SonicWALL SSL-VPN Appliance Testing Steps:
Step 1 From the System > Diagnostics page, verify that you can ping 192.168.200.2 (the X2 interface on the SonicWALL security appliance).
Step 2 From the System > Diagnostics page, verify that you can resolve and ping Internet host time.nist.gov.
Step 3 Visit the Users > Status page after successfully authenticating a user (next section) to verify session status.
Wireless Client Testing Steps:
Step 1 Associate with the SSID configured on the SonicPoint.
Step 2 Verify that you obtain a DHCP lease in the appropriate address range (e.g. 172.16.31.x).
Step 3 Launch a Web-browser, and attempt to request a page.
Step 4 Your session should be redirected to the SSL-VPN Custom Portal page. Login using appropriate credentials. Note: When using LDAP against Active Directory, you must currently use your full name rather than your logon name. Click the Login button.
Step 5 Upon successful authentication, you will be presented with the custom portal page.
Figure 78 My Custom Portal Welcome Page
Step 6 You should see the two Network Resource Bookmarks you created on Page 7 (Step 3).
Step 7 Test both of the Bookmarks.
Note At this point, you will only have access to Network Resources through the SonicWALL SSL-VPN appliance. You will not be able to reach the Internet, or undefined (non-Bookmarked) Network Resources on the LAN. Attempts to do so (e.g. if you try to browse to a site on the Internet like http://www.sonicwall.com) will cause Guest Services to redirect you back to the SSL-VPN login page. This is normal.
Step 8 To obtain access to all network resources, including the Internet, click on the Connect with
NetExtender link. This will update/install the NetExtender Virtual Adapter (as needed) and will
automatically connect to the SSL-VPN using NetExtender.
Step 9 A client route will be added to 0.0.0.0/0.0.0.0 (tunnel-all). All traffic from this host will now pass through the SSL-VPN, and through the upstream SonicWALL security appliance.
Step 10 You may close the NetExtender pop-up window. It will be minimized to your System Tray, but will persist, providing continued network access.
Step 11 Attempt to ping or otherwise use network resources on the SonicWALL LAN Network (e.g. 10.50.165.2).
Step 13 Attempt to ping or otherwise use network resources on the SSL-VPN X1 subnet (e.g. 192.168.201.1 or 192.168.201.10).
Step 14 As applicable, test that Security Services are being applied to your traffic (e.g. enable IPS Low Priority
Attack Detection and attempt to ping time.nist.gov. Visit the log page on the SonicWALL to verify that
IPS has detected the traffic, and see it originating from your NetExtender address (e.g. 192.168.200.102).
Remote Client Testing Steps:
Step 1 From the remote client (e.g. a dial-up connection to the internet, or as performed an actual remote user/assistant) visit http://www.whatismyip.com to determine your current IP address. Note this address.
Step 2 Now browse to the IP address or FQDN (if registered with DNS or DDNS) of your firewall (e.g. https://67.115.118.80, or https://moosifer.vpntestlab.com), or to the appropriate address if you have multiple public IP addresses, and used an address other than the Primary WAN IP.
Step 3 You should be presented with the SSL-VPN Virtual Office Portal page (or custom page, if you’ve so configured the LocalDomain portal.) Note: Since you are not providing a specific URL, the page presented will by the LocalDomain Portal rather than the myCustomPortal portal.
Step 4 Provide the credentials for the local user created during Getting Started Guide setup. If you did not create a local user, you may authenticate as admin and select the Virtual Office button in the navigation panel to launch the Virtual Office.
Step 5 Click the Connect with NetExtender button. This will update/install the NetExtender Virtual Adapter (as needed) and will automatically connect to the SSL-VPN using NetExtender.
Step 6 A client route will be added to 0.0.0.0/0.0.0.0 (tunnel-all). All traffic from this host will now pass through the SSL-VPN, and through the upstream SonicWALL security appliance.
Step 7 You may close the NetExtender pop-up window. It will be minimized to your System Tray, but will persist, providing continued network access.
Step 8 Once again, visit http://www.whatismyip.com. Your IP address should now be that of the SonicWALL security appliance in front of the SonicWALL SSL-VPN appliance (e.g. 67.115.118.80).
Step 9 Attempt to ping or otherwise use network resources on the SonicWALL LAN Network (e.g. 10.50.165.2).
Step 10 Attempt to ping or otherwise use network resources on the SSL-VPN X1 subnet (e.g. 192.168.201.1 or 192.168.201.10).
Step 11 As applicable, test that Security Services are being applied to your traffic (e.g. enable IPS Low Priority
Attack Detection and attempt to ping time.nist.gov. Visit the log page on the SonicWALL to verify that
IPS has detected the traffic, and see it originating from your NetExtender address (e.g. 192.168.200.102).