Here's how to configure the Sonicwall SSL-VPN from the CLI. I'm trying to improve my SonicWall command line skills, so I thought I'd post this here.
In addition to below, you'll also need to add your user to the SSL-VPN group under Users, Local Users.
I left out the part where you exit the config mode and are prompted to save the configuration. Just type yes.
This uses the tunnel-all mode. You'll need to setup add your routes manually if you're limiting access to certain networks.
C:\Documents and Settings\Administrator>ssh -v
OpenSSH_4.1p1, OpenSSL 0.9.8 05 Jul 2005
usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
[-D port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[user@]hostname [command]
C:\Documents and Settings\Administrator>ssh adminuser@2.2.2.2
The authenticity of host '2.2.2.2 (2.2.2.2)' can't be established.
RSA key fingerprint is --------------------------------------.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '2.2.2.2' (RSA) to the list of known hosts.
Copyright (c) 2012 Dell | SonicWALL, Inc.
Using username 'adminuser'.
Password:
adminuser@SonicwallSerialNumber> conf
config(SonicwallSerialNumber)# ssl-vpn server
(config-sslvpn-server)# port 4433
(config-sslvpn-server)# cipher aes256-sha1
(config-sslvpn-server)# sslvpn-access WAN
(config-sslvpn-server)# exit
config(SonicwallSerialNumber)# ssl-vpn profile
(config-sslvpn-profile)# device-profile "Default Device Profile"
(edit-sslvpn-profile-routes[Default Device Profile])# tunnel-all
(edit-sslvpn-profile-client[Default Device Profile])# exit
(edit-sslvpn-profile[Default Device Profile])# exit
(config-sslvpn-profile)# exit
config(SonicwallSerialNumber)# exit
adminuser@SonicwallSerialNumber> exitRead from remote host 2.2.2.2: Connection reset by peer
No comments:
Post a Comment