SonicWALL GMS Aventail EX-Series Appliance Management Feature Module

SonicWALL GMS Aventail EX-Series Appliance Management Feature Module Document Scope This document describes how to use the SonicWALL Global Management System (GMS) to manage single or multiple deployments of SonicWALL Aventail EX-Series SSL VPN appliances. It includes an introduction to the SonicWALL GMS Aventail EX-Series appliance management feature and instructions for using the Aventail EX-Series SSL VPN configuration and reporting tools in SonicWALL GMS 4.1.2. This document contains the following sections: Feature Overview section on page 1 Preparing an Aventail Appliance for GMS Management section on page 3 Accessing Aventail SSL VPN Appliances on the Policies Tab section on page 13 Viewing SonicWALL GMS Aventail SSL VPN Reports section on page 19 Using the Aventail SSL VPN Management Interface from SonicWALL GMS section on page 22 Feature Overview This section provides an introduction to the SonicWALL GMS Aventail SSL VPN appliance management feature. This section contains the following subsections: What is SonicWALL GMS Aventail Appliance Management? section on page 2 Benefits section on page 2 How Does SonicWALL GMS Aventail Appliance Management Work? section on page 2 Platforms section on page 3 After reading the feature overview section, you will be familiar with the SonicWALL GMS 4.1.2 Aventail SSL VPN appliance management feature. SonicWALL GMS Aventail EX-Series Appliance Management 1

Feature Overview What is SonicWALL GMS Aventail Appliance Management? SonicWALL GMS gives you a single management interface for centrally managing and deploying SonicWALL appliances and security policy configurations. GMS also provides centralized, real-time monitoring, and policy and compliance reporting. You can configure an Aventail EX-Series appliance to be managed by SonicWALL GMS. Supported features include: Add unit and acquire it for GMS management Display appliance information Accept heartbeat/syslog messages Monitor up/down status One-click login to unit from GMS management interface, using HTTPS SonicWALL GMS also provides reports for the SonicWALL Aventail appliance. Currently the appliance reports the following: User authentication-related events: these are logged, encrypted, and sent as they occur. Available reports include User Logins and Failed Logins. The user login report shows the user name, source host IP address, and time of login for users who have logged in to the appliance during the specified day; the failed login report shows unsuccessful login attempts, which is useful for identifying unauthorized access attempts and potentially malicious activity. Status information: SonicWALL GMS can provide daily and over time status up/down reports for the Aventail appliance at both unit and group levels. Status reports provide appliance details such as model and serial numbers, language, up-time, and firmware version. Available reports include Uptime and Uptime Over Time. These reports can be scheduled to be automatically emailed in PDF format on a regular basis. Benefits Management of a single or multiple SonicWALL Aventail SSL VPN appliances is simplified by using SonicWALL GMS. With a single login to SonicWALL GMS, multiple Aventail SSL VPNs can be monitored, statistics can be viewed instantly, and the management interface for each appliance can be accessed directly. SonicWALL GMS Aventail SSL VPN appliance management allows you to: View Aventail SSL VPN appliance status Synchronize SonicWALL GMS with updates made locally to the Aventail SSL VPN appliance Synchronize the Aventail SSL VPN appliance with mysonicwall.com Generate user authentication and appliance status reports Perform Aventail SSL VPN management interface tasks How Does SonicWALL GMS Aventail Appliance Management Work? SonicWALL GMS appliance management uses HTTPS to access and allow central management of SonicWALL Aventail SSL VPN appliances. After SonicWALL GMS initially establishes an HTTPS connection to the appliance, GMS then reads the appliance configuration and acquires the appliance for management. 2 SonicWALL GMS Aventail EX-Series Appliance Management

Preparing an Aventail Appliance for GMS Management The SonicWALL Aventail EX-Series appliance allows HTTPS access only to its LAN port(s), and not to its WAN port(s). This means that when SonicWALL GMS is deployed outside of the Aventail LAN subnet(s), management traffic must be routed from GMS to a gateway that allows access into the LAN network, and from there be routed to the Aventail LAN port. Using SonicWALL GMS, you can then view system status, synchronize with mysonicwall.com, and configure alerts on the managed appliances. From the SonicWALL GMS user interface, you can also log into the Aventail Management Console of the managed appliances to perform direct management and configuration tasks. SonicWALL GMS also provides some reports for managed SonicWALL Aventail SSL VPN appliances. Reporting functionality is based on syslog events received by GMS from the SonicWALL Aventail appliance. Platforms SonicWALL GMS Aventail SSL VPN appliance management is available in the SonicWALL GMS 4.1.2 release. SonicWALL GMS appliance management supports the following SonicWALL Aventail EX-Series appliances running version 9.0.0 or higher: SonicWALL Aventail EX-750 SonicWALL Aventail EX-1500 SonicWALL Aventail EX-1600 SonicWALL Aventail EX-2500 Preparing an Aventail Appliance for GMS Management To allow SonicWALL GMS to manage a SonicWALL Aventail EX-Series appliance, GMS management must be enabled on a registered and licensed appliance. Follow these procedures to prepare the Aventail SSL VPN appliance for GMS management: Registering your Aventail EX-Series Appliance, page 3 Licensing your Aventail EX-Series Appliance, page 4 Enabling GMS on your Aventail EX-Series Appliance, page 7 Registering your Aventail EX-Series Appliance You can register your SonicWALL Aventail EX-Series appliance on mysonicwall.com. To register your appliance, log in to your MySonicWALL account and complete the following steps: In your Web browser, go to https://www.mysonicwall.com/ and log in with your username and password. Locate the serial number of your Aventail appliance, which is printed on a sticker on the back of the appliance. The serial number is a hyphenated number with 11 to 13 digits. SonicWALL GMS Aventail EX-Series Appliance Management 3

Preparing an Aventail Appliance for GMS Management On mysonicwall.com on the Home page, enter your serial number without hyphens into the REGISTER A PRODUCT field, and then click Next. Step 4 On the My Products page, confirm the value in the Serial Number field. Step 5 Step 6 Step 7 Enter a Friendly Name for this appliance. Select the Product Group with which this appliance will be associated. Click Register. Licensing your Aventail EX-Series Appliance After registering the appliance, you can obtain the license for your SonicWALL Aventail EX-Series appliance on mysonicwall.com. Note If you try to configure the GMS server setting in the Aventail Management Console before the unit is licensed, the enable option will be disabled in the user interface. 4 SonicWALL GMS Aventail EX-Series Appliance Management

Preparing an Aventail Appliance for GMS Management To license your Aventail appliance, perform the following steps: In mysonicwall.com on the My Products page, click the friendly name or serial number of the Aventail EX-Series appliance in the list. The Service Management page for that device is displayed. Click Click here for the License File. In the Opening dialog box, select Save to Disk to save the license file to your local system. Step 4 Step 5 Log into the Aventail Management Console and navigate to System Configuration > General Settings. In the Licensing section, click Edit. SonicWALL GMS Aventail EX-Series Appliance Management 5

Preparing an Aventail Appliance for GMS Management Step 6 On the Manage Licenses screen, click Import License. Step 7 On the Import License screen, browse to the saved license XML file, and then click Upload. Step 8 Apply the change by clicking the Pending changes link in the upper-right corner. The SonicWALL Aventail appliance is now licensed. 6 SonicWALL GMS Aventail EX-Series Appliance Management

Preparing an Aventail Appliance for GMS Management Enabling GMS on your Aventail EX-Series Appliance Once you have licensed your appliance, you can enable SonicWALL GMS in the Aventail EX-Series user interface. To configure your Aventail EX-Series appliance for management by SonicWALL GMS, complete the following steps: Navigate to System Configuration > General Settings in the main Aventail Management Console navigation menu. Under Centralized management, click Edit. The Configure Centralized Management page is displayed: Select the Enable GMS management check box. SonicWALL GMS Aventail EX-Series Appliance Management 7

Preparing an Aventail Appliance for GMS Management Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 0 1 Type the password that GMS will use to access the Aventail appliance into both the Password and Confirm password fields. The user name that SonicWALL GMS uses to access the Aventail appliance is pre-configured as GMS (not case-sensitive). There is no need to enter it here, but it must be entered when adding the unit into SonicWALL GMS. In the GMS server address field, type the IP address of the SonicWALL GMS Agent server. In the GMS server port field, type the port to be used for communication with SonicWALL GMS. In the Heartbeat interval field, set the interval (in seconds) at which the appliance indicates its readiness to send a report on authentication-related events, in addition to status information (status.xml). An interval of 60 seconds is typical. Select Enable single sign-on for AMC configuration if you want direct access to the Aventail Management Console from the SonicWALL GMS right-click menu. When selected, SonicWALL GMS will log directly into AMC when Login to Unit is selected in the right-click menu for the appliance in the left pane. SonicWALL GMS uses the credentials GMS and the password that you entered in Step 4. If this check box is cleared, you can still open the Aventail Management Console from the right-click menu, but you must enter your appliance login credentials; this is less convenient, but more secure. Select Send only heartbeat status messages if you want to only manage the appliance and not create reports for the appliance. Click Save. To apply the changes, do one of the following: Click Pending changes in the upper-right corner of the Aventail Management Console. Navigate to System Configuration > Maintenance and then click Apply changes. 8 SonicWALL GMS Aventail EX-Series Appliance Management

Adding the SonicWALL Aventail SSL VPN Appliance to GMS 2 In the Apply Changes dialog box, click Apply Changes. Adding the SonicWALL Aventail SSL VPN Appliance to GMS This section describes how to add the SonicWALL Aventail appliance to SonicWALL GMS, and how to modify the entry for the appliance: Managing Aventail SSL VPN Appliance Settings, page 11 To add your appliance to SonicWALL GMS, perform the following tasks in the GMS management console: Click the SSL VPN tab: Right-click an empty area or a group node in the left-most pane and select Add Unit from the right-click menu. The Add Unit dialog box displays. Step 4 Enter a descriptive name for the SonicWALL Aventail appliance in the Unit Name field. Enter the appliance administrator login name in the Login Name field. Note The login name for a SonicWALL Aventail appliance is pre-configured on the appliance as GMS (not case-sensitive). Type GMS or gms in this field. SonicWALL GMS Aventail EX-Series Appliance Management 9

Adding the SonicWALL Aventail SSL VPN Appliance to GMS Step 5 Step 6 Enter the appliance administrator password in the Password field. This must be the same password that you provided on the SonicWALL Aventail appliance when enabling it for management by SonicWALL GMS. Enter the appliance serial number in the Serial Number field. The serial number is located on a sticker on the back of the SonicWALL Aventail appliance. It is not the same as the MAC address. Note Type the serial number into this field without hyphens. Step 7 Step 8 Step 9 SonicWALL Aventail appliances are currently accessed only with HTTPS. In the HTTPS Port field, change the port number to 8443. Skip the two SA fields, and then select the IP address of the SonicWALL GMS Agent server that will manage the SonicWALL Aventail appliance from the Agent IP Address list box: If SonicWALL GMS is configured in a multi-tier distributed environment, you must select the SonicWALL GMS Agent whose IP address matches the IP address that you specified when configuring the SonicWALL Aventail appliance for SonicWALL GMS management. If SonicWALL GMS is in a single-server environment, the IP address of the SonicWALL GMS Agent server already appears in the field. If SonicWALL GMS is configured in a multi-tier distributed environment, enter the IP address of the backup SonicWALL GMS server in the Standby Agent IP field. The backup server will automatically manage the SonicWALL appliance in the event of a primary server failure. Any Agent can be configured as the backup. Note If SonicWALL GMS is deployed in a single-server environment, leave this field blank. 0 1 2 3 To add the appliance to Net Monitor, select the Add this unit to Net Monitor checkbox. Click Properties. The Unit Properties dialog box appears. The Unit Properties dialog box displays the category fields to which the SonicWALL appliance belongs. To change any of the values, select a new value from the drop-down list. When you are finished, click OK. You are returned to the Add Unit dialog box. Click OK. It may take up to a minute for the data to load. The SonicWALL Aventail EX-Series appears in the left pane of the SonicWALL GMS interface as a yellow icon, which means the unit has not been acquired by SonicWALL GMS. After the appliance has been acquired, the icon either turns red, indicating that the appliance status is down, or blue, indicating that the appliance status is up. For detailed appliance icon descriptions, refer to the SonicWALL GMS 4.1 Administrator s Guide. 10 SonicWALL GMS Aventail EX-Series Appliance Management

Adding the SonicWALL Aventail SSL VPN Appliance to GMS It may take up to five minutes for the SonicWALL GMS to establish an HTTPS connection and acquire the SonicWALL appliance for management. For SonicWALL GMS appliance acquisition troubleshooting, refer to the SonicWALL GMS 4.1 Administrator s Guide. Your Aventail EX-Series appliance is now ready for management using SonicWALL GMS. Managing Aventail SSL VPN Appliance Settings After a SonicWALL Aventail SSL VPN appliance has been added to SonicWALL GMS, it can be modified or deleted. This section contains the following subsections: Modifying an Aventail SSL VPN Appliance, page 12 Deleting an Aventail SSL VPN Appliance, page 12 SonicWALL GMS Aventail EX-Series Appliance Management 11

Adding the SonicWALL Aventail SSL VPN Appliance to GMS Modifying an Aventail SSL VPN Appliance Click the SSL VPNs tab: In the left pane, right-click the Aventail SSL VPN appliance that you want to modify and select one of the options: Option Rename Unit Modify Unit Add to Net Monitor Import XML Login to Unit Modify Properties Description Allows you to rename the unit. Allows you to change the appliance settings, including the unit display name, and appliance login name and password. Allows you to add the appliance to Net Monitor for real-time monitoring. Allows you to import XML settings. Allows you to select HTTPS management to directly access the appliance. If you select the Enable single sign-on for AMC configuration check box when enabling GMS management in the Aventail Management Console, this feature logs you directly into AMC using the GMS credentials (username GMS ). If SSO is not enabled, this feature takes you to the AMC login screen, where you can log in using your appliance credentials. Allows you to modify the description of the appliance, including company, country and department names. Deleting an Aventail SSL VPN Appliance Click the SSL VPN icon: In the left pane, right-click the Aventail SSL VPN appliance you want to delete and select Delete. An alert will appear to verify the appliance deletion. Click Yes. Note It may take several seconds for the appliance to be deleted. 12 SonicWALL GMS Aventail EX-Series Appliance Management

Accessing Aventail SSL VPN Appliances on the Policies Tab Accessing Aventail SSL VPN Appliances on the Policies Tab To access Aventail SSL VPN appliances on the SonicWALL GMS Policies tab, click the SSL VPN tab at the top of the screen, then select the Policies tab. The Policies tab options are found in the center pane. This section provides instructions for the Aventail SSL VPN options found on the SonicWALL GMS Policies tab: Viewing the Aventail Appliance Status section on page 13 Synchronizing the Aventail Appliance section on page 15 Updating Contact Information section on page 17 Configuring Alerts section on page 18 Viewing the Aventail Appliance Status The General > Status section provides the current status of the Aventail SSL VPN appliance and allows for an instant update of appliance information using the Fetch Information button. SonicWALL GMS Aventail EX-Series Appliance Management 13

Accessing Aventail SSL VPN Appliances on the Policies Tab The General > Status section provides the following appliance information: Aventail SSL VPN Status Item Aventail SSL VPN Model Serial Firmware Version CPU Number of LAN IPs allowed Aventail SSL VPN Status Unit added to SonicWALL GMS on Management Mode Primary Agent Standby Agent Tasks Pending Aventail SSL VPN Information Description The Aventail SSL VPN model number. The Aventail SSL VPN serial number. The Aventail SSL VPN firmware version number. The Aventail SSL VPN CPU information. The number of LAN IPs allowed by the Aventail SSL VPN. The current status of the Aventail SSL VPN appliance: Up, Down or unacquired (by GMS). The date and time the Aventail SSL VPN appliance was added to GMS. The management mode used to access the Aventail SSL VPN, which is HTTPS. Includes the IP address and port of the Aventail appliance. The IP address of the primary GMS Agent. The IP address of the secondary GMS Agent. The number of tasks pending for the Aventail SSL VPN. The up time since last reboot in days, hours, minutes, seconds. Using Fetch Information To update the General > Status section using the Fetch Information button, perform the following tasks: Click Fetch Information. The update scheduler displays. Expand Schedule by clicking the plus button. 14 SonicWALL GMS Aventail EX-Series Appliance Management

Accessing Aventail SSL VPN Appliances on the Policies Tab Step 4 Select the Immediate radio button. Alternatively, you can select the At button and specify a date and time for SonicWALL GMS to perform the update. Click Accept. It may take several seconds for GMS to fetch the appliance information. The latest status will be displayed under General > Status. Synchronizing the Aventail Appliance The General > Tools section provides the following options: Synchronize Now, Synchronize the Appliance with mysonicwall.com. Synchronize Now If a change is made to the SonicWALL Aventail appliance through any means other than through SonicWALL GMS, GMS is notified of the change through the syslog data stream. After the syslog notification is received, SonicWALL GMS schedules a task to synchronize its database with the local change. Auto-synchronization automatically occurs whenever SonicWALL GMS receives a local change notification status syslog message from a SonicWALL appliance. You can also force synchronization at any time for a SonicWALL appliance or a group of SonicWALL appliances. To synchronize SonicWALL GMS with the Aventail SSL VPN appliance, perform the following tasks: In SonicWALL GMS on the Policies tab, select an Aventail SSL VPN appliance in the left pane and then navigate to General > Tools. Click the Synchronize Now button. A confirmation pop-up displays. SonicWALL GMS Aventail EX-Series Appliance Management 15

Accessing Aventail SSL VPN Appliances on the Policies Tab Click OK. The update scheduler displays. Step 4 Expand the Schedule by clicking the plus button. Step 5 Step 6 Select the Immediate radio button. Alternatively, you can select the At button and specify a date and time for SonicWALL GMS to perform the update. Click Accept. It may take several seconds for the Aventail SSL VPN to synchronize. Synchronizing with Mysonicwall.com SonicWALL appliances check their licenses and subscriptions with mysonicwall.com once every 24 hours. Using the Synchronize the Appliance with mysonicwall.com button, you can force the SonicWALL Aventail SSL VPN appliance to synchronize this information with mysonicwall.com immediately. To force synchronization with mysonicwall.com, perform the following steps: In SonicWALL GMS on the Policies tab, select an Aventail SSL VPN appliance in the left pane and then navigate to General > Tools. Click Synchronize the Appliance with mysonicwall.com. A confirmation pop-up displays. Click OK. The update scheduler displays. 16 SonicWALL GMS Aventail EX-Series Appliance Management

Accessing Aventail SSL VPN Appliances on the Policies Tab Step 4 Expand the Schedule by clicking the plus button. Step 5 Step 6 Select the Immediate radio button. Alternatively, you can select the At button and specify a date and time for SonicWALL GMS to perform the update. Click Accept. It may take several seconds for the Aventail SSL VPN to synchronize with mysonicwall.com. Updating Contact Information The General > Info section provides the ability to update the contact information for the Aventail SSL VPN appliance. Figure 1 Policies > General > Info To update the Aventail SSL VPN appliance information, perform the following steps: In SonicWALL GMS on the Policies tab, select an Aventail SSL VPN appliance in the left pane and then navigate to General > Info. Enter the appropriate information for each field. Click Update to update the information, or Reset to clear the form and start over. SonicWALL GMS Aventail EX-Series Appliance Management 17

Accessing Aventail SSL VPN Appliances on the Policies Tab Configuring Alerts The Events > Alerts screen allows you to add, edit, or delete a Unit Status alert for managed Aventail SSL VPN appliances. To configure Alert settings, perform the following steps: Select an Aventail SSL VPN appliance in the left pane, click the Policies tab, and navigate to Events > Alerts. Click Add Alert. The Add Alert page is displayed. Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 0 1 Type a descriptive name for the alert into the Name field. Type a description of the alert into the Description field. To prevent non-administrators from viewing the alert, clear the Visible to Non-Administrators check box. To temporarily disable this alert without deleting it, select the Disable check box. Optionally adjust the Polling Interval value. Select the type of alert in the Alert Type drop-down list. Click Edit Content to select a Threshold for the alert. Click Add Destination to enter the alert destination or schedule. When finished, click UPDATE. 18 SonicWALL GMS Aventail EX-Series Appliance Management

Viewing SonicWALL GMS Aventail SSL VPN Reports Viewing SonicWALL GMS Aventail SSL VPN Reports SonicWALL GMS offers various types of static and dynamic reporting for managed SonicWALL Aventail EX-Series appliances. The reporting feature allows you to customize the way information is reported. As with previous SSL VPN reporting in SonicWALL GMS, you can view your reports in enhanced graphs, create scheduled reports, and search for reports using the search bar tool. See the SonicWALL GMS 4.1 Administrator s Guide for complete information about SSL VPN reporting capabilities. SonicWALL GMS provides status reports and user authentication reports for SonicWALL Aventail EX-Series appliances. See the following sections: Viewing Status Reports, page 19 Viewing Authentication Reports, page 20 Viewing Status Reports Status reports display the amount of time that the SonicWALL Aventail EX-Series appliance has been up and running. Select from the following reports: Viewing the Status Summary Report, page 19 Viewing the Status Over Time Report, page 20 Viewing the Status Summary Report At the global or group level, the Status > Summary report displays the SonicWALL Aventail EX-Series appliance uptime listed by appliance for the selected date. At the unit level, the uptime is displayed by hour for the date. To view the Summary page, perform the following steps: In the SonicWALL GMS management interface, click the Reports tab. Select the global icon, group icon, or an EX-Series appliance. Expand the Status tree and click Summary. The Summary page displays. SonicWALL GMS Aventail EX-Series Appliance Management 19

Viewing SonicWALL GMS Aventail SSL VPN Reports Viewing the Status Over Time Report At the global or group level, the Status > Over Time report displays the SonicWALL Aventail EX-Series appliance uptime listed by date for the group. At the unit level, the uptime is displayed by day for the selected date range. To view the Over Time page, perform the following steps: In the SonicWALL GMS management interface, click the Reports tab. Select the global icon, group icon, or an EX-Series appliance. Expand the Status tree and click Over Time. The Over Time page displays. Viewing Authentication Reports The Authentication reports show user logins and failed login attempts. Authentication reports are available at the unit level. Note All reports appear in the appliance s time zone. Select from the following: Viewing User Login Reports, page 21 Viewing Failed Login Reports, page 21 20 SonicWALL GMS Aventail EX-Series Appliance Management

Viewing SonicWALL GMS Aventail SSL VPN Reports Viewing User Login Reports The user login report shows the user name, source host IP address, and time of login for users that logged on to the SonicWALL Aventail EX-Series appliance during the specified day. To view the User Login report, perform the following steps: In the SonicWALL GMS management interface, click the Reports tab. Select an EX-Series appliance. Expand the Authentication tree and click User Login. The User Login page displays. Step 4 Step 5 Step 6 The table contains the following information: Type equal to User Login User Name the user name Source Host the IP address of the user s computer Time the time that the user logged in Duration the duration of the user login session The GMS Reporting Module shows yesterday s report. To change the date of the report, use the Search Bar and click the Start field to access the drop-down calendar. When you are finished, click Search. The GMS Reporting Module displays the report for the selected date. Viewing Failed Login Reports The failed login report shows failed login attempts for users who attempted to log into the SonicWALL Aventail EX-Series appliance during the specified day. This report is useful for identifying unauthorized access attempts and potentially malicious activity. To view the Failed Login report, perform the following steps: Step 4 In the SonicWALL GMS management interface, click the Reports tab. Select an EX-Series appliance. Expand the Authentication tree and then click Failed Login. The Failed Logins page displays. The table contains the following information: Type equal to Failed Login User Name the user name Source Host the IP address of the user s computer Time the time that the user attempted to log in SonicWALL GMS Aventail EX-Series Appliance Management 21

Using the Aventail SSL VPN Management Interface from SonicWALL GMS Step 5 Step 6 Duration not applicable The GMS Reporting Module shows yesterday s report. To change the date of the report, use the Search Bar and click the Start field to access the drop-down calendar. When you are finished, click Search. The GMS Reporting Module displays the report for the selected date. Using the Aventail SSL VPN Management Interface from SonicWALL GMS The Aventail SSL VPN management interface can be accessed using SonicWALL GMS. This section provides a brief introduction to the Aventail SSL VPN management interface. For detailed configuration tasks related to the Aventail SSL VPN management interface, refer to the SonicWALL Aventail Installation and Administration Guide. Note For direct access to the Aventail Management Console from SonicWALL GMS using the method described below, the Enable single sign-on for AMC configuration checkbox must be selected when GMS management is enabled on the Aventail SSL VPN appliance. If SSO is not enabled, you are prompted to enter your Aventail user name and password in the AMC login screen. For more information, see Enabling GMS on your Aventail EX-Series Appliance, page 7. To log in to your SonicWALL Aventail SSL VPN using SonicWALL GMS, make sure that pop-ups are enabled on your Web browser and perform the following tasks: Log into SonicWALL GMS. Click the SSL VPNs tab:. Step 4 In the left pane, right-click the Aventail SSL VPN to which you want to log in. In the right-click menu, select Login to Unit and then select Using HTTPS. 22 SonicWALL GMS Aventail EX-Series Appliance Management

Using the Aventail SSL VPN Management Interface from SonicWALL GMS Step 5 You may see a security certificate warning. Click Yes to continue. Step 6 The Aventail EX-Series management interface opens in a new browser window. This may take several seconds. You can now manage the Aventail EX-Series Appliance directly from the management interface. For detailed instructions about configuration tasks using the Aventail Management Console, refer to the SonicWALL Aventail EX-Series 9.0.0 Installation and Administration Guide. SonicWALL GMS Aventail EX-Series Appliance Management 23

Using the Aventail SSL VPN Management Interface from SonicWALL GMS Solution Document Version History Version Number Date Notes 1 12/11/2007 This document was created. 2 12/12/2007 Incorporated feedback from QA. 3 12/13/2007 Incorporated Mary s feedback. 4 12/19/2007 Incorporated Ajit s feedback, added Notes that registration and upgrading from GMS are not yet supported. 5 1/18/08 Incorporated Prasad s feedback, remove all references to registration and upgrading from GMS, and add reporting section. PN 232-001351-00 Rev A 24 SonicWALL GMS Aventail EX-Series Appliance Management