TZ370

Andyw77

Hi

I would like to introduce myself my name is Andy and I am currently providing support to local small businesses for their IT. I am part time and its keeping me busy on my days off from my real job. (non IT)

I was for many years in the IT industry but I had a change of career around 10 years ago so i am a but behind with the times.

So I need some advice.

I have a client who has 10 pc's that were on a peer to peer network but I have just installed a Windows Server to increase their security

Windows Server 2019 Standard Edition acting as primary DNS, DHCP, DC and file shares.

THere are a couple of users that what to be able to access their desktops using remote desktop, they are currently using remote PC which is not ideal.

The server sits behind a BT router on BT ADSL we do have a static IP provided but it terminates at the router.

So I would like to setup a dial in VPN to the network and then allow that connection to Remote Desktop onto their local computer. I dont want to setup Windows Server to VPN but rather use a sonicwall device to do this, I am told a TZ370 is ideal.

Im just unsure exactly how to configure it.

I have purchased a BT OpenReach Modem box to give me a ethernet port for the firewall.

Are there any guides out there that can help me achieve setting up this firewall?

Many thanks

Andy

Saravanan

Hi @Andyw77,

Thank you for visiting SonicWall Community.

Please try using SonicWall Global VPN (GVC) or SonicWall SSLVPN. Based on how many licenses you have for these GVC or SSLVPN, you can determine which one is suitable for you. I have given you the config articles pertained to both these features.

https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-wan-groupvpn-for-connecting-with-global-vpn-client/170505850768290/

https://www.sonicwall.com/support/knowledge-base/how-do-i-configure-the-ssl-vpn-feature-for-use-with-netextender-or-mobile-connect/170505401898786/

Hope this helps.

TKWITS

You will need to have your connection to the ISP direct to the firewall (I'm guessing thats the OpenReach modem), and will need that connection to be 'bridged' so you have the public IP on the firewall interface.

I would recommended using SSLVPN. You may also want to consider using LDAP for SSLVPN authentication since you have a directory service.

https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-ldap-authentication-for-sslvpn-users

Arkwright

You will need to configure the Sonicwall WAN in PPPoE mode. Should be pretty straightforward to get it working, but check this discussion about static IPs from BT, it may be relevant:

https://community.sonicwall.com/technology-and-support/discussion/2592/gvpn-client-fails-to-connect-with-pppoe-fixed-ip