Noob looking to get started...
I just go the SRA demo, and am trying to get it up and running....
I have used Sonicwall for many years, but am new to SRA, so would appreciate some help in the right direction.
I'm trying to setup a demo that will authenticate my AD user and then implement AOV.
I have installed a wildcard SSL certificate, under "Server Certificate". I can log into https://aov.mydomain.com with no SSL issues.
Under Portals/Domains I have added my AD domain, and test is OK. I am able to log into the web portal using my AD username & password.
Under Clients/Settings, I have set client address pool to DHCP. Under Clients/Routes I have put in the route of the subnet where the SRA is located.
I am able to go to https://aov.mydomain.com and login with my AD userID & password. When I click NetExtender, it prompts to launch Sonicwall SMA Connect Agent.
When the NetExtender launches, I get Initializing connection parameters... failed!
When I tell it to reconnect, I get: SSL error happened, your OS may not support connecting to the server.
When I google that error, it says that my SSL cert needs to be 2040 bit (it is) and SHA256 (it is.)
Does anyone have a guide I can use on setting this up?
Are you on the latest firmware release? What do the appliance logs says about the connection? What OS and version are connecting from? What NetExtender version?
Win 10: 20H2
NetExtender: 10.2.300 / 10.2.302
Error Log: SSL error happened, your OS may not support connecting to the server. Please make sure the server has valid certificate setup.
Like I said, my cert is 2048 bits, using SHA256 encryption. My certificate is a wildcard - could that be the problem?
Using a wildcard cert is not a problem. A few things to try would be:
Change back to a device generated cert and attempt to connect. NetExtender will complain about the cert, but you can accept it temporarily.
Disable client auto-update in the client settings and attempt to connect with a different NetExtender version (at least 8.6.266).
Hope that helps.
I ran into this while in a similar situation (all up to date on firmware, NetExtender version, SSl Cert all correct.). Turns out I had upped the TLS settings making it more secure but also caused my issue. I ended up turning back on TLS 1.2 to resolve.
System->Administration->Global SSL/TLS Settings. I had set it to Modern Compatibility causing the issue. Changing to Intermediate Compatibility resolved the issue.