SonicWALL SSL-VPN 200 1024-Bit Workaround

| Monday, January 6th, 2014 | 4 Comments »

It’s the new year with new problems! But alas, there are always solutions. (to most problems)

Dell SonicWALL along with many other browsers and vendors are supporting the stronger 2048-Bit encryption standard for data transactions.

This means older devices (older firmware) that only support 1024-Bit are having issues.

Specifically the SSL-VPN 200, I’ve found that these devices become completely unresponsive and accessing the device takes a VERY long time.
The issue is that no matter what version firmware SSL-VPN 200 you’re on, it’s still too old!

You will see in the log status that is is having issues connecting to the license manager and to check the CERT or TIME.

The work around is to modify your SSL-VPN 200 with these three very simple EASY steps.

1) Network –> Host Resolution. Add the hostname “licensemanager.sonicwall.com” along with IP address: 204.212.170.35

KBID10704-HostResolution

 

 

2) Create this custom certificate file. Save it as: SonicWALLFirewallDPI-SSL.pem (with .pem extension).

 

—–BEGIN CERTIFICATE—–
MIIC6zCCAlSgAwIBAgIJAMCocw7Ocp2/MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJDQTEXMBUGA1UEChMOU29uaWNXQUxMIEluYy4xIzAh
BgNVBAMTGlNvbmljV0FMTCBGaXJld2FsbCBEUEktU1NMMB4XDTA5MDMwOTIxMzky
MFoXDTI5MDMwNDIxMzkyMFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRcw
FQYDVQQKEw5Tb25pY1dBTEwgSW5jLjEjMCEGA1UEAxMaU29uaWNXQUxMIEZpcmV3
YWxsIERQSS1TU0wwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM9Sr0ViM9Uf
QDPE1110vQpZkbBMJdUWTGcomx8lk/8je38O+GjrS1zEbww7JJ9GEM8PYnPxN9pA
mChtSNy5bviQdNqXfAMhSxRHICg4lFcsa95bzoRm1UzD09jXqsJQO8BR6bmLE+XZ
YnA/QF+W7ain589WkCS3ER9gptwuw683AgMBAAGjgbwwgbkwHQYDVR0OBBYEFFdA
z3naeZEhRpUg4MfD2Dg93nmoMIGJBgNVHSMEgYEwf4AUV0DPedp5kSFGlSDgx8PY
OD3eeaihXKRaMFgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEXMBUGA1UEChMO
U29uaWNXQUxMIEluYy4xIzAhBgNVBAMTGlNvbmljV0FMTCBGaXJld2FsbCBEUEkt
U1NMggkAwKhzDs5ynb8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCm
kgRiH8A1r6in0u3iAqFBuiNDdkqefVOZAULEplx00/kETR5m3IOurG+pKln4SmNp
lZgxA6/ldr+wPgXQD72mbXUHDLIaSernjMhNC1MxhVGiXTGLyYL2ULv52mk8EIzY
Qxk7DWfLJqCuUyZ59+spkQu40uTZX14Dc/uM142bJg==
—–END CERTIFICATE—–

 

Make sure you do not have any white spaces.

 

 

3) Import the file and reboot your SSL-VPN!

 

SYSTEM –> STATUS –> CERTIFICATES

Additional CA Certicates

 

sonicwall-ssl-import

 

 

Hope this helps! Good luck!

 

Share
  • http://www.amcsquare.in/ Amc square learning

    These tips are really very helping. Thanks for this info.

  • brandontek

    Glad you found this helpful!

  • Derya

    I know this is a 2 year old thread but I’ve tried to use the procedure you’ve outlined here and it won’t accept the pem file and says it is greater than 1024 bit and isn’t supported.

    Also, I’m running firmware version SonicOS SSL-VPN 3.5.0.2-7sv. Sonicwall/Dell no longer supports the SSL-VPN 200 and I can’t get a newer version of the firmware from them than this on my old subscription. Is there anywhere I can grab the last version that was made available before end of life for the product?

    Thanks in advance on both counts.

  • brandontek

    Hi Derya:

    Unfortunately I think this is the end of the road for the SSL VPN 200. The workaround I believe is the best one can do short of upgrading to the newer SRA/SMB appliances.