Solved

Remote access Sonicwall for mangement

Posted on 2016-07-15
12
94 Views
Last Modified: 2016-08-17
I find that I can only connect to my Sonicwall through local LAN. If I access it from another zone, it doesn't.

However, from the zone, I can access any servers without any problem. Those servers are located in the same zone as the Sonicwall.

Do I miss any configuration ? Any idea ?

Thx
0
Comment
Question by:AXISHK
12 Comments
 

Expert Comment

by:Timmeh
Comment Utility
In Portals, did you set up Virtual host Settings? Like monitor.yourdomain?
If so, did you set up your hostfiles at your ISP and on your DNS?
0
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
Hi AXISHK,

Management, aka the ability to login to the GUI is controlled on the Interfaces page. But it is important to note that management setup is handled in two different ways based on the type of users who are logging in. The two groups are global admin or default admin and admins that are users who are assigned admins privileges.

In the former (if you are logging in as the Default Admin) all you need to do is go to the Network > Interfaces page and go to the Management: section and check the box next to HTTPS. This will auto add an Access Rule to the corresponding Zone. For example if you do this on the LAN then the Access Rule will be created on the WAN > WAN page allowing access for HTTPS Management.

In the latter (if you are logging in as a user who has Admin Privileges) then you'll need to follow the same steps but instead of checking the box on the Management: section you will need to do it for the User Login: section.

So double check that you have the checks in the correct location, in your case the WAN or whatever other Zone you wish to login in from. Also, for Remote Access make sure that you don't have any ports already open on 443 (WAN>LAN). If you do then change your management port by going to System > Administration then under Web Management Settings section change the HTTPS port from 443 to something else not used like 4443, etc. Keep in mind that when you try to login from a remote location you will need to put your IP plus the new management port if you changed it from the default (443), therefore it would be https://1.1.1.1:4443

Let me know if you have any questions!
0
 

Author Comment

by:AXISHK
Comment Utility
This is the interface setup on my LAN.

If I am in wifi zone and access the LAN zone, I can't access to the sonicwall. Server access is fine however.

Thx
Interface.png
0
 
LVL 16

Expert Comment

by:Malmensa
Comment Utility
You need to bring up the properties for the relevant interface, then tick the box highlighted in yellow.

Capture.JPG
0
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
Then in the WiFi interface click on the wrench to edit and follow my instructions above. Where is the WiFi interface located on the Switchport...e.g. X2, X3, etc.?
0
 

Author Comment

by:AXISHK
Comment Utility
It is on X2.

Firewall rule seems to allow already. 10.0.1.1 is the firewall X0 (LAN) IP. I try to ping from Wifi zone (10.0.99.0).

Thx
Access1.png
Access2.png
Access3.png
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 24

Expert Comment

by:diverseit
Comment Utility
OK, if you want to manage (login) to the SonicWALL from WLAN-MGMT you need to go to Interfaces find that Interface and check the HTTPS box. You will see it auto-create the proper Access Rule in WLAN-MGMT > WLAN-MGMT.
0
 

Author Comment

by:AXISHK
Comment Utility
VPN user has been granted with "Sonicwall Administrators" . VPN client connect to port 4433 but still doesn't work. Any idea ??
0
 
LVL 24

Accepted Solution

by:
diverseit earned 500 total points
Comment Utility
So are you trying to manage it from every Zone? I'd definitely lime management to a few specific Zones. But in any case I have already provided the instruction on how to do this for all Zones except VPN. VPN management is a unique setup. Go to VPN > Settings, then click on the WAN GroupVPN and go to the Advanced tab, then next to Management via this SA: check HTTPS. Now you can manage the SonicWALL from every Zone including the VPN via GVC.
0
 

Author Closing Comment

by:AXISHK
Comment Utility
Thx
0
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
No problem...glad I could help. Thanks for the points!
0
 
LVL 5

Expert Comment

by:JSpoor
Comment Utility
By default the SonicWAL doesn't allow access to say the X0 IP address from the W0 LAN or X2 LAN.
You wil need to allow this in the firewall rule base (say WLAN to LAN) by adding an HTTPS management rule

View more example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now