User's Manual

SonicWALL SSL-VPN 2000 Getting Started Guide Page 37

If you are allowing HTTP access to the SonicWALL SSL-VPN appliance, create a public

server access rule for HTTP:

1. In the Firewall > Access Rules page, click .

2. In the Welcome to the Network Access Rules Wizard page, click Next.

3. In the Step 1: Access Rule Type page, select Public Server Rule. Click Next.

4. In the Step 2: Public Server page, perform the following selections and click Next:

5. In the Congratulations page, click Apply to create the rules and allow access from

the WAN to the SonicWALL SSL-VPN appliance on the DMZ.

Scenario B: Allowing DMZ -> LAN Connection in SonicOS Standard

When users have connected to the SSL-VPN, they need to be able to connect to

resources on the LAN. You need to create two rules--one to allow traffic from the

SonicWALL SSL-VPN appliance’s X0 interface to your LAN, and one to allow traffic from

NetExtender to your LAN.



Note: This procedure uses the Access Rule Wizard to create the rules. You can add

the rules manually by clicking Add at the bottom of the Firewall > Access Rules page.

Create access to the LAN for the SSL-VPN X0 interface:

1. In the Firewall > Access Rules page, click .

2. In the Welcome to the SonicWALL Network Access Rules Wizard page,

click Next.

3. In the Step 1: Access Rule Type page, select General Rule. Click Next.

4. In the Step 2: Access Rule Service page, select Any. Click Next.

5. In the Step 3: Access Rule Action page, perform the following selections and then

click Next:

Service Web (HTTP)

Server IP Address The X0 IP address of the SonicWALL SSL-VPN appliance

within your DMZ range, for example 10.1.1.200.

Destination Interface DMZ

Select Action for this

Rule

Allow

TCP Connection

Inactivity Timeout

30 minutes