I'll preface this question by saying that I have made an effort to research this and I have been learning more about networking etc. as I broaden my IT experience, but VPN configuration still has gray areas for me. Anyway...
We are a small office that has a 2-line bonded ADSL connection with our ISP (static IP). The modem is bridged to our Sonicwall TZ 105 hardware firewall. Off and on I have been trying to figure out how to set up a VPN connection so my boss can access our server remotely. I don't have access to his network hardware (it's going to be just a standard modem from AT&T or Comcast or whoever). What I can do is have him bring in his laptop and install the NetExtender client which should allow him to connect with SSL VPN.
We are all on PCs with Windows 7 Pro, also running AVG 2012 with Windows Firewall turned off (not sure if the software firewalls matter here).
What I Did
I Tried to configure the SSL VPN using this video, pretty much everything I did mimics what this guy does.
User setup:
I set up a user for him (bobdole) and a password.
I made user bobdole a member of the SSLVPN group and Trusted Users group for good measure, as instructed in the video. For VPN Access tab I put LAN Subnets.
Server setup:
Enabled WAN SSL VPN on port 443 using AES 256 SHA1
Set client address range outside of normal DHCP range (assigned by the Sonicwall either way I think) 192.168.168.187-192
Set DNS server 1 and 2 to the same ones we use normally, they point to our ISP DNS servers. Left DNS Domain blank. Left UserDomain as "LocalDomain". No WINS server.
Set up one client route: Lan Primary Subnet (as instructed in the video) which populates as 192.168.168.0/255.255.255.0. This is the only client route.
The Problem and Questions
I installed NetExtender on my workstation, which is inside the LAN that a remote user would be trying to connect to. Should I try from outside the network? I know that will be the application in the end but can I not test accessibility from inside the network?
I cannot connect with NetExtender. No matter what I put in I get:
"Error: The server is not reachable. The server may be down or your internet settings may be down."
The NetExtender login page looks like this after I enter in my information:
- Server: 111.11.11.111:443
- Username: bobdole
- Password: ********
- Domain: LocalDomain
I click "Connect" and the window says "Verifying User" for a few seconds before giving me the error. I don't know where I screwed up or did not put something in correctly, or if it's just the fact that I can't do this from inside the network.
The Server IP I'm using is our public IP, which is a static IP. The username is the one I set up in the Sonicwall, with the password. Should I be entering in something else for the Server IP? Leave port number off? Any help or clarifying questions are appreciated, thank you.