[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 922
  • Last Modified:

SonicWall (safeNet) VPN client problem

I have a machine that correctly connects to annother site through the VPN, but when I export the policy from this machiene to another, the sceond one dosen't work.
By "dosen't work", I mean it dosen't do anything, its as if the policy was deactivated. It's not logging anything, and is ignoring all the packets sent to the other end. Thoughts anyone?
0
royce2020
Asked:
royce2020
  • 9
  • 6
1 Solution
 
chicagoanCommented:
Is this failing on one machine or any machine?
Try uninstalling the client and tcp/ip, reinstall tcp/ip, the client and import the policy.
0
 
royce2020Author Commented:
Just the one machine, but the idear is to have a single machine with all the VPNs that we use that users can then use this machine as a terminal server, and get acces to them that way.

could it be the terminal services cuasing the problem? the only diference between the two machines is that the one that works is Win XP, while the one that doesn't is win 2K with termanal servbices. I wouldn't have thought they interact, plus we have another terminal server that runs sonic wall as well and it works fine. Is there a setup step I'm missing in eather of these things?
0
 
chicagoanCommented:
You may have to use 2 NIC's in your terminal server, one for incoming RD connections and one for the VPN client.
Set the default route out to the latter and connnect RD to the first one.
Make sure you install the VPN client in TS INSTALL mode.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
royce2020Author Commented:
The Client was installed in TS Install mode (I was under the impresion that you couldn't install it if it wasn't, anyway).
Having a seperate network card is impractical: we lease the server, and part of the arangment is that we don't take it to bits nor add any internal parts (if it ever breaks down we have to get them to fix it). Is it posible to create a vurtual NIC (posibly mapping to one on another machine) and using that?
0
 
royce2020Author Commented:
I deactivated Terminal services and gave it a go. It works fine, even when TS is activated without anyone loged on (other than the console). Any thoughts on how to get around this with software?
0
 
royce2020Author Commented:
becuse All the VPNs are over the internet would it be posible to use a modem instead of the second NIC? This sounds feasable to me, but I don't even know where to start.
0
 
chicagoanCommented:
>would it be posible to use a modem instead of the second NIC
that would work - I'm sure
I'm mulling over how a 2nd IP address on that NIC would work...
0
 
royce2020Author Commented:
I'm sure I'm still mising something. I set the VPN to use WAN PPP/SLIP (as aposed to the LAN) and the TS to only accept incoming requests from the LAN.

There seems to be no diference at all.
Having two IPs on a single NIC would work, you think?
0
 
chicagoanCommented:
wouldn't be hard to find out
0
 
royce2020Author Commented:
I've never had to set up an NIC with two IPs. can you walk me through it, or at least point me in the right direction?
0
 
chicagoanCommented:
It's in the advanced properties of TCPIP
Right click network neighborhood / properties / tcpip /
0
 
royce2020Author Commented:
I have set the NIC to use two IPs, but I'm still having no joy. both the VPN and terminal services can only be bound to the network card (as apposed to the IP) of their target network. The VPN is set to use "Any" Internet interface, and still it does not work.
What Am I doing wrong here?
0
 
royce2020Author Commented:
I have discovered that with my current setup, if the console makes a VPN connection, then anyone who logs on afterwards can use the connection over terminal services. This is a step in the right direction, but the person on the terminal client needs to be able to change the VPN from one to another, which currently they can't.
0
 
chicagoanCommented:
two nics seem to be the thing
0
 
royce2020Author Commented:
I've been experimenting with this am I'm thinking that this is just the way that it works (I don't think two NICs would produce any diferent results) like dailup networking, the user who created the connectetion has controll over it, but all the other users can use it. Unfortunatly with the VPN this is Always the console.

So my question has now changed radicaly: how can I cotroll the VPN running on the console as a remote user? I'm sure RDP can do this, but I've no idear how.
Even just a method to run a batchfile as the console from a remore location.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 9
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now