and Security Applications. SonicWALL Training provides the following resources for its customers: • • • • • E-Training Instructor-Led Training Custom Training Technical Certification Authorized Training Partners For further information, visit:
Related Documentation See the following related documents for more information: • • • • • • • • • • • • SonicWALL SSL-VPN Administrator’s Guide SonicWALL SSL-VPN Release Notes SonicWALL SSL-VPN Feature Modules • SonicWALL SSL-VPN 3.0 Virtual Assist Feature Module • SonicWALL SSL-VPN 3.0 NetExtender Feature Module • SonicWALL SSL-VPN 3.0 File Shares Applet Feature Module • SonicWALL SSL-VPN 3.0 HTTP(S) Reverse Proxy Feature Module • SonicWALL SSL-VPN 3.
SonicWALL Live Product Demos The SonicWALL Live Demo Site provides free test drives of SonicWALL security products and services through interactive live product installations: • SSL VPN Secure Remote Access • Unified Threat Management Platform • Secure Cellular Wireless • Continuous Data Protection • Content Filtering • Secure Wireless Solutions • Email Security • SonicWALL GMS and ViewPoint For further information, visit:
SonicWALL Secure Wireless Network Integrated Solutions Guide The Official Guide to SonicWALL’s market-leading wireless networking and security devices. This 512-page book is available in hardcopy. Order the book directly from Elsevier Publishing at:
SonicWALL Global Technical Assistance Center Contact Information Table 2: Global Technical Assistance Contact List Country Toll Free Phone Number Toll Phone Number Calling from North America (Support available in English) United States +1 888.777.1476 Canada +1 888.777.1476 Calling from Europe, the Middle East and Africa (Support available in English, French, German, Italian, and Spanish) Austria +43 (0) 820.400.105 Belgium +31 (0) 411.617.810 Czech Republic +31 (0) 411.617.810 Denmark 807.02.
Calling from Asia Pacific (Support available in English except for Japan where support is offered in Japanese only) Australia +1 800.35.1642 Hong Kong +1 800.93.0997 India 000.800.100.3395 Japan +81 (0)3.3457.8971 New Zealand 800.446489 Singapore + 800.110.1441 Calling from Latin America (Support available in English) Brazil 0800.891.4306 Mexico +1 888.777.
SonicWALL SSL-VPN 2000 Regulatory Statement and Safety Instructions Regulatory Model/Type Product Name 1RK0A-02A SSL-VPN 2000 This regulatory information can also be found in the electronic file, “SonicWALL_SSL-VPN_Regulatory_Statement.pdf,” located on the SonicWALL Web site: . FCC Part 15 Class A Notice NOTE: This equipment was tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
VCCI Statement Canadian Radio Frequency Emissions Statement This Class A digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe A est conforme à toutes la norme NMB-003 du Canada. CISPR 22 (En 55022) Class A Warning: This is a class A product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.
Regulatory Information for Korea All products with country code “” (blank) and “A” are made in the USA. All products with country code “B” are made in China. All products with country code “C” or “D” are made in Taiwan R.O.C. Lithium Battery Warning The Lithium Battery used in the SonicWALL Internet security appliance may not be replaced by the user. The SonicWALL must be returned to a SonicWALL authorized service center for replacement with the same or equivalent type recommended by the manufacturer.
Copyright Notice © 2008 SonicWALL, Inc. All rights reserved. Under the copyright laws, this manual or the software described within, can not be copied, in whole or part, without the written consent of the manufacturer, except in the normal use of the software to make a backup copy. The same proprietary and copyright notices must be affixed to any permitted copies as were affixed to the original.
Notes Page 82 Declaration of Conformity
Notes SonicWALL SSL-VPN 2000 Getting Started Guide Page 83
Notes Page 84 Declaration of Conformity
SonicWALL, Inc. 1143 Borregas Avenue T +1 408.745.9600 Sunnyvale CA 94089-1306 F +1 408.745.9300 www.sonicwall.com PN: 232-001458-50 Rev A ©2008 SonicWALL, Inc. is a registered trademark of SonicWALL, Inc. Other product names mentioned herein may be trademark s and/or registered trademark s of their respective companies. Spec ations and descriptio ns subject to change withou t notice.