Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Wi-Fi Router Charts

Click for Wi-Fi Router Charts

Mesh System Charts

Click for Wi-Fi Mesh System Charts



At a Glance
Product Sonicwall SSL-VPN 200 Appliance (SSL-VPN 200)
Summary Entry level SSL VPN gateway supporting SSL proxy and IPsec tunnel connections
Pros • Works with both IE and Firefox
• No per-use licensing
• Vista support for VPN client
Cons • Unequal local > remote and remote > local throughput
• Support plan ($) required for firmware updates after 90 days

We previously looked at rolling your own SSL VPN and Netgear's SSL-312 as affordable ways for SOHO / SMB users to explore the SSL alternative to IPsec VPN gateways. This time, I'll look at Sonicwall's entry-level SSL-VPN 200 appliance.

The 200 is Sonicwall's entry-level SSL gateway with ten recommended maximum concurrent users. Also available are the 2000 and 4000 models that have recommended maximum concurrent users of 50 and 200 users respectively. In a departure from Sonicwall's usual per-user license model, all the SSL VPN's come with unrestricted users licenses. So if you want to try loading them beyond the recommended maximums you can have at it. But as you'll see later, the recommendations are probably reasonable, if not a bit optimistic.

The 200 provides secure remote access via two main methods. Proxies are provided for HTTP, HTTPS, FTP, SSH (V1 or V2), Telnet, RDP (via ActiveX control or Java applet), VNC and Windows File Sharing (Windows SMB/CIFS). The proxies provide remote access to these services via IE or Firefox running on any OS. For other TCP/IP-based applications, you use what Sonicwall calls NetExtender. I'll let Sonicwall explain:

NetExtender is a SonicWALL SSL-VPN client for Windows that allows users to run TCP/IP-based applications securely on the company’s network. NetExtender is downloaded transparently and uses a Point-to-Point Protocol (PPP) adapter instance to negotiate ActiveX controls.

NetExtender first queries whether the ActiveX component is present, and if not, allows the user todownload and install it. When installed, NetExtender allows users to tunnel to the remote network and virtually join the remote network in order to mount drives, upload and download files, and access resources in the same way as if they were on the local network.

The 200's silver and blue metal enclosure is designed for utility and has mounting screw slots on the bottom and plenty of vent holes on each side. The indicators and connectors are shown in Figure 1 below.

SSL-VPN 200 Front and Rear Panels

Figure 1: SSL-VPN 200 Front and Rear Panels

Figure 2 shows that the 200 is based on a proprietary Sonicwall CPU joined with a Cavium XL Security Acceleration Board (PDF link). The Cavium spec sheet rates the board at 200 Mbps "IPsec performance" and 1750 (1024 bit exp) SSL TPS (Transactions Per Second). While this sounds impressive, we'll see later that actual performance doesn't have numbers that large.

The 200's Status page reports 128 MB of RAM and 16 MB of Flash, which is the same as contained in Netgear's SSL-312. All five 10/100 Ethernet ports are handled by the Micrel KSZ8995XA switch chip. Note the absence of heatsinks, which didn't seem to be needed for cool operation.

Inside the VPN 200
Click to enlarge image

Figure 2: Inside the VPN 200

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Don't Miss These

  • 1
  • 2