Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SMA500V Always on VPN?

kennymathews2003kennymathews2003 Newbie ✭
in Secure Mobile Access Appliances

I'm running SMA500V 10.2.1.4-31sv

I have several laptops joined to my domain that needs to log into the VPN before logging into windows when they are off-network. I've discovered and contacted SonicWALL regarding the issue where the network login icon is removed on the latest version of the net extender. Right now my solution is to keep the laptops on the older version of the net extender.

I've thought maybe it would solve my problem by switching over to an always-on VPN. However, I've enabled this feature and it doesn't appear to either work with this version of net extender or I'm missing a step. Has anyone successfully deployed an always-on VPN with the SMA appliance on the current release?

Category: Secure Mobile Access Appliances
Reply

Answers

  • Halon5Halon5 Enthusiast ✭✭

    We are looking at exactly these issues right now..

    Pretty disappointed that the NETWORK LOGON was removed as per your comments.

    will let you know how we get on.

  • kennymathews2003kennymathews2003 Newbie ✭

    I agree -- It was super simplistic to set up and train the users...


    I'm exploring the use of PKI and always-on VPN, but there isn't official documentation released for the 500V...

    I have to connect the tunnel before I log into windows because I use folder redirection and several other GPOs applied in Windows.. this for sure put a hiccup in my operations.

  • Halon5Halon5 Enthusiast ✭✭

    OK. We are having some success with Always-On-VPN. NetExtender 10.2.322.

    This clear change away from the "network logon screen" method has probably been sadly, poorly communicated. There really should have been something in the release notes.

    n.b.

    • If 2FA is on then auto vpn wont work when you go to a public network for example(2FA challenge)
    • Alternative, go to Device registration for a 2F ? - or both. :)

    Suggest the latest NetExtender client is installed. We are testing with server side on 10.2.0.8 with a view to upgrading it to the latest 10.2.1.4

  • kennymathews2003kennymathews2003 Newbie ✭

    Are you using PKI, Digital Certificate Authentication before logging into windows?

  • tjc34tjc34 Newbie ✭

    I have managed to get AOV working but you must use the MSI version of NetExtender available from mysonicwall downloads (the version you download from the appliance is NOT the MSI version). And you must turn off 2FA for the user. It does indeed always run and allows you to login to AD. However, I cannot get SND (secure network detection) to work so that it disconnects when on our corporate network.

  • GurubasappaGurubasappa SonicWall Employee
    edited September 2022

    The network logon feature is introduced back again in the 10.2.1.6-37sv(10.2.331 NX) build, So you can try it but the Network logon feature must be enabled during the installation of NetExtender

  • Halon5Halon5 Enthusiast ✭✭
    https://community.sonicwall.com/technology-and-support/discussion/comment/16151#Comment_16151

    GREAT SCOTT !

Sign In or Register to comment.