Configuring Users for SSL VPN Access

For users to be able to access SSL VPN services, they must be assigned to the SSLVPN Services group. Users who attempt to login through the Virtual Office who do not belong to the SSLVPN Services group will be denied access.

The maximum number of SSL VPN concurrent users for each Dell SonicWALL network security appliance model supported is shown in the following table.

 

Table 140. Maximum number of concurrent SSL VPN users

Dell SonicWALL appliance model

Maximum concurrent SSL VPN connections

SOHO W

50

TZ300/TZ300 W

50

TZ400/TZ400 W

100

TZ500/TZ500 W

150

TZ600

200

NSA 2600

250

NSA 3600

350

NSA 4600

500

NSA 5600

1000

NSA 6600

1500

SM 9200

3000

SM 9400

3000

SM 9600

3000
Topics:
Configuring SSL VPN Access for Local Users
Configuring SSL VPN Access for RADIUS Users
Configuring SSL VPN Access for LDAP Users

Configuring SSL VPN Access for Local Users

To configure users in the local user database for SSL VPN access, you must add the users to the SSLVPN Services user group.

To configure SSL VPN access for local users, perform the following steps:
1
Navigate to the Users > Local Users page.

2
Click on the Configure icon for the user you want to edit, or click the Add User button to create a new user. The Edit User or (Add User) dialog displays.

3
Click on the Groups tab.

4
In the User Groups column, click on SSLVPN Services.
5
Click the Right Arrow button to move it to the Member Of column.
6
Click on the VPN Access tab. The VPN Access tab configures which network resources VPN users (GVC, NetExtender, or Virtual Office bookmarks) can access.
* 
NOTE: The VPN Access tab affects the ability of remote clients using GVC, NetExtender, and SSL VPN Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or Virtual Office users to access a network resource, the network address objects or groups must be added to the Access List on the VPN Access tab.

7
Select one or more network address objects or groups from the Networks list and click the Right Arrow button to move them to the Access List column.

To remove the user’s access to a network address objects or groups, select the network from the Access List, and click the Left Arrow button .

8
Click OK.

Configuring SSL VPN Access for RADIUS Users

To configure RADIUS users for SSL VPN access, you must add the users to the SSLVPN Services user group.

To configure SSL VPN access for RADIUS users, perform the following steps:
1
Navigate to the Users > Settings page.

2
In the Authentication Method for login drop-down menu, select RADIUS or RADIUS + Local Users. The options change slightly.
3
Click the Configure RADIUS button. The RADIUS Configuration dialog displays.

4
Click the RADIUS Users tab.

5
In the Default user group to which all RADIUS users belong drop-down menu, select SSLVPN Services.
* 
NOTE: The VPN Access tab in the Edit User dialog is also another granular control on access for both Virtual Office Bookmarks and for NetExtender access.
6
Click OK.

Configuring SSL VPN Access for LDAP Users

To configure LDAP users for SSL VPN access, you must add the LDAP user groups to the SSLVPN Services user group.

To configure SSL VPN access for LDAP users, perform the following steps:
1
Navigate to the Users > Settings page.

2
From the User authentication method drop-down menu, select either LDAP or LDAP + Local Users. The options change slightly.
3
Click the Configure LDAP button to launch the LDAP Configuration dialog.

4
Click on the Users & Groups tab.

5
From the Default LDAP User Group drop-down menu, select SSLVPN Services.
* 
NOTE: The VPN Access tab in the Edit User dialog is also another granular control on access for both Virtual Office Bookmarks and for NetExtender access.
6
Click OK.