Sonicwall SMA 500 Virtual Appliance does not work with NSX

With COVID-19, we've seen a massive rush for employees to work remotely.  Of course, for remote workers, one of the vital IT Infrastructure components is an SSL VPN.  For some of our clients, we use the Sonicwall SSL VPN SMA500 Virtual Appliance.  When deploying this in our ADS Cloud environment for a new client, we ran into a severe limitation of the SMA 500 Virtual Appliance.  If you attach the SMA 500 to an NSX (VMware's Software Defined Networking) backed network, it will NOT work.  It does work with a vLAN backed network.  Most likely, this is because the Virtual Appliance is compatible with vSphere 4.0, which was released over ten years ago.  Even with the latest build we could find of the SMA 500, which is 10.2.0 we could not ping the appliance after it was deployed with the correct IP address, subnet and default gateway.  The Virtual Appliance is configured with the Flexible Network Card, which doesn't work with NSX.  The workaround is quite simple:

  1. Deploy the appliance.
  2. Remove the three flexible Network Cards.
  3. Add one or more E1000 Network Cards. 
  4. Power on the appliance.
  5. Log in to the console and configure the
    1. IP Address
    2. Subnet
    3. Default Gateway
    4. DNS Servers
    5. Assign a name to the Virtual Appliance.

After we changed the Network Card on the Virtual Appliance from the Flexible to the E1000, we were able to access the Virtual Appliance.  It took us a day to troubleshoot this issue.  Hopefully, you found this article, and it saves you time.  Stay safe everyone!

Ssl vpn

Get updated on the latest Information Technology news, Cybersecurity, Information Technology Trends, and recent real-world troubleshooting experiences.