SonicWALL Global VPN Quick start guide

SonicWall™GlobalVPNClient

4.10

AdministrationGuide

SonicWallisatrademarkorregisteredtrademarkofSonicWallInc.and/oritsaffiliatesintheU.S.A.an d/orothercountries.Allother

trademarksandregisteredtrademarksarepropert yoftheirrespectiveowners

Theinformationinthisdo cumentisprovidedinconnectionwithSonicWallInc.and/oritsaffiliates’products.Nolicense,expressor

implied,

byestoppelorotherwise,toanyintellectualproper tyrightisgrantedbythisdocumentorinconnectionwiththesaleofSonicWallproducts.

EXCEPTASSETFORTHINTH ETERMSANDCONDITIONSASSPECIFIEDINTHELICENSEAGREEMENTFORTHISPRODUCT,SONICWALLAND/OR

ITSAFFILIATESASSUMENOLIABILITYWHATSOE V ERAND

DISCLA IMSANYEXPRESS,IMPLIEDORSTATUTORYWARRANT YRELAT IN GTOITS

PRODUCTSINCLUD ING ,BUTNOTLIMIT EDTO,THEIMPLIEDWARRANT YOFMERCHANTABILITY,FITNESSFORAPAR TI CU L AR PURPOSE,OR

NON‐INFRINGEMENT.INNOEVENTSHALLSONICWALLAND/ORITSAFFILIATESBELIABLEFORANYDIRECT,INDIRECT,CONSEQUENTIAL,

PUNITIVE,SPECIALORINCIDENTALDAMAGES(INCLUDING,

WITHOUTLIMITAT I ON ,DAMAGESFORLOSSOFPROFITS,BUSINESS

INTERRUPTIONORLOSSOFINFORM ATION)ARISIN GOUTOFTHEUSEORINAB ILI TYTOUSETHISDOCUMENT,EVENIFSONICWALLAND/OR

ITSAFFILIATESHAVEBEENADVISEDOFTHEPOSSIBILITYOFSUCHDAMAGES.SonicWalland/oritsaffiliatesmakenorepresentationsor

warrantieswithrespectto

theaccuracyorcompletenessofthecontentsofthisdocumentandreservestherighttomakechangesto

specificationsandproductdescriptionsatanytimewithoutnotice.SonicWallInc.and/oritsaffili atesdonotmakeanycommitmentto

updatetheinfo rmationcontainedinthisdocument.

Formoreinformation,visithttps://www.sonicwall.com/legal/.

Global

VPNClientAdministrationGuide

Updated‐March2017

SoftwareVersion‐4.10

232‐003830‐00RevA

Legend

WARNING:AWARNINGiconindicatesapotentialforpropertydamage,personalinjury,ordeath.

CAUTION:ACAUTIONiconindicatespotentialdamagetohardwareorlossofdataifinstructionsarenotfollowed.

IMPORTANT,NOTE,TIP,MOBILE,orVIDEO:Aninformationiconindicatessupportinginformation.

SonicWallGlobalVPNClient4.10AdministrationGuide

Contents

IntroductiontoGlobalVPNClient......................................................6

GlobalVPNClientOverview ............... ................ ........

...................... 6

GlobalVPNClientFeatures ........................

.................................. 6

GlobalVPNClientEnterprise............

............................................. 8

AboutthisGuide..

.............................. ...................................... 8

TextConventions ..... .........................

............... ................ ..... 9

MessageIcons............

............... ................ ......................... 9

GettingStartedwithGlobalVPNClient .......................................

..........10

InstallingtheGlobalVPNClient....................................

.....................10

UsingtheSetupWizard ............... ..........

.............................. .....10

UpgradingGlobalVPNClientfromaPreviousVersion .......

............................... 14

Command‐LineOptionsforInstallation..............

.............................. .......14

LaunchingtheGlobalVPNClient........

.............................. ..................15

SpecifyingGlobal

VPNClientLaunchOptions ...................... ................ ........ 16

ManagingtheGlobalVPNClientSystemTrayIcon ..... ................................ ....17

Adding

VPNConnections.................................. . ................ .........18

UnderstandingVPNConnections ....................................

............... .....18

CreatingaVPNConnectionUsingtheNewConnectionWizard.....................

.......... 19

ImportingaVPNConfigurationFile .................. .................

............... ....21

UsingGlobalVPNClientfromaDifferentWorkstation .......................

...............  21

Workaround—ForcedCreationofaNewLocallyCachedProfile .................. .......

.22

MakingVPNConnections ..............................................

..............24

Overview............ ................ ........

............... ................ ........24

AccessingRedundantVPNGateways .......

............... ................ ............... 24

EnablingaVPNConnection

............... ................ ............................. 25

EstablishingMultipleConnections ................ ................ ......

.................26

EnteringaPre‐SharedKey............................

.............................. .... 26

SelectingaCertificate.............

.................................................... 27

ProvidingUsernameandPasswordAuthentication..... ................ ................ .. ..28

Creatinga

ConnectionShortcut ........................................................  28

ConnectionWarning........... ................ .............

.......................... 29

ConfiguringVPNConnectionProperties....... .............

............................30

DisplayingtheConnectionsPropertiesDialog..................

............... ............ 30

ConnectionPropertiesGeneralSettings.............. .....

............... ................  31

ConnectionPropertiesUserAuthenticationSettings ..............

.......................... 32

ConnectionPropertiesPeersSettings.. ................ ..

................................ 33

PeerInformationDialog...............

............... ................ ............. 34

ConnectionPropertiesStatusSettings..

............................................. .....36

Contents

SonicWallGlobalVPNClient4.10AdministrationGuide

Contents

ManagingVPNConnections .............. . . . .............. . . ................ .........38

AboutVPNConnections.. ................ ....................

......................... 38

ArrangingConnections.......................

......................................... 38

RenamingaConnection......

......................................................... 38

DeletingaConnection............... .. ................ .......

............... .......... 39

SelectingAllConnections............... .......

........................................39

CheckingtheStatusofVPNConnections ....

............................................. 39

DisablingaVPNConnection  .

............... ................ ............................ 40

UsingCertificates................. . .............. . . ......

...........................41

ObtainingCertificateInformation.................. ...

.............................. ....41

ManagingCertificates ............. .

.............................. .....................41

TroubleshootingtheGlobalVPNClient ........................ ............... . ....

.....43

ToolsforTroubleshooting . ................ ................ ..........

............... ....43

UnderstandingtheGlobal VPNClientLog .... .....................

........................ 43

OpeningtheLogViewerWindow.....................

............... ................  44

SavingtheCurrentLog...... .........

............... ................ ............... 44

ManagingLogMessages.

............................................. ............. 45

ConfiguringtheLog ............................... .. .......

........................... 46

ConfiguringAuto‐Logging...... ..............

.............................. ........ 46

GeneratingaHelpReport ........

.............................. ........................ 47

AccessingSonicWallGlobalVPNClientTechnicalSupport................... ................  48

ViewingHelpTopics.

.............................. ....................................49

UninstallingtheGlobalVPNClient .............................

.......................... 49

ConfiguringSonicWallAppliancesforGlobalVPNClients.................

.................50

AboutGroupVPNPolicies.............. ................ .

............... ................  50

GlobalVPNClientLicenses ...............

............... ................ ............... 50

GroupVPNConnectionsSupported

byPlatform........................................... 50

ActivatingYourGlobalVPN Client

............... ................ ........................ 51

DownloadingGlobalVPNClientSoftwareandDocumentation............... ................  51

Usingthedefault.rcfFile...

..........................................................52

Aboutthedefault.rcfFile...................... ................ ..

...................... 52

HowGlobalVPNClientUsesdefault.rcf......................

............................. 52

Deployingthedefault.rcfFile .................

.............................. ............ 53

Includingthedefault.rcfFilewiththeMSIInstaller

... ................ ................ ..53

Addingthedefault.rcfFiletotheInstallationDirectory .....

............................. 54

ReplacinganExisting.rcfFilewiththedefault.rcfFile . ...........

....................... 54

Creatingthedefault.rcfFile.......................

.............................. .......55

default.rcfFileTagDescriptions.........

............................................ 55

Sampledefault.rcfFile...

.............................. ............................... 57

Troubleshootingthedefault.rcfFile...................................

............... ....59

SonicWallGlobalVPNClient4.10AdministrationGuide

Contents

UsingtheGlobalVPNClientCLI.......................................................60

AbouttheGlobalVPNClientCLI...................................

..................... 60

CommandLineOptions..........................

.............................. ........ 60

CommandLineExamples.........

.............................. .......................60

LogViewerMessages............................. . ..............

...................62

ErrorMessages.......... ................ ....

........................................ 62

InfoMessages..... ...

............... ................ ................................ 67

WarningMessages................ ................ .. ..

.............................. ..71

SonicWallEndUserProductAgreement.............

...................................72

SonicWallSupport ..............

....................................................78

SonicWallGlobalVPNClient4.10AdministrationGuide

IntroductiontoGlobalVPNClient

• GlobalVPNClientOverviewonpage6

• GlobalVPNClientFeaturesonpage6

• GlobalVPNClientEnterpriseonpage8

• AboutthisGuideonpage8

• TextConventionsonpage9

• MessageIconsonpage9

GlobalVPNClientOverview

TheSonicWall™GlobalVPNClientcreatesaVirtualPrivateNetwork(VPN)connectionbetweenyourcomputer

andthecorporatenetworktomaintaintheconfidentialityofprivatedata.TheGlobalVPNClientprovidesan

easy‐to‐usesolutionforsecure,encryptedaccessthroughtheInternetforremoteusers.

CustomdevelopedbySonicWall,the

GlobalVPNClientcombineswithGroupVPNonSonicWallInternetSecurity

AppliancestodramaticallystreamlineVPNdeploymentandmanagement.UsingSonicWall’sClientPolicy

Provisioningtechnology,theSonicOSadministratorestablishestheVPNconnectionspoliciesfortheGlobalVPN

Clients.TheVPNconfigurationdataistransparentlydownloadedfromtheSonicWallVPNGateway(SonicWall

InternetSecurityAppliance)toGlobalVPNClients,removingtheburdenofprovisioningVPNconnectionsfrom

theuser.

ForconfiguringyourSonicWallsecurityappliancetosupportGlobalVPNClientsusingSonicOSGroupVPN,see

theSonicOSAdministrationGuideforthefirmwareversionrunningonyourSonicWallsecurityappliance (your

VPNgatewayappliance).

Topics:

• GlobalVPNClientFeaturesonpage6

• GlobalVPNClientEnterpriseonpage8

GlobalVPNClientFeatures

TheSonicWallGlobalVPNClientdeliversarobustIPsecVPNsolutionwiththesefeatures:

•EasytoUse‐Providesaneasy‐to‐followInstallationWizardtoquicklyinstalltheproduct,an

easy‐to‐followConfigurationWizardwithpoint‐and‐clickactivationofVPNconnections,andstreamlined

managementtoolstominimizesupportrequirements.

•Multiple

LanguageSupport‐TheGlobalVPNClientuserinterfacesupportsEnglish,SimplifiedChinese,

Japanese,Korean,andBrazilianPortuguese.TheUIautomaticallydisplaysintheWindowsdisplay

language.

SonicWallGlobalVPNClient4.10AdministrationGuide

IntroductiontoGlobalVPNClient

• ClientPolicyProvisioning‐UsingonlytheIPaddressorFullyQualifiedDomainName(FQDN)ofthe

SonicWallVPNgateway ,theVPNconfigurationdataisautomaticallydownloadedfromtheSonicWall

VPNgatewayviaasecureIPsectunnel,removingtheburdenfromtheremoteuserofprovisioningVPN

connections.

•XAUTHAuthenticationwithRADIUS

‐Providesaddedsecuritywithuserauthenticationaftertheclient

hasbeenauthenticatedviaaRADIUSserver.

•VPNSessionReliability‐AllowsautomaticredirectincaseofaSonicWallVPNgatewayfailure.Ifa

SonicWallVPNgatewayisdownthentheGlobalVPNClientcangothroughanotherSonicWallVPN

gateway.

•MultipleSubnet

Support‐AllowsGlobalVPNClientconnectionstomorethanonesubnetinthe

configurationtoincreasenetworkingflexibility.

•Third‐PartyCertificateSupport‐SupportsVeriSign,Entrust,Microsoft,andNetscapeCertificate

Authorities(CAs)forenhanceduserauthentication.

• TunnelAllSupport‐ProvidesenhancedsecuritybyblockingalltrafficnotdirectedtotheVPNtunnel

to

preventInternetattacksfromenteringthecorporatenetworkthroughaVPNconnection.

•DHCPoverVPNSupport‐AllowsIPaddressprovisioningacrossaVPNtunnelforthecorporatenetwork

whileallowingWANDHCPforInternetAccessfromtheISP.

•SecureVPNConfiguration‐CriticalGlobalVPNClientconfigurationinformationislockedfromthe

user

topreventtampering.

•AESand3DESEncryption‐Supports168‐bitkey3DES(DataEncryptionStandard)andAES(Advanced

EncryptionStandard)forincreasedsecurity.AESrequiresSonicOS2.0orhigherontheSonicWallVPN

gatewayappliance.

•GMSManagement‐AllowsGlobalVPNClientconnectionstobemanagedbySonicWall’saward‐winning

Global

ManagementSystem(GMS).

•Multi‐PlatformClientSupport‐Supports32‐bitand64‐bitversionsofWindows:Windows10,Windows

8,Windows8.1,andWindows7.

•NATTraversal‐EnablesGlobalVPNClientconnectionstobeinitiatedfrombehindany deviceperforming

NAT(NetworkAddressTranslation).TheSonicWallGlobalVPNClientencapsulatesIPsecVPN

trafficto

passthroughNATdevices,whicharewidelydeployedtoallowlocalnetworkstouseoneexternalIP

addressforanentirenetwork.

•AutomaticReconnectWhenErrorOccurs‐AllowstheGlobalVPNClienttokeepretryingaconnectionif

itencountersaproblemconnectingtoapeer.Thisfeatureallows

theGlobalVPNClienttoautomatically

makeaconnectiontoaSonicWallVPNgatewaythatistemporarilydisabled,withoutmanual

intervention.

•GhostInstallationforLargeScaleInstallations‐EnablestheGlobalVPNClient’s virtualadaptertogetits

defaultaddressafterinstallationandthencreateaghostimage.

•NTDomainLogonScript

Support‐AllowsGlobalVPNClientstoperformWindowsNTdomain

authenticationafterestablishingasecureIPsectunnel.TheSonicWallVPNgatewaypassesthelogon

scriptaspartoftheGlobalVPNClientconfiguration.ThisfeatureallowstheVPNusertohaveaccessto

mappednetworkdrivesandothernetworkservices.

•Dual

ProcessorSupport‐EnablestheGlobalVPNClienttooperateondual‐processorcomputers.

•GroupPolicyManagement‐GlobalVPNClientsaccesscanbecustomizedandrestrictedtos pec ific

subnetaccess(RequiresSonicOSEnhanced).

•HubandSpokeVPNAccess‐AllowsIPaddressingfromSonicWallVPNgateway’sDHCPServertoGlobal

VPNClientfor

configuringadifferentsubnetforallremoteGlobalVPNClientsthanthesubnetofthe

LAN.Makeshub‐and‐spokeVPNaccesssimpler.WhenaGlobalVPNClientsuccessfullyauthenticates

withthecentralsite,itreceivesavirtualIPaddressthatalsograntsitaccesstoothertrustedVPNsites.

SonicWallGlobalVPNClient4.10AdministrationGuide

IntroductiontoGlobalVPNClient

•DefaultVPNConnectionsFile‐EnablestheSonicOS administratortoconfigureanddistributethe

corporateVPNconnectionswiththeGlobalVPNClientsoftwaretostreamlineVPNclientdeployment.

•SingleVPNConnectiontoanySonicWallSecureWirelessApplianceforRoaming‐Allowsuserstousea

singleVPNconnectiontoaccessthenetworks

ofmultipleSonicWallSecureWirelessappliances.

•AutomaticConfigurationofRedundantGatewaysfromDNS‐WhenanIPsecgatewaydomainname

resolvestomultiple IPaddresses,theGlobalVPNClientusestheIPaddressesinthelistasfailover

gateways.

• TunnelStateDisplayEnhancement‐TheGlobalVPNClientprovidesinformationaboutthestateof

VPN

tunnels.Inadditiontothestatesofenabled,disabled,andconnected,theGlobalVPNClientindicates

whentunnelsareauthenticating,provisioning,andconnecting.

• TunnelStatusPop‐UpWindow‐TheGlobalVPNClientalertsuserswhentunnelsareconnectedor

disconnectedbydisplayingasmallpop‐upwindow.

•SmartCardand

USBTokenAuthentication‐TheGlobalVPNClientisintegratedwiththeMicrosoft

CryptographicApplicationProgram(MSCryptoAPIorMSCAPI),whichenablestheGlobal VPNClientto

supportuserauthenticationusingdigitalcertificatesonSmartcardsandUSBtokens.

•NAT‐TRFC3947Support‐AllowsforautomaticdetectionofNATalongthe

pathbetweentwoIKEpeers

duringIKEPhase1negotiation.OndetectionofNATinmiddle,packetsareUDPencapsulatedusingport

4500.

•DNSRedirect‐DNSqueriestoDNSsuffixassociatedwithVirtualAdapterarenotsentonthephysical

adapter.

• TunnelAllSupportEnhancement‐Providestheabilitytoroutecleartraffic

todirectlyconnected

networkinterfacesthatareconfiguredwiththeRouteAllpolicy,whichisgenerallyusedintheWLAN

zone.

•ProgramAuto‐StartonVPNConnection‐Automaticallylaunchesaprogram,withoptionalarguments,

whensuccessfulVPNconnectionsareestablished,asspecifiedintheConnectionPropertiesdialog.

GlobalVPNClientEnterprise

GlobalVPNClientEnterpriseprovidesthesamefunctionalityastheGlobalVPNClientwiththeaddedfeatureof

licensesharing.

AboutthisGuide

TheSonicWallGlobalVPNClientAdministrationGuideprovidescompletedocumentationoninstalling,

configuring,andmanaging theSonicWallGlobalVPNClient.ThisguidealsoprovidesinstructionsforSonicWall

GlobalVPNClientEnterprise.

ForconfiguringyourSonicWallsecurityappliancetosupportGlobalVPNClientsusingSonicOSGroupVPN,see

theSonicOSAdministrationGuidefor

thefirmwareversionrunningonyourSonicWallsecurityappliance(your

VPNgatewayappliance).

Topics:

• TextConventionsonpage9

• MessageIconsonpage9

SonicWallGlobalVPNClient4.10AdministrationGuide

IntroductiontoGlobalVPNClient

TextConventions

MessageIcons

Thesespecialmessagesrefertonoteworthyinformation,andincludeasymbolforquickidentification:

Convention Use

Bold HighlightsitemsyoucanselectontheGlobalVPNClientinterface

ortheSonicOSmanagementinterface.

MenuItem>MenuItem Indicatesamultiplestepmenuchoice.Forexample,“selectFile>

Open”means“selectthe

Filemenu,andthenselecttheOpen

itemfromtheFilemenu.

Screen Text Indicatestextasyouwouldseeitonacomputerscreenorwould

enteronacommandline.Forexample,

myDevice> show

alerts



WARNING:Importantinformationthatwarnsaboutapotentialforpropertydamage,personalinjury,

ordeath

CAUTION:Importantinformationthatcautionsaboutfeaturesaffectingfirewallperformance,security

features,orcausingpotentialproblemswithyourSonicWallappliance.

TIP:UsefulinformationaboutsecurityfeaturesandconfigurationsonyourSonicWallappliance.

IMPORTANT:Importantinformationonafeaturethatrequirescalloutforspecialattention.

NOTE:Supportinginformationonafeature.

MOBILE:UsefulinformationaboutmobileappsforyourSonicWallappliance.

VIDEO:LinkstovideoscontainingfurtherinformationaboutafeatureonyourSonicWallappliance.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

• InstallingtheGlobalVPNClientonpage10

• UpgradingGlobalVPNClientfromaPreviousVersiononpage14

• Command‐LineOptionsforInstallationonpage14

• LaunchingtheGlobalVPNClientonpage15

• SpecifyingGlobalVPNClientLaunchOptionsonpage16

• ManagingtheGlobalVPNClientSystem

TrayIcononpage17

Thissectionprovidesinformationaboutinstalling,upgrading,andlaunchingtheSonicWallGlobalVPNClient.

InstallingtheGlobalVPNClient

TheSonicWallGlobalVPNClientusesaneasy ‐to‐usewizardtoguideyouthroughtheinstallationprocess.

TheSonicWallGlobalVPNClientoperateson32‐bitand64‐bitversionsofWindows10,Windows8.1,Windows

8,andWindows7clientoperatingsystems.

TheGlobalVPNClientissupportedon

allSonicWallsecurityappliancesrunningGen5(5.0andhigher)andGen6

(6.1andhigher)SonicOSfirmwareversions.

UsingtheSetupWizard

Thissectionexplainshowtoinstallthe SonicWallGlobalVPNClientprogramusingtheSetupWizard.

TousetheSetupWizard:

1Downloadtheself‐extractinginstaller,GVCSetupXX.exe(whereXXiseither32for32‐bitWindows

platformsor64for64‐bitWindowsplatforms) ,fromMySonicWall.

NOTE:InstallingtheGlobalVPNClientrequiresAdministratorrights.

NOTE:ForinformationonthenumberofSonicWallGlobalVPNClientconnectionssupportedbyyour

SonicWallapplianceandGlobalVPNClientlicensingforyourappliance,seeGlobalVPNClientLicenseson

page50.

IMPORTANT:Removeanyinstalled3rdPartyVPNclientprogrambeforeinstallingthelatestSonicWall

GlobalVPNClient.

IfyouhaveSonicWallGlobalVPNClientinstalled,youmustuninstallitbeforeinstallingversion4.10.x.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

2Double‐clickGVCSetupXX.exe.TheSetupWizardlaunches.

3 ClickNexttocontinueinstallationoftheVPNClient.TheLicenseAgreementpagedisplays.

4 SelecttheIAgreeradiobutton.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

5 ClickNext.TheInstallationFolderSelectionpagedisplays.

6 Optionally,tospecify acustominstallationlocation,clickBrowse.

a Selectthelocation.

b ClickOK.

7 Optionally,clicktheDiskCostbuttontoseethediskspacerequirements.

8UnderInstallSonicWallGlobalVPNClientforyourself,orforanyonewhousesthiscomputer,select

either

EveryoneorJustme.

9 ClickNext.Thenextpageindicatesthattheinstallerisreadytobegininstallation.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

10 ClickNext.TheGlobalVPNClientisbeinginstalledpagedisplays,whichindicatesthe statusofthe

installation.

11 WaitwhiletheSonicWallGlobalVPNClientfilesareinstalledonyourcomputer.Whentheinstallationis

complete,theGlobalVPN Clienthasbeensuccessfullyinstalledpagedisplays.

12 ClickClosetoexitthe

wizard.Afterasuccessfulinstallation,whathappensnextdependsonwhetheryou

hadsavedconnections:

• IfyousavedtheconnectionconfigurationsfromapreviousversionoftheSonicWallGlobalVPN

Clientwhenuninstallingit,theGlobalVPNClientlaunches,andyourdefaultconnectionprompts

youforlogincredentials.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

• Ifnopreviousconnectionsexist,theNewConnectionWizardlaunchesautomatically.Thisonly

occursthefirsttimetheGlobalVPNClientstartsup.Formoreinformation,seeCreatingaVPN

ConnectionUsingtheNewConnectionWizardonpage19,

UpgradingGlobalVPNClientfromaPrevious

Version

Upgradesfrompreviousversionsarenotsupported.IfyouhaveSonicWallGlobalVPNClientversion4.9.22or

earlierinstalled,youmustuninstallthatversionandrebootyourPCbeforeinstallingversion4.10.x.The4.10.x

installerdoesnotallowupgradingfromearlierversions.

Command‐LineOptionsforInstallation

ThereareseveralcommandlineoptionsavailableforSonicW allGlobalVPNClientinstallation.

Alloptionsarecase‐insensitiveandmustbeprecededbyaforwardslash(/):

•/Q–Quietmode.Anormal(non‐silent)installationoftheSonicWallGlobalVPNClientreceivesthe

necessaryinputfromtheuserinthe

formofresponsestodialogs.However,asilentinstallationdoesnot

prompttheuserforanyinput,butinstead,usesthedefaultsforeveryoption.Simplytypeinthe

followingwhereXXiseither32for32‐bitWindowsplatformsor64for64‐bitWindowsplatforms:

GVCSetupXX.exe /q

•/T–

Specifyatemporaryworkingfolderinwhichtoplaceanytemporaryfilesgeneratedduringthe

installationprocess.TheToptionmustbefollowedbyacolon(:)andthefullpathtothefolderthatyou

wanttouse.Forexample,typeinthefollowing:

GVCSetupXX.exe /t:C:\TemporaryFiles

•/C–Placeallfiles

extracted(MSIInstallerfile)fromtheinstallpackageintothefolderspecifiedintheT

option.TheCoptionisonlyvalidwhenusedtogetherwiththeToption.Forexample,typeoneofthe

following:

GVCSetupXX.exe /c /t:C:\TemporaryFiles

GVCSetupXX.exe /T:C:\TemporaryFiles /c

TIP:YoucanconfiguretheGlobalVPNClienttolaunchautomaticallyeverytimeyoulog

ontoyourcomputer,ontheGeneraltabintheView>Optionspage.Formoreinformation,

seeSpecifyingGlobalVPNClientLaunchOptionsonpage16

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

LaunchingtheGlobalVPNClient

TolaunchtheSonicWallGlobalVPNClient:

1 SelectStart>Programs>GlobalVPNClient.

2Youcandoanyofthefollowing:

• ToclosetheGlobalVPNClientdialog,buthaveyourestablishedVPNconnectionsremainactive,

clickX,pressAlt+F4,orchooseFile>Close.

AmessageappearsnotifyingyouthattheGlobalVPNClientprogram

andanyenabled

connectionsremainactiveafterthedialogisclosed.

Ifyoudon’twantthisnotificationmessagetodisplayeverytimeyouclosetheGlobalVPNClient

dialog:

a) SelecttheDon’tshowmethismessageagaincheckbox.

b) ClickOK.

• ToopentheGlobalVPNClientdialog:

• Double‐clicktheGlobal

VPNClienticoninthesystemtray.

• Right‐clicktheicon,andtheselectOpenGlobalVPNClient.

CAUTION:ExitingtheSonicWallGlobalVPNClientfromthesystemtrayiconmenudisablesanyactive

VPNconnections.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

SpecifyingGlobalVPNClientLaunchOptions

YoucanspecifyhowtheSonicWallGlobalVPNClientlaunchesandwhatnotificationwindowsappearusingthe

controlsintheGeneraltaboftheOptionsdialog.ChooseView>OptionstodisplaytheOptionsdialog.

TheGeneraltabincludesthefollowingsettingstocontrolthe launchoftheGlobalVPNClient:

•Start

thisprogramwhenIlogin‐LaunchestheSonicWall GlobalVPN Clientwhenyoulogintoyour

computer.

•WarnmebeforeenablingaconnectionthatwillblockmyInternettraffic.ActivatesaConnection

WarningmessagenotifyingyouthattheVPNconnectionwillblocklocalInternetandnetworktraffic.

• Rememberthelast

windowstate(closedoropen)thenexttimetheprogramisstarted‐Allowsthe

GlobalVPNClienttorememberthelastwindowstate(openorclosed)thenexttimetheprogramis

started.Forexample,ausercanlaunchtheGlobalVPNClientfromthesystemtraywithoutopeninga

windowonthedesktop.

•Whenclosingtheconnectionswindow‐SpecifieshowtheGlobalVPNClientbehaveswhenthewindow

isclosed:

• Minimizethewindow(restoreitfromthetaskbar)‐Minimizesthewindowtotaskbarand

restoresitfromthetaskbar.

•Hidethewindow(re‐openitfromthetrayicon)‐The

defaultsettingthathidestheGlobalVPN

Clientwindowwhenyoucloseit.YoucanopentheGlobalVPNClientfromtheprogramiconin

thesystemtray.EnablingthissettingalsodisplaystheShowthenotificationwhenIhidethe

connectionswindowcheckbox.

•Showthe notificationwhenIhide

theconnectionswindow‐Selectingthischeckbox

activatestheSonicWallGlobalVPNClient HideNotificationwindowwheneveryouclose

TIP:Youcan:

• ChangethedefaultlaunchsettingforSonicWallGlobalVPNClient;seeSpecifyingGlobal

VPNClientLaunchOptionsonpage16formoreinformation.

• CreateashortcuttoautomaticallylaunchtheGlobalVPNClientdialogandmaketheVPN

connectionfromthedesktop,taskbar,orStartmenu.SeeGlobal

VPNClientLicenseson

page50formoreinformation.

• LaunchtheGlobalVPNClientfromthecommandline,SeeUsingtheGlobalVPNClientCLI

onpage60formoreinformation.

SonicWallGlobalVPNClient4.10AdministrationGuide

GettingStartedwithGlobalVPNClient

theGlobalVPNClientwindowwhilethe programisstillrunning.Themessagetellsyou

thattheGlobalVPNClientprogramcontinuestorunafteryouclose(hide)thewindow.

ManagingtheGlobalVPNClientSystemTray

Icon

WhenyoulaunchtheGlobalVPNClientwindow,theprogramiconappearsinthesystemtrayonthetaskbar.

ThisiconprovidesprogramandVPNconnectionstatusindicatorsaswellasamenuforcommonSonicWall

GlobalVPNClientcommands.Right‐clickingontheGlobalVPNClienticoninthesystem

traydisplaysamenuof

optionsformanagingtheprogram.

•OpenGlobalVPNClient‐Openstheprogramwindow.

•Enable‐DisplaysamenuofVPNconnectionsthatcanbeenabled.

• Disable‐DisplaysamenuofVPNconnectionsthatcanbedisabled.

•OpenLogViewer‐Opensthe LogViewertoviewinformationalanderrormessages.

SeeUnderstanding

theGlobalVPNClientLogonpage43formoreinformationontheLogViewer.

•OpenCertificateManager‐OpenstheCertificateManager.SeeManagingCertificatesonpage41for

moreinformationontheCertificateManager.

•Exit‐ExitstheGlobalVPNClientwindowanddisablesanyactiveVPNconnections.

Movingthe

mousepointerovertheGlobalVPNClienticoninthesystemtraydisplaysthenumberofenabled

VPNconnections.

TheGlobalVPNClienticoninthesystemtrayalsoactsasavisualindicatorofdatapassingbetweentheGlobal

VPNClientandtheSonicWallgateway.

SonicWallGlobalVPNClient4.10AdministrationGuide

AddingVPNConnections

• UnderstandingVPNConnectionsonpage18

• CreatingaVPNConnectionUsingtheNewConnectionWizardonpage19

• ImportingaVPNConfigurationFileonpage21

• UsingGlobalVPNClientfromaDifferentWorkstationonpage21

UnderstandingVPNConnections

TheGlobalVPNClientallowsmultipleconnectionstobeconfiguredatthesametime,whethertheyare

provisionedfrommultiplegatewaysorimportedfromoneormorefiles.Becauseconnectionsmaybe

provisionedfrommultiplegateways,eachconnectionexplicitlystatesallowedbehaviorinthepresenceofany

connectionpolicyconflicts.You

mayhaveVPNconnectionsthatdon’tallowotherVPNconnectionsorInternet

andnetworkconnectionswhile theVPNpolicyisenabled.

TheVPNconnectionpolicyincludesalltheparametersnecessarytoestablishsecureIPsectunnelstothe

gateway.AconnectionpolicyincludesPhase1andPhase2SecurityAssociations(SA)parameters:

• Encryptionandauthenticationproposals

• Phase1identitypayloadtype

• Phase2proxyIDs(trafficselectors)

• ClientPhase1credential

• Allowedbehaviorofconnectioninpresenceofotheractiveconnections

• Clientcachingbehavior

AddinganewVPNconnectioniseasybecause SonicWall’sClientPolicyProvisioningautomaticallyprovidesall

thenecessaryconfigurationinformation

tomakeasecureconnectiontothelocalorremotenetwork.The

burdenofconfiguringthe VPNconnectionparametersisremoved fromtheGlobalVPNClientuser.VPN

connectionscanbecreatedusingthreemethods:

• DownloadtheVPNpolicyfromtheSonicWallVPNGatewaytotheGlobalVPNClientusing

theNew

ConnectionWizard.Thiswizardwalksyouthroughtheprocessoflocatingthesourceofyour

configurationinformationandautomaticallydownloadstheVPNconfigurationinformationoverasecure

IPsecVPNtunnel.

• ImportaVPNpolicyfileintotheSonicWallGlobalVPNClient.TheVPNpolicyissenttoyou

asa.rcffile,

whichyouinstallusingtheImport Connectiondialog.

• Installthedefault.rcffileaspartoftheGlobalVPNClientsoftwareinstallationoradditafter

installingtheGlobalVPNClient.IftheSonicWallVPNGatewayadministratorincludedthe

SonicWallGlobalVPNClient4.10AdministrationGuide

AddingVPNConnections

default.rcffileaspartoftheGlobalVPNClientsoftware,oneormorepreconfiguredVPN

connectionsareautomaticallycrea tedwhentheprogramisinstalled.

CreatingaVPNConnectionUsingtheNew

ConnectionWizard

ThefollowinginstructionsexplainhowtousetheNewConnectionWizardtoautomaticallydownloadaVPN

connectionpolicyfortheGlobalVPNClientfromalocalorremoteSonicWallVPNgateway.

TousetheNewConnectionWizard:

1 ChooseStart>Programs>GlobalVPNClient.ThefirsttimeyouopentheSonicWallGlobalVPNClient,

theNewConnectionWizardlaunchesautomatically.

2IftheNewConnectionWizarddoesnotdisplay,tolaunchit,clicktheNewConnection button.

NOTE:Creatingadefault.rcffileanddistributingitwiththeGlobalVPNClientsoftwareallows

theSonicWallVPNGatewayadministratortostreamlineVPNclientdeploymentandallowsusersto

quicklyestablishVPNconnections.Ifadefault.rcffileisincludedwiththedownloadedGlobal

VPNClientsoftware,theVPNpolicyconfiguredby

theSonicWallVPNGatewayadministratoris

usedtocreateaconnectionautomaticallywhentheclientsoftwareisinstalled.Formore

informationoncreatingthedefault.rcffile,seeUsingthedefault.rcfFileonpage52.

NOTE:TofacilitatetheautomaticprovisioningofGlobalVPNClients,configureyourSonicWall

appliancebeconfiguredwithGroupVPN.Forinstructionsonconfiguringyourappliancewith

GroupVPN,seetheSonicOSAdministrationGuide.

NOTE:ForinstructionsonimportingacertificateintotheGlobalVPNClient,seeUsingCertificates

onpage41.

SonicWallGlobalVPNClient4.10AdministrationGuide

AddingVPNConnections

3 ClickNext.TheNewConnectionpagedisplays.

4EntertheIPaddressorFQDNofthegatewayintheIPAddressorDomainNamefield.Theinformation

youtypeintheIPAddressorDomainNamefieldappearsintheConnectionNamefield.

5 Optionally,ifyouwantadifferentnameforyour

connection,typethenewnameforyourVPN

connectionintheConnectionNamefield.

6 ClickNext.TheCompletingtheNewConnectionWizardpagedisplays.

7 Optionally,selecteitherorboth:

•Createadesktopshortcutforthisconnectionifyouwanttocreateashortcuticononyour

desktopforthisVPNconnection.

•Enablethisconnectionwhentheprogramislaunchedifyouwanttoautomaticallyestablishthis

VPNconnectionwhenyoulaunchtheSonicWallGlobalVPNClient.

8 ClickFinish.ThenewVPNconnectionappearsintheGlobalVPNClientwindow.

Page is loading ...

SonicWALL Global VPN Quick start guide

Related papers

Other documents