Hello,
I am just wondering if Sonicwall has stopped supporting the Global VPN Client since the latest version seems to be 4.10.8.1108 from Dec 16, 2022 ?
I have a NSA 2700 firewall and I am using Global VPN Client to connect to the network from other places. Is this the right way? I see that NetExtender is still being updated with new versions, has this taken over or what?
I would suspect as it’s working properly they haven’t needed to update it? IPsec is pretty rock solid?
I was curious about it as well, but honestly, the client just works, and it works well.
I wish it had stand-alone OTP similar to netextender, but other than that, it works well.
I’ll see if I can find an article later. I looked into this about 8-10 months ago, because I was having issues with SSLVPN. A support tech did tell me they aren’t developing global VPN anymore on the phone, and sent the article to me, I’m fairly positive I still have it in my work email. The article did read that global vpn is no longer in development, as they’re working on stability and improvements with SSLVPN
I think the other factor to it, is that the service is pretty solid to begin with, but it does lack features compared to others.
I configured three developers on the global protect when they were having issues with SSLVPN, and haven’t heard a peep from them since doing that.
We moved off sonicwalls not too long ago, but I figured I’d chime in my experience about it.
I’m not sure. But maybe there is a newer version in the MySonicWall-Portal to downlad.
i use gvpn everyday as i work from home, its rock solid, no need to update i guess
The Global VPN client is a pretty rock solid client. However it’s always been SonicWALL’s intention of eventually fully sunsetting the Global VPN client and only offering the SSL VPN client for both firewalls and SMA appliances.
it would not surprise me at all if they eventually phase out the SSL VPN capability from their firewalls and either require you to purchase a SMA appliance or build in a SMA appliance license as an addon to the firewall itself.
They have already stripped out some SSL VPN options from the firewalls when SMA appliances were first announced. Most notably the ability to make SSL VPN profiles.
It will be an interesting to see where SonicWALL’s newest owner takes the company. I believe this is owner #3 or #4 in a little over 10 years.
GVC dev is paused for obvious reasons, It just works. If it gets a new CVE discovered then you’ll get a new version.
There are ways to get other IPSEC clients to work with GVC you just have to look at the configs and understand what the client needs.
Using IPSEC for just client based access has always looked like overkill for me but that’s my opinion.
For the most part they’re even reducing selling the SSLVPN license for the firewalls and trying to push customers to the SMA platform (yes I know it has a bad current CVE but that’s the nature of SSLVPNs)
NetXtender is an interesting thing and has a clue to the future in that it has a built in wireguard driver. The techs and engineers I’ve spoken to across SMA and firewalls is that they are looking with interest at wireguard, Beau even confirmed this to me the last time I spoke with him last year.
The SMA guys have said to me for a long time that IPSEC will also be included in SMA along with other protocols so keep an eye on those.
I wish they would add support for OpenVPN. That would make life much easier for many of us.
The latest version is on https://www.sonicwall.com/products/remote-access/vpn-clients - I have a feeling that it doesn’t show up from the MySonicwall page now.
That could be it, because I do not find any information that they have ended the support for this product.
Azure NPS RADIUS works really well and you don;t have to expose the SSL portal to make it work like the NE.
There is no newer version logging into the MySonicwall portal.
they have it, but only for the SMA devices.
TBH if OpenVPN is that important, spin up a VM and set up a new interface on the Sonicwall and have the appliance behind that. Dedicated VM is going to be better than running it on a SW appliance.
and that version is 2 years old like OP said.
Does the SSL portal need to be exposed for SSL-VPN to work after the user is configured and MFA applied?
They want people to use SSL VPN, the same solution that had a bunch of critical vulnerabilities over the last months.
In my opinion Sonicwall is not giving the right attention and priority for remote access via VPN.
SMA is quite different that the TZ/NSA and even SuperMassive. SMA is a purpose built SSL appliance that used to run on VXworks and IIRC they got the tech as part of the Aventail purchase.
mostly yes - because if you ever need to renroll (firmware update has been know to reset this) or add a user you’ll beed the portal.