Secure Mobile Access 12.4 Deployment Guide
- Secure Mobile Access
- About this Guide
- About SonicWall Secure Mobile Access
- Planning Your VPN
- Common VPN Configurations
- About the Configurations
- Deployment Scenario: Remote Access for Employees and Partners
- Customizing WorkPlace
- Testing the Deployment Scenario
- Other Remote Access VPN Scenarios
- Additional Partner VPN Scenarios
- End Point Control Scenarios
- Access Policy Scenarios
- Application-Specific Scenarios
- Authentication Scenarios
- Access Component Provisioning
- SonicWall Support
Deployment Scenario: Remote Access for Employees and Partners
To better understand how to deploy a remote access VPN, go through the steps in this section to set up relatively open access for employees, and more restricted remote access for a less trusted group, partners. The assumption in this scenario is that you have Advanced EPC, which is included in an evaluation license and with the SMA 6200, SMA 6210, SMA 7200, SMA 7210, and SMA 8200v appliances, and is otherwise licensed separately.
First, we’ll lay the foundation for this sample VPN, configuring the items that you’ll make use of later when you set up access for the two communities; refer to the following table.
VPN Building Blocks | Description |
Create an authentication realm |
Set up a Microsoft Active Directory (AD) authentication server. |
Identify users |
Add a few test users with names that match ones on your AD server. For this test scenario, we will identify two of them as employees, and two of them as partners. See Identifying Users. |
End Point Control | Create two Standard zones of trust: a trusted one for members of the Employees community, and a less trusted one for Partners. Also, create a quarantine zone for devices that don’t fit into either community. |
Create WorkPlace styles and layouts |
Change how WorkPlace looks on a per-community basis. Though optional, this produces a more polished and customized look. We will modify the default style and layout and use it for the employees community, and then create a different look for the partner community. See Customizing WorkPlace. |
The next step is to put it all together, using the VPN building blocks you created, and configure two communities, an employee community and a partner community. The steps for configuring either community are the same:
Setting Up Communities | Description |
Members | Identify the members for each community. |
Access methods | Define what access methods are available. |
End Point Control |
Create zones of trust: a trusted one for members of the Employees community, and a less trusted one for Partners. |
WorkPlace appearance | Use different WorkPlace styles and layouts for the two communities. |
Access control rule |
Create rules for what resources can be accessed by which users. See Access Control Lists. |
Throughout these procedures, remember to click Pending Changes in the upper-right corner in AMC, and then click Apply Changes to save your configuration changes.
Was This Article Helpful?
Help us to improve our support portal