Frequently Asked Questions

This appendix contains frequently asked questions (FAQs) about the Secure Mobile Access (SMA) appliance.

• Hardware FAQ

  1. What are the SMA 500v Virtual Appliance virtualized environment requirements?
  2. Do the SMA appliances have hardware-based SSL acceleration onboard?
  3. What operating system do the SMA appliances run?
  4. Can I put multiple SMA appliances behind a load-balancer?
  5. What are the maximum number of connections allowed on the different SMA appliances?

• Digital Certificates and Certificate Authorities FAQ

  1. What do I do if when I log in to the SMA appliance my browser gives me an error, or if my Java components give me an error?
  2. I get the following message when I log in to my SMA appliance – what do I do?
  3. I get the following message when I log in to my SMA appliance using Firefox– what do I do?
  4. When I launch any of the Java components it gives me an error – what should I do?
  5. Do I have to purchase an SSL certificate?
  6. What format is used for the digital certificates?
  7. Are wild card certificates supported?
  8. What CA’s certificates can I use with the SMA appliance?
  9. Does the SMA appliance support chained certificates?
  10. Any other tips when I purchase the certificate for the SMA appliance?
  11. Can I use certificates generated from a Microsoft Certificate Server?
  12. Why can’t I import my new certificate and private key?
  13. Why do I see the status “pending” after importing a new certificate and private key?
  14. Can I have more than one certificate active if I have multiple virtual hosts?
  15. I imported the CSR into my CA’s online registration site but it’s asking me to tell them what kind of Webserver it’s for. What do I do?
  16. Can I store the key and certificate?
  17. Does the SMA appliance support client-side digital certificates?
  18. When client authentication is required my clients cannot connect even though a CA certificate has been loaded. Why?

• NetExtender FAQ

  1. Does NetExtender work on other operating systems than Windows?
  2. Which versions of Windows does NetExtender support?
  3. Can I block communication between NetExtender clients?
  4. Can NetExtender run as a Windows service?
  5. What range do I use for NetExtender IP client address range?
  6. What do I enter for NetExtender client routes?
  7. What does the ‘Tunnel All Mode’ option do?
  8. Is there any way to see what routes the SMA appliance is sending NetExtender?
  9. After I install the NetExtender is it uninstalled when I leave my session?
  10. How do I get new versions of NetExtender?
  11. How is NetExtender different from a traditional IPSec VPN client, such as SonicWall Inc.’s Global VPN Client (GVC)?
  12. Is NetExtender encrypted?
  13. Is there a way to secure clear text traffic between the SMA appliance and the server?
  14. What is the PPP adapter that is installed when I use the NetExtender?
  15. What are the advantages of using the NetExtender instead of a Proxy Application?
  16. Does performance change when using NetExtender instead of proxy?
  17. The SMA appliance is application dependent; how can I address non-standard applications?
  18. Why is it required that an ActiveX component be installed?
  19. Does NetExtender support desktop security enforcement, such as AV signature file checking, or Windows registry checking?
  20. Does NetExtender work with the 64-bit version of Microsoft Windows?
  21. Does NetExtender work 32-bit and 64-bit version of Microsoft Windows 7?
  22. Does NetExtender support client-side certificates?
  23. My firewall is dropping NetExtender connections from my SonicWall SMA as being spoofs. Why?

• General FAQ

  1. Is the SMA appliance a true reverse proxy?
  2. What browser and version do I need to successfully connect to the SMA appliance?
  3. What needs to be activated on the browser for me to successfully connect to the SMA appliance?
  4. What version of Java do I need?
  5. What operating systems are supported?
  6. Why does the ‘File Shares’ component not recognize my server names?
  7. Does the SMA appliance have an SPI firewall?
  8. Can I access the SMA appliance using HTTP?
  9. What is the most common deployment of the SMA appliances?
  10. Why is it recommended to install the SMA appliance in one-port mode with a SonicWall Inc. security appliance?
  11. Is there an installation scenario where you would use more than one interface or install the appliance in two-port mode?
  12. Can I cascade multiple SMA appliances to support more concurrent connections?
  13. Why can’t I log in to the Secure Mobile Access management interface of the SMA appliance?
  14. Can I create site-to-site VPN tunnels with the SMA appliance?
  15. Can the SonicWall Inc. Global VPN Client (or any other third-party VPN client) connect to the SMA appliance?
  16. Can I connect to the SMA appliance over a modem connection?
  17. What SSL ciphers are supported by the SMA appliance?
  18. Is AES supported in the SMA appliance?
  19. Can I expect similar performance (speed, latency, and throughput) as my IPSec VPN?
  20. Is Two-factor authentication (RSA SecurID, etc) supported?
  21. Does the SMA appliance support VoIP?
  22. Is Syslog supported?
  23. Does NetExtender support multicast?
  24. Are SNMP and Syslog supported?
  25. Does the SMA appliance have a Command Line Interface (CLI)?
  26. Can I Telnet or SSH into the SMA appliance?
  27. What does the Web cache cleaner do?
  28. Why didn’t the Web cache cleaner work when I exited the Web browser?
  29. What does the ‘encrypt settings file’ check box do?
  30. What does the ‘store settings’ button do?
  31. What does the ‘create backup’ button do?
  32. What is ‘SafeMode’?
  33. How do I access the SafeMode menu?
  34. Can I change the colors of the portal pages?
  35. What authentication methods are supported?
  36. I configured my SMA appliance to use Active Directory as the authentication method, but it fails with a very strange error message. Why?
  37. I created a FTP bookmark, but when I access it, the filenames are garbled – why?
  38. Where can I get a VNC client?
  39. Does the SMA appliance support printer mapping?
  40. Can I integrate the SMA appliance with wireless?
  41. Can I manage the appliance on any interface IP address of the SMA appliance?
  42. Can I allow only certain Active Directory users access to log in to the SMA appliance?
  43. Does the HTTP(S) proxy support the full version of Outlook Web Access (OWA Premium)?
  44. Why are my RDP sessions dropping frequently?
  45. Can I create my own services for bookmarks rather than the services provided in the bookmarks section?
  46. Why can’t I see all the servers on my network with the File Shares component?
  47. What port is the SMA appliance using for the Radius traffic?
  48. Do the SMA appliances support the ability for the same user account to login simultaneously?
  49. Does the SMA appliance support NT LAN Manager (NTLM) Authentication?
  50. I cannot connect to a web server when Windows Authentication is enabled. I get the following error message when I try that: ‘It appears that the target web server is using an unsupported HTTP(S) authentication scheme through the SMA that currently supports only basic and digest authentication schemes. Contact the administrator for further assistance.’ - why?
  51. Why do Java Services, such as Telnet or SSH, not work through a proxy server?
  52. There is no port option for the service bookmarks – what if these are on a different port than the default?
  53. There is no port option for the service bookmarks – what if these are on a different port than the default?
  54. What if I want a bookmark to point to a directory on a Web server?
  55. When I access Microsoft Telnet Server using a telnet bookmark it does not allow me to enter a user name -- why?
  56. What versions of Citrix are supported?
  57. What applications are supported using Application Offloading?
  58. Is SSHv2 supported?
  59. Should I create a Global Deny ALL policy?