Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

SMA 8200v how to configure secure network detection using secure hosts

Doug_DanielDoug_Daniel Newbie ✭
in Secure Mobile Access Appliances

per the 12.4 admin guide: Device VPN supports secure network detection using secure host detection. For example, a secure network is detected only when the client can connect and verify the SSL certificate of the internal/secure host as configured by administrator.

I cannot determine where to configure the secure hosts. My connection log snwlconnect.log confirms that I have secure network detection on but no secure hosts defined ( secureNetworkDetection:[Enabled:[True] Secure Hosts:[] )

Category: Secure Mobile Access Appliances
Reply

Best Answer

  • CORRECT ANSWER
    Doug_DanielDoug_Daniel Newbie ✭
    Answer ✓

    Nicholas,

    helpful, but the answer was to define secure hosts using a CEM. Rhetorical - is there a list of all the CEMs?

    Enable Secure Network Detection for Device VPN using Configuration Extensions

    Device VPN supports secure network detection by connecting to configured secure hosts. Use the Configuration Extension to configure the secure network hosts, along with optional hash and hash algorithm. Secure Network Detection can also be configured on per community basis using a modified version of the Configuration Extension that consists of {CommunityID}_SECURE_NETWORK_DETECTION.

    * Example Use *

    ---------------

    SECURE_NETWORK_DETECTION = Host1;Host2 (Host1 or Host2 having valid certificate is evaluated)

    SECURE_NETWORK_DETECTION = Host1=<Hash>;Host2=<Hash> (Host1 or Host2 having matching sha_256 hash is evaluated)

    SECURE_NETWORK_DETECTION = Host1=<Hash>,<HashAlg>;Host2=<Hash>,<HashAlg> (Host1 or Host2 having matching <HashAlg> hash is evaluated)

    {CommunityID}_SECURE_NETWORK_DETECTION = <Hash>,<HashAlg>;Host2=<Hash>,<HashAlg>

Answers

Sign In or Register to comment.