Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Cannot access SSL VPN workspace website

I just installed a new TZ270 firewall into a company I consult for. It is running the newest version of the 7.x firmware. Following the instructions outlined in this SonicWall KB, How do I configure the SSL-VPN feature for use with NetExtender or Mobile Connect? | SonicWall, I configured the SSL VPN feature. When I try to connect port 443 from the outside Internet I receive an error within the web browser "unable to connect". I did a packet capture from the firewall and am see packets on the WAN side of the firewall going to TCP port 443 are being dropped. There looks to be an auto-created firewall rule on the WAN side which is configured to discard all SSLVPN/TCP 443 packets. I cannot delete this firewall rule as it was auto-created.

I think this auto-created firewall rule is what is cause the SSL VPN not to work. If someone could advise me on how to delete this auto-created rule within SONICOS 7 or now to configure the SSL VPN to not have this rule created.


Thank you in advance for everyone's help.

Joel

Category: Entry Level Firewalls
Reply
Tagged:

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @Nentwich

    Make sure the SSL VPN port which you configured in Firewall. In default it should be 4433.


  • NentwichNentwich Newbie ✭

    @Ajishlal, the SSL VPN port was already set to 443. When I change the port number to something else the SSLVPN service object is updated to the new port and I am still unable to access the SSL VPN website.

    The question I have is how do I delete auto generated firewall rules in SONICOS 7?

  • TKWITSTKWITS All-Knowing Sage ✭✭✭✭

    You should not have to manipulate any of the auto-generated rules. Is your connection to your ISP bridged (e.g. you have a public IP address on your WAN interface)? Do you have management enabled on your WAN interface on port 443?

  • NentwichNentwich Newbie ✭

    The connection is not ISP bridged; the WAN port has a static public IP address. I have also changed the port number on which the management website runs on in order for it not to conflict with the port 443 which is change is configured on the SSL VPN website.

    For testing purposes is there anyway to delete/modify auto-generated rules in SONICOS7 like you could in SONICOS6.x?

    Joel

  • JohnGJohnG Newbie ✭

    Good luck...we have been fighting with SSL VPN and 7.x firmware for over a month now. I truly believe there's an issue with the firmware. Sonicwall doesn't know how to solve our problem.

Sign In or Register to comment.