55
SSL-VPN (NetExtender)
SonicOS 5.2 introduces SSL VPN functionality via NetExtender. NetExtender is a light weight client that can
run on Windows, Linux, Mac, and Windows Mobile devices. It can easily be installed by directing the client to
the URL of the WAN interface.
To configure SSL-VPN LDAP authentication, place the LDAP group(s) that need remote access into the “SSL
VPN Services” Group.
Step 1: Navigate to Users > Local Groups and configure the SSLVPN Services group.
Step 2: Add the groups or users that need SSLVPN access to the Member area.
Now, in the same fashion as GVC, firewall rules can be applied from the SSLVPN zone to any other zone
further restricting or limiting users, services, etc.
NOTE
: If you are tunneling all the users’ traffic, additional policies can be enforced like CFS and client-
enforced AV.