Solved

Remote access Sonicwall for mangement

Posted on 2016-07-15
12
118 Views
Last Modified: 2016-08-17
I find that I can only connect to my Sonicwall through local LAN. If I access it from another zone, it doesn't.

However, from the zone, I can access any servers without any problem. Those servers are located in the same zone as the Sonicwall.

Do I miss any configuration ? Any idea ?

Thx
0
Comment
Question by:AXISHK
12 Comments
 

Expert Comment

by:Timmeh
ID: 41711829
In Portals, did you set up Virtual host Settings? Like monitor.yourdomain?
If so, did you set up your hostfiles at your ISP and on your DNS?
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 41711858
Hi AXISHK,

Management, aka the ability to login to the GUI is controlled on the Interfaces page. But it is important to note that management setup is handled in two different ways based on the type of users who are logging in. The two groups are global admin or default admin and admins that are users who are assigned admins privileges.

In the former (if you are logging in as the Default Admin) all you need to do is go to the Network > Interfaces page and go to the Management: section and check the box next to HTTPS. This will auto add an Access Rule to the corresponding Zone. For example if you do this on the LAN then the Access Rule will be created on the WAN > WAN page allowing access for HTTPS Management.

In the latter (if you are logging in as a user who has Admin Privileges) then you'll need to follow the same steps but instead of checking the box on the Management: section you will need to do it for the User Login: section.

So double check that you have the checks in the correct location, in your case the WAN or whatever other Zone you wish to login in from. Also, for Remote Access make sure that you don't have any ports already open on 443 (WAN>LAN). If you do then change your management port by going to System > Administration then under Web Management Settings section change the HTTPS port from 443 to something else not used like 4443, etc. Keep in mind that when you try to login from a remote location you will need to put your IP plus the new management port if you changed it from the default (443), therefore it would be https://1.1.1.1:4443

Let me know if you have any questions!
0
 

Author Comment

by:AXISHK
ID: 41711869
This is the interface setup on my LAN.

If I am in wifi zone and access the LAN zone, I can't access to the sonicwall. Server access is fine however.

Thx
Interface.png
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 18

Expert Comment

by:Mal Osborne
ID: 41711870
You need to bring up the properties for the relevant interface, then tick the box highlighted in yellow.

Capture.JPG
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 41711874
Then in the WiFi interface click on the wrench to edit and follow my instructions above. Where is the WiFi interface located on the Switchport...e.g. X2, X3, etc.?
0
 

Author Comment

by:AXISHK
ID: 41712612
It is on X2.

Firewall rule seems to allow already. 10.0.1.1 is the firewall X0 (LAN) IP. I try to ping from Wifi zone (10.0.99.0).

Thx
Access1.png
Access2.png
Access3.png
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 41712615
OK, if you want to manage (login) to the SonicWALL from WLAN-MGMT you need to go to Interfaces find that Interface and check the HTTPS box. You will see it auto-create the proper Access Rule in WLAN-MGMT > WLAN-MGMT.
0
 

Author Comment

by:AXISHK
ID: 41714647
VPN user has been granted with "Sonicwall Administrators" . VPN client connect to port 4433 but still doesn't work. Any idea ??
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 41714730
So are you trying to manage it from every Zone? I'd definitely lime management to a few specific Zones. But in any case I have already provided the instruction on how to do this for all Zones except VPN. VPN management is a unique setup. Go to VPN > Settings, then click on the WAN GroupVPN and go to the Advanced tab, then next to Management via this SA: check HTTPS. Now you can manage the SonicWALL from every Zone including the VPN via GVC.
0
 

Author Closing Comment

by:AXISHK
ID: 41718245
Thx
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 41728954
No problem...glad I could help. Thanks for the points!
0
 
LVL 8

Expert Comment

by:J Spoor
ID: 41759105
By default the SonicWAL doesn't allow access to say the X0 IP address from the W0 LAN or X2 LAN.
You wil need to allow this in the firewall rule base (say WLAN to LAN) by adding an HTTPS management rule

View more example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question