Secure Remote Access SonicWALL SRA SSL VPN 5. 5.0software.sonicwall.com/.../232-000657-00_Rev_A_SRA... · P/N 232-000657-00 Rev A 5 . Important Differences between the SRA Virtual

SonicWALL SRA SSL VPN 5.5.0.6 Release Notes P/N 232-000657-00 Rev A

Secure Remote Access SonicWALL SRA SSL VPN 5.5.0.6

Contents Platform Compatibility ................................................................................................................................................... 1 Known Issues ................................................................................................................................................................ 2 Resolved Issues ............................................................................................................................................................ 3 Licensing on the SonicWALL SRA 4200/1200 and Virtual Appliance ........................................................................... 4 Important Differences between the SRA Virtual Appliance and SRA 4200/1200 ........................................................ 5 Feature Enhancements in SRA SSL VPN 5.5 .............................................................................................................. 7 Upgrading SRA SSL VPN Firmware ........................................................................................................................... 22 Related Technical Documentation .............................................................................................................................. 24

Platform Compatibility The SonicWALL SRA SSL VPN 5.5.0.6 release is supported on the following platforms:

• SonicWALL SRA 4200 • SonicWALL SRA 1200 • SonicWALL SRA Virtual Appliance


2

Known Issues The following are known issues in the SRA SSL VPN 5.5.0.6 release:

FTP Symptom Condition / Workaround Issue Files with size greater than 3GB cannot be uploaded via FTP.

Occurs when using FTP to upload files that are greater than 3GB. Workaround: Use compression software to split the file in to multiple files that are smaller than 3GB, and then upload via FTP.

91986

Java Clients Symptom Condition / Workaround Issue After clicking an RDP-Java bookmark and logging in, the welcome screen stops responding and the RDP session is not established.

Occurs when using Microsoft Terminal Services Session Broker with a TS server farm, and logging into the TS farm by using an RDP-Java bookmark and then being redirected to a different server in the TS farm. TS Session Broker can cause the redirection to a server on which the user had a previous session. After the redirection occurs, the RDP session is not established. Workaround: Log in again via the bookmark after the first attempt is redirected and stops responding.

109486

Java client experiences “Print Redirect” error messages.

Occurs when establishing Java Remote Desktop (RDP) sessions on a 64-bit operating systems (OS) using a 32-bit browser. Workaround: Use 32-bit OS with 32-bit browser or 64-bit OS with 64-bit browser.

92481


3

Resolved Issues The following issues are resolved in the SRA SSL VPN 5.5.0.6 release:

High Availability Symptom Condition / Workaround Issue In certain situations, connections to the SRA High Availability pair do not work from zones other than the one matching the zone of the HA pair.

Occurs when the SRA HA pair is deployed in the DMZ zone of a firewall, and the HA primary unit is powered down, causing a failover, and then powered up again. Connections coming from the LAN or WAN zones of the firewall will then be unable to access the SRA HA pair, while those from the firewall DMZ can still connect.

105372

Java Clients Symptom Condition / Workaround Issue RDP-Java bookmarks are unreliable on Safari 5.1. The RDP client sometimes does not launch, and sometimes closes after launching, requiring reconnection.

Occurs when a user on a Mac OS X 10.6.8 machine launches an RDP-Java bookmark from a Safari 5.1 browser.

106456

Virtual Assist Symptom Condition / Workaround Issue Virtual Assist allows the customer to enter the queue, but stops responding when service is initiated.

Occurs when the customer is using a Mac system running OS X 10.7 (Lion).

105558

The following issue was resolved in the SRA SSL VPN 5.5.0.1 release:

Symptom Condition / Workaround Issue A DoS Vulnerability with HTTP Range Header attack is reported as possible.

Occurs when running a script that launches a Denial of Service attack for an application offloaded portal for which SSL is disabled in the SRA appliance.

106680


4

Licensing on the SonicWALL SRA 4200/1200 and Virtual Appliance The SRA SSL VPN 5.5 firmware provides user based licensing on the SonicWALL SRA 4200/1200 appliances and the Virtual Appliance.

The SRA platforms come with the following user licenses, with additional user session denominations as follows:

• SRA 4200 comes with a 25-user license and extra licenses can be added in 10, 25, and 100 user denominations, up to a maximum of 500 concurrent user sessions.

• SRA 1200 comes with a 5-user license and extra licenses can be added in 5 and 10 user denominations, up to a maximum of 50 concurrent user sessions.

• SRA VMA comes with a 5-user license and extra licenses can be added in 5, 10, and 25 user denominations, up to a maximum of 50 concurrent user sessions.

Licensing is controlled by the SonicWALL license manager service. Customers can add licenses through their MySonicWALL accounts at mysonicwall.com. Unregistered units support the default license allotment for their model, but the unit must be registered in order to activate additional licenses.

License status is displayed in the SSL VPN management interface, on the Licenses & Registration section on the System > Status page. The Tech Support Report, generated on the System > Diagnostics page, displays the total licenses and active user licenses currently available on the appliance.

If a user attempts to log in to the Virtual Office portal and there are no more user licenses available, the login page will display the error, “No more User Licenses available. Please contact your administrator.” The same error is displayed if a user launches the NetExtender client when all user licenses are in use. These login attempts are logged with a similar message in the log entries, displayed on the Log > View page.

To activate licensing for your appliance, perform the following steps: 1. Login as admin, and navigate to the System > Licenses page.

2. Click the Activate, Upgrade, or Renew services. hyperlink. The License Management page is displayed.

3. Type your MySonicWALL account credentials into the fields to log in to MySonicWALL. This must be the account to which the appliance is, or will be, registered.

If the serial number is already registered through the MySonicWALL Web site, you will still need to log in to get the license information updated on the appliance itself.

NOTE: For the SRA 4200 or 1200 appliance, MySonicWALL automatically retrieves the serial number and authentication code. For the virtual appliance, you will need to enter this information:

• Type the serial number of the virtual appliance into the Serial Number field. The serial number and authentication code are provided when the software is purchased.

• Type the authentication code into the Authentication Code field.

4. Type a descriptive name for the appliance or virtual appliance into the Friendly Name field, and then click Submit.

5. Click Continue after the registration confirmation is displayed.

6. Optional, upgrade or activate licenses to other services displayed on the System > Licenses page.

7. After activation, view the System > Licenses page to see a cached version of the active licenses.


5

Important Differences between the SRA Virtual Appliance and SRA 4200/1200 All of the major features of the SonicWALL SRA 4200 and SRA 1200 appliances are supported, including the Virtual Office, NetExtender, Virtual Assist, Virtual Access, Application Offloading, and Web Application Firewall.

Important differences are as follows:

System > Status Page The SRA Virtual Appliance by default does not have a serial number. You need to purchase the serial number and submit it when registering the appliance. During registration the serial number and other data will updated accordingly.

System > Settings Page The SRA Virtual Appliance does not have a ROM image or any of the SafeMode features found on the SRA 4200/1200. The exporting/importing of setting paths works as expected, and the importing of settings from SRA 4200/1200 appliances into the SRA Virtual Appliance is supported. NOTE: If you do not see the Upload New Firmware button, you must deploy a new OVA file to upgrade.


6

You would see the Upload New Firmware screen if the functionality exists.

Portals > Portals Generic (SSL Offloading) is supported for the SRA 4200 on the Add Portal > Offloading tab.

Web Application Firewall > Rules Application Profiling is supported on the SRA Virtual Appliance and SRA 4200, but not on the SRA 1200.


7

Feature Enhancements in SRA SSL VPN 5.5 The following enhancements and new features were introduced in the SRA SSL VPN 5.5 release:

Virtual Assist Enhancements ......................................................................................................................................... 7 High Availability Enhancements .................................................................................................................................... 7 Web Application Firewall ............................................................................................................................................... 8 Reverse Proxy Performance Enhancements .............................................................................................................. 18 RADIUS Two Factor Authentication ............................................................................................................................ 18 Spike Licensing ........................................................................................................................................................... 19 ActiveSync Support for Android .................................................................................................................................. 19 Support for LDAP-Based Administrators ..................................................................................................................... 19

Virtual Assist Enhancements Virtual Assist is a remote support tool that allows a technician to service a customer by controlling the PC from virtually anywhere in the world. The enhancements are supported on the SRA 1200, SRA 4200 and Virtual Appliance platforms.

Mac Stand Alone Client Mac support is enhanced with a new Stand Alone Client that may be installed on Macintosh systems. The new client also allows for several features such as View Only mode, Re-queue, text chat, and more. The enhanced support is only for Customer role. Technician role is not supported at this time.

Linux Stand Alone Client Support Basic customer support for Virtual Assist has been added to the Linux platform and should work for most Linux operating system. The support is only for Customer role. Technician role is not supported at this time.

User Account Switching This enhancement allows switching of the currently logged in user on the customer machine. For cases where the customer requests help on a limited account the technician will be able to switch to an admin account or to another user as desired.

Customer Usability Enhancements Additional enhancements and changes based off feedback to be implemented as follows. Invite interface changes – after inviting customer better display and feedback to the technician. Shortcut for Run – shortcut for technician to execute the ‘Run’ command on customer Windows systems Shorter URL for invited customers – more user-friendly invites mail message and URL.

High Availability Enhancements High Availability allows two identical SRA 4200 appliances to provide a reliable, continuous connection to the public Internet. High Availability has the following enhancements:

• Synchronization of firmware image between units in the HA pair • LAN and WAN connection monitoring • Interface and path monitoring


8

Web Application Firewall The following Web Application Firewall (WAF) enhancements are provided in the SRA SSL VPN 5.5 release:

Data Leakage Protection for Credit Cards and SSN ..................................................................................................... 8 Improved PCI Compliance via Cookie Tampering Protection ....................................................................................... 8 Global WAF Statistics .................................................................................................................................................... 8 WAF Application Profiling .............................................................................................................................................. 9 User Interface Enhancements for WAF Monitoring ..................................................................................................... 11 Improved PCI Reporting .............................................................................................................................................. 12 Rate Limiting for Custom Rules ................................................................................................................................... 14 Monitoring Reports ...................................................................................................................................................... 15

Data Leakage Protection for Credit Cards and SSN Credit Card and Social Security Number (SSN) protection ensures that sensitive information, such as credit card numbers and SSNs are not leaked within Web pages. Once such leakage is detected, the admin can choose to mask these numbers, present a configurable error page, or log the event.

Improved PCI Compliance via Cookie Tampering Protection Cookie Tampering Protection is an important item in the Payment Card Industry (PCI) requirements and part of the WAF evaluation criteria that offers strict security for Cookies set by the backend Web servers. Various techniques such as Cookie tracking, encryption and appending HTTPOnly and Secure attributes to Cookies are used to prevent Cookie tampering and potential Cross-Site Scripting attacks.

Global WAF Statistics Two tabs, Local and Global, are now available on the Web Application Firewall > Monitoring page. On the Local tab, statistics and information about the current appliance are displayed. On the Global tab, global Web Application Firewall statistics and information are displayed.

You can select one of the following time ranges from the Monitoring Period drop-down list to display the associated data in the Over Time and Top 10 Threats Detected & Prevented graphs:

• Last 12 Hours • Last 14 Days • Last 21 Days • Last 6 Months (default)

A Download Report button allows you to generate a PDF report with the displayed data. Clicking the Refresh button updates the graphs.


9

To see more details about a detected threat, hover your mouse pointer over the threat name in the Top 10 Threats graph. The local signature database on the appliance is accessed to get detailed threat information, but if local signatures are not up to date, the details for some threats may not be available. In this case, the graph displays the bar for that threat in a light grey color, and in the pop-up box for the threat details, its Severity is displayed as unknown.

The following message is also displayed below the graphs:

Warning: Web Application Firewall Signature Database for this device is not current. Please synchronize the Database from the Web Application Firewall > Status page.

WAF Application Profiling Application Profiling is now available on the Web Application Firewall > Rules page. Application Profiling allows the admin to generate WAF Rules automatically, based on a set of inputs from Trusted users. The SRA device is placed in “Learning mode” for a selected application by clicking on the Begin Profiling button. This turns the LED green and the button’s label changes to End Profiling.

You can select the content types to profile. Content of type HTML/XML is selected by default because it typically covers the more sensitive web transactions and is therefore the most important from a security standpoint. The All checkbox selects all content types such as images, HTML, and CSS.


10

The Profile for an application can be deleted by clicking the Delete Profile button.

During profiling, the Trusted users log in and access the site as usual. The SRA records inputs, storing them as URL Profiles. The URL Profile tree structure is displayed on the Web Application Firewall > Rules page under the Application Profiling section.

Only the URLs presented as hyperlinks (underlined, in blue) are accessible URLs on the backend server. Others turn red when the mouse pointer hovers over them.

The Expand button expends all URLs at that level.

The admin can click on the hyperlink to edit the “learned” values for the URL if the values are not accurate. The admin can then generate Rules using the modified URL Profile.


11

The SRA learns the following HTTP Parameters:

• HTTP Request Methods

• Response Status Code

• Post Payload Size – The Post Payload Size is estimated by “learning” the value in the “Content-Length” header. However, the max size is not set to this exact value. Instead, it is set to the next higher power of two. This is based on a guess that the backend application may have allocated at least that much memory to hold the posted content. For example, if the Content Length is 65, the next power of two greater than 65 is 128. This will be the limit configured in the URL Profile. If the admin determines that the guess is not accurate enough, the admin can modify the value appropriately.

• GET/POST Parameters – These are the list of Parameters that a particular URL can accept.

The admin can generate Rules from the URL Profiles by clicking on the Generate Rules button. If a URL Profile has been modified, the generated Rules incorporate the changes. The admin can set a default action for all of the generated Rule Chains. If a Rule Chain has already been generated from a URL Profile in the past, the Rule Chain will be overwritten only if the Overwrite duplicate Rule Chains checkbox is selected. If this checkbox is not selected, duplicate Rule Chains will result in an error and no Rule Chain will be created.

If Rule Chains are successfully generated, the status bar will indicate how many Rule Chains were generated, including the ones that were overwritten.

You can delete a Rule Chain by selecting its checkbox, and then clicking the Delete Selected Rule Chains button. The generated Rule Chains are selected by default to make the bulk deletion process easier.

User Interface Enhancements for WAF Monitoring The following UI enhancements have been made on the WAF > Monitoring page:

• Mouse-over WAF signature IDs on the graphs displays the threat details.


12

• When the Signature is selected for the Perspective, the Top 10 Threats Detected & Prevented graph displays the threat names instead of the threat IDs.

Improved PCI Reporting PCI DSS 6.5 (Version 2.0) and PCI DSS 6.6 (Version 1.2) are supported in PCI reporting. The user must configure WAF to satisfy these PCI requirements.

The mapping between the PCI 6.5/6.6 requirements and WAF features can be found in the Excel file: PCI Mapping.

Users can download the PCI report file from the Web Application Firewall > Status page.

The Final Report file is comprised of the following parts:


13

In the Cover section, the following information is displayed:

• The model, serial number, and firmware version of the appliance.

• The name of the user who downloaded the report.

• The time that the report was generated.

For example:

In the other parts of this report, two tables are dynamically generated to tell users the status of each PCI requirement. The format of the table is as follows:

Column Description

PCI DSS 6.5 Requirements

Presents the description of each PCI requirement

Status Indicates the status of each PCI requirement under current WAF settings. There are four possible values for this column, and each value has a different color.

• Satisfied (Green) • Partially Satisfied (Orange) • Unsatisfied (Red) • Unable to determine (Black)

Comments Describes each PCI requirement, why its status is partially satisfied, unsatisfied, or unable to determine. If the status is satisfied, there are no comments. For details of the comments, check the file: PCI Mapping.xls


14

Rate Limiting for Custom Rules It is now possible to track the rate at which a Custom Rule is being matched. This is extremely useful to block dictionary attacks. The action for the Rule Chain is active only if the Rule Chain is matched as many times as specified in the Max Allowed Hits field.

Once a Rule Chain is matched, WAF keeps an internal counter to track how many times the Rule Chain is matched. If the Rule Chain is not matched for the number of seconds specified in the Reset Hit Counter Period field, then the counter is reset to 0.

Rate limiting can be enforced per Remote Address or per user session or both. The Track Per Remote Address checkbox enables rate limiting based on remote IP. The Track Per Session checkbox enables rate limiting based on the user’s browser session. This is done by setting a cookie for each browser session. Tracking by user session is not as effective as tracking by remote IP if the hacker initiates a new user session for each attack.

NOTE: The Tracking Per Remote Address checkbox uses the remote address as seen by the SRA. So, if two different clients sit behind a firewall that uses NAT, they may both effectively send packets with the same source IP.


15

Monitoring Reports The graphs and text listed in the Web Application Firewall > Monitoring page can be saved as a PDF report by clicking the Download Report button.

When finished, a Download button is displayed.

Users can download the PDF report by clicking Get Report. The PDF report contains sections titled Cover, Web Server, and WAF Threats. The Cover section contains the following information: • The model, serial number, and firmware version of the appliance. • The name of the user who downloaded the report. • The time that the report was generated. The Web Server section contains two graphs of the Web server status: • Requests • Traffic


16

The WAF Threats Detected & Prevented section contents depend on which monitoring period is chosen:

• If All in Lists is chosen, threats listed in a table are contained in this section. The All In Lists option is only available when the Local tab is selected on the Web Application Firewall > Monitoring page.


17

• If Last 12 Hours/Last 14 Days/Last 21 Days/Last 6 Months is chosen, two graphs are contained in the WAF Threats Detected & Prevented section.

For Internet Explorer users, Adobe Flash Player version 10.0 or higher is required.


18

Reverse Proxy Performance Enhancements Significant improvements in the transactions per second (TPS) and throughput were incorporated in the SSL VPN 5.5 release. These improvements help to achieve better performance for URL rewriting, Application Offloading, and WAF.

RADIUS Two Factor Authentication Two Factor Authentication is now supported for RADIUS when using another RADIUS server as the secondary authentication server. With this enhancement, users can be authenticated through the Web portal or an SSL VPN client, such as NetExtender or Virtual Assist.

After the user’s initial credentials are verified, the user is prompted to enter a second stage password to complete the login process. The second stage password can be provided to the user through an SMS message or email, depending on the implementation and configuration of the RADIUS server. Multiple PINs or passcodes are supported for more than one extra challenge.

A NetExtender Windows client login example with two extra challenges is shown below:


19

Spike Licensing A Spike License increases the allowed user count when more users than normal access the network remotely over SSL VPN, such as in the event of a disaster or other business disruption.

An Automatic Spike license will automatically apply the license if enabled and conditions for a Spike are met.

ActiveSync Support for Android ActiveSync for Android can now be achieved through Application Offloading. Previously, SonicWALL SRA SSL VPN supported ActiveSync for Windows Mobile 6.0 and 6.5, iPhone and iPad. With the SRA SSL VPN 5.5 release, ActiveSync is supported on Android phones (running Ginger Bread or later) as well.

Support for LDAP-Based Administrators This feature provides the ability to support multiple administrators using domains that use LDAP. This feature allows the password for multiple admins to be stored on a LDAP based directory rather than on the appliance.

The SRA admin can configure a domain on the Portals > Domains > Add Domain page that allows all users logging in to that domain to have SRA Admin access.

To create Active Directory or LDAP users, perform the following steps:

1. Create/Edit an Active Directory or LDAP domain, and then name it accordingly.


20

2. Ensure that the Admin Domain option is selected.

3. Save the domain. It is recommended to add filters for administrator access.

4. Navigate to the User > Local Groups page.

5. Edit the Domain.

• For an Active Directory domain, click the AD Groups tab, and click the Add Group button. For an LDAP domain, click the General tab and enter in the proper LDAP Attribute to filter, such as “memberOf=”CN=Domain Admins,CN=Users,DC=test”.

• For Active Directory, type in the login information and the group you wish to allow access.


21

6. Repeat if more groups are desired.

Those groups listed in the Domain will have SRA admin rights when logging in to the appliance through the created domain.


22

Upgrading SRA SSL VPN Firmware The following procedures are for upgrading an existing SRA SSL VPN firmware image or Virtual Appliance software image to a newer version: Obtaining the Latest SRA SSL VPN Image Version ................................................................................................... 22 Exporting a Copy of Your Configuration Settings ........................................................................................................ 22 Uploading a New SRA SSL VPN Image ..................................................................................................................... 22 Resetting the SonicWALL SRA 4200 Using SafeMode .............................................................................................. 23

Obtaining the Latest SRA SSL VPN Image Version

1. To obtain a new SRA SSL VPN image file for your SonicWALL security appliance, connect to your mysonicwall.com account at http://www.mysonicwall.com.

Note: If you have already registered your SonicWALL SSL VPN appliance, and you selected Notify me when new firmware is available on the System > Settings page, you are automatically notified of any updates available for your model.

2. Copy the new SRA SSL VPN image file to a directory on your management station.

For the SRA 4200 or 1200 appliance, this is a file such as one of the following: sw_sslvpnsra4200_eng_5.5.0.6_5.5.0_p_21sv_413963.sig sw_sslvpnsra1200_eng_5.5.0.6_5.5.0_p_21sv_413963.sig

For the Virtual Appliance, this is a file such as: sw_sslvpnsra-vm_eng_5.5.0.6_5.5.0_p_21sv_413963.sig

Exporting a Copy of Your Configuration Settings Before beginning the update process, export a copy of your SonicWALL SSL VPN appliance configuration settings to your local machine. The Export Settings feature saves a copy of your current configuration settings on your SonicWALL SSL VPN appliance, protecting all your existing settings in the event that it becomes necessary to return to a previous configuration state.

Perform the following procedures to save a copy of your configuration settings and export them to a file on your local management station:

Click the Export Settings . . . button on the System > Settings page and save the settings file to your local machine. The default settings file is named sslvpnSettings.zip.

Tip: To easily restore settings, rename the .zip file to include the version of the SonicWALL SSL VPN image from which you are exporting the settings.

Uploading a New SRA SSL VPN Image Note: SonicWALL SSL VPN appliances do not support downgrading an image and using the configuration settings file from a higher version. If you are downgrading to a previous version of a SRA SSL VPN image, you must select Uploaded Firmware with Factory Defaults – New! . You can then import a settings file saved from the previous version or reconfigure manually.

1. Download the SRA SSL VPN image file from http://www.mysonicwall.com, saving it to a location on your local computer.

2. Select Upload New Firmware from the System > Settings page. Browse to the location where you saved the SRA SSL VPN image file, select the file, and click the Upload button. The upload process can take up to one minute.

http://www.mysonicwall.com/

http://www.mysonicwall.com/


23

When the upload is complete, you are ready to reboot your SonicWALL SSL VPN appliance with the new SRA SSL VPN image. Do one of the following:

• To reboot the image with current preference, click the boot icon for the following entry: Uploaded Firmware – New!

• To reboot the image with factory default settings, click the boot icon for the following entry: Uploaded Firmware with Factory Defaults – New!

Note: Be sure to save a backup of your current configuration settings to your local machine before rebooting the SonicWALL SSL VPN appliance with factory default settings, as described in the previous “Saving a Backup Copy of Your Configuration Settings” section.

3. A warning message dialog is displayed saying Are you sure you wish to boot this firmware? Click OK to proceed. After clicking OK, wait for the image to upload to the flash memory.

WARNING: Do not power off the device at this time.

4. After successfully uploading the image to your SonicWALL SSL VPN appliance, the login screen is displayed. The updated image information is displayed on the System > Settings page.

Resetting the SonicWALL SRA 4200/1200 Using SafeMode

If you are unable to connect to the SonicWALL security appliance’s management interface, you can restart the SonicWALL security appliance in SafeMode. The SafeMode feature allows you to quickly recover from uncertain configuration states with a simplified management interface that includes the same settings available on the System > Settings page.

To reset the SonicWALL security appliance, perform the following steps:

1. Connect your management station to a LAN port on the SonicWALL security appliance and configure your management station IP address with an address on the 192.168.200.0/24 subnet, such as 192.168.200.20.

Note: The SonicWALL security appliance can also respond to the last configured LAN IP address in SafeMode. This is useful for remote management recovery or hands off recovery in a data center.

2. Use a narrow, straight object, like a straightened paper clip or a pen tip, to press and hold the reset button on the security appliance for five to ten seconds. The reset button is on the front panel in a small hole to the right of the USB connectors.

Tip: If this procedure does not work while the power is on, turn the unit off and on while holding the reset button until the Test light starts blinking.

The Test light starts blinking when the SonicWALL security appliance has rebooted into SafeMode.

3. Connect to the management interface by pointing the Web browser on your management station to http://192.168.200.1. The SafeMode management interface displays.

4. Try rebooting the SonicWALL security appliance with your current settings. Click the boot icon in the same line with Current Firmware.

5. After the SonicWALL security appliance has rebooted, try to open the management interface again. If you still cannot open the management interface, use the reset button to restart the appliance in SafeMode again. In SafeMode, restart the SRA SSL VPN image with the factory default settings. Click the boot icon in the same line with Current Firmware with Factory Default Settings.


24

Related Technical Documentation This section contains a list of technical documentation available on the SonicWALL Technical Documentation Online Library located at:

http://www.sonicwall.com/us/Support.html

Information about SRA SSL VPN can be found in the many reference guides available on the Web site, including the following:

• SonicWALL SRA SSL VPN 5.5 Administrator’s Guide • SonicWALL SSL VPN 5.5 User’s Guide • SonicWALL SRA 1200/4200 Getting Started Guide • SonicWALL SRA Virtual Appliance Getting Started Guide • SonicWALL SRA 5.5 Web Application Firewall Feature Module

Last updated: 11/22/2011

http://www.sonicwall.com/us/Support.html

Documents

Secure Remote Access SonicWALL SRA SSL VPN 5. 5.0software.sonicwall.com/.../232-000657-00_Rev_A_SRA... · P/N 232-000657-00 Rev A 5 . Important Differences between the SRA Virtual