Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Management over SSL VPN

Hello again,


I'm having this strange issue with the SSL Management.

I can't use the default admin user to log in to the firewall when connected by SSL VPN, I get this error...

But if I create a new user and give it the Administrator permissions, I can use this new user...

Category: Mid Range Firewalls
Reply
Tagged:

Answers

  • SonicAdmin80SonicAdmin80 Enthusiast ✭✭

    I think at least on Gen 6 devices only the user used to connect with SSL-VPN can be used to log in to the appliance. Which is a little strange because it lowers security.

  • SaravananSaravanan Moderator

    Hi @CÉSAR_S,

    Thank you for visiting SonicWall Community.

    In SSLVPN and GVC, the login to SonicWall firewall is allowed only with the VPN user accounts and not the firewall's Super admin user account. If you want any of the VPN users to login to the firewall when the VPN is ON, please ensure to give the VPN user accounts administrator privilege.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • César_SCésar_S Newbie ✭

    Ah I see.

    So if you use one user to connect to the VPN you need to use that same user to manage the firewall, you can't user the default admin that comes with the firewall.

    Weird....

  • SonicAdmin80SonicAdmin80 Enthusiast ✭✭

    Yes it's a little weird because why wouldn't you want to use a separate account for VPN and administration. In case the VPN account is compromised would be beneficial if that account doesn't have any admin rights. Better to use MFA and hope it always works.

  • prestonpreston Enthusiast ✭✭
    edited April 30

    Hi @ SonicAdmin80, This is by default as the user is logged in to the appliance as a local user ( hence why it auto populates the username on the login form ), if you were to login to the appliance as the admin account it would log you out of Netextender, most people just RDP to a local PC or server whilst connected to Netextender and login to the Firewall from that PC with the default admin account. this way you don't need to give users sonicwall admin rights

  • SonicAdmin80SonicAdmin80 Enthusiast ✭✭

    A bit of a roundabout way and a suitable computer to connect to might not always be available. I would use either MFA or centralized management instead. Although they might not be failure proof the same way a direct connection is.

Sign In or Register to comment.