SSL VPN > Client Settings
941
SonicOS 5.8.1 Administrator Guide
Configuring the SSL VPN Client Address Range
The SSL VPN Client Address Range defines the IP address pool from which addresses will be
assigned to remote users during NetExtender sessions. The range needs to be large enough
to accommodate the maximum number of concurrent NetExtender users you wish to support
plus one (for example, the range for 15 users requires 16 addresses, such as 192.168.200.100
to 192.168.200.115).
Note The range must fall within the same subnet as the interface to which the SSL VPN appliance
is connected, and in cases where there are other hosts on the same segment as the SSL
VPN appliance, it must not overlap or collide with any assigned addresses.
To configure the SSL VPN Client Address Range, perform the following steps:
Step 1 Navigate to the SSL VPN > Client Settings page.
Step 2 In the NetExtender Start IP field, enter the first IP address in the client address range.
Step 3 In the NetExtender End IP field, enter the last IP address in the client address range.
Step 4 In the DNS Server 1 field, enter the IP address of the primary DNS server, or click the Default
DNS Settings to use the default settings.
Step 5 (Optional) In the DNS Server 2 field, enter the IP address of the backup DNS server.
Step 6 (Optional) In the DNS Domain field, enter the domain name for the DNS servers.
Note For appliances supporting connections from Apple iPhones, iPads, or other iOS devices
using SonicWALL Mobile Connect, the DNS Domain is a required field. This DNS domain is
set on the VPN interface of the iPhone/iPad after the device makes a connection to the
appliance.
When the mobile device user accesses a URL, iOS
determines if the domain matches the
VPN interface's domain, and if so, uses the VPN interface's DNS server to resolve the
hostname lookup. Otherwise, the Wi-Fi or 3G DNS server is used, which will not be able to
resolve hosts within the company intranet.
Step 7 In the User Domain field, enter the domain name for the users. The value of this field must
match the domain field in the NetExtender client.
Step 8 (Optional) In the WINS Server 1 field, enter the IP address of the primary WINS server.
Step 9 (Optional) In the WINS Server 2 field, enter the IP address of the backup WINS server.
Step 10 In the Interface pulldown menu, select the interface to be used for SSL VPN services.
Note The IP address range must be on the same subnet as the interface used for SSL VPN
services.
Step 11 Click the Zone name at the top of the page to enable SSL VPN access on it with these settings.
The indicator should be green for the Zone you want to enable.
Step 12 Click Accept.