Solved

SonicWALL VPN Problems

Posted on 2004-08-10
2
1,301 Views
Last Modified: 2010-04-22
We run a SonicWALL PRO-330 with firmware version 6.6. I am currently attempting to get the vpn operational (we've paid for the vpn component and it is a registered product service on the SonicWALL website), the Global VPN client has been downloaded and installed on a notebook I am using for the testing. ALL tests thus far have been performed with the notebook connected to a small 3Com switch on the DMZ using one of our legal public IPs for the hard connection...

The firewall VPN settings areas follows:

In "Global VPN Settings"  - VPN is enabled; Disable all VPN Windows Networking (NetBIOS) broadcast is NOT selected; Require authentication of VPN clients via XAUTH IS selected; In VPN "Advanced Settings" - Enable Windows Networking (NetBIOS) broadcast IS selected; VPN Terminated at  LAN IS selected; Client is allowed traffic to any destination IS selected...
At this point, DHCP is NOT enabled on the firewall - and the firewall is NOT providing pass through for the client to get an IP from a DHCP server on the LAN...... (more on this later)......
There is a test user with password set up on the firewall, and the connection is configured to use a shared secret.
I can make a connection to the WAN IP of the firewall, and can ping IP addresses and FQDNs on the LAN with the following config on the VPN virtual adapter:
Obtain an IP automatically (DHCP, believe it or not); internal DNS and WINS servers statically entered, and NO gateway configured....when i do an ipconfig /all on the virtual adapter, I get this:

IP=223.1.1.28   (not sure where this address is coming from)
MASK=255.255.255.0
Gateway= NONE
DHCP Server=223.1.1.128  (not sure where this address is coming from)

What I CAN'T do is map to a UNC path: ex. \\servername\c$, or resolve the Exchange server name when attempting to set up an Outlook profile....get the messages "Network path not found", or "Server not found"... NetBIOS resolution not working, perhaps ??
When I initially tried to set up the VPN connection, I configured the clients to get DHCP addresses from a server on the LAN, and that WAS successful, BUT if I got an address this way, I couldn't ping ANYTHING on the LAN, no IP addresses, no names....nothing. And if I configure the virtual adapter with a static LAN IP, MASK, gateway, etc..I get the same result, not able to ping anything.....I am only able to ping with the IP config listed above....at this point, the VPN client is not authenticating to the domain as far as I can tell........how would that be set up ??
 If anyone has any ideas, I'd certainly appreciate your input.

THANKS ALL !

0
Comment
Question by:ccherman3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
tonyhowarth earned 250 total points
ID: 11836026
The VPN client has a log viewer, can you post the log

Tony
0
 

Author Comment

by:ccherman3
ID: 11871782
On vacation last week.....I apologize for the delayed response.
Will get a log posted ASAP.

C.
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sbs2011 has been hacked. Foreign users in AD 7 164
Block unwanted websites & monitor visited 8 90
iptables and udp ports 23 132
Linksys LRT 224 forward 3 44
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question