Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

SonicWALL VPN Problems

Posted on 2004-08-10
2
1,300 Views
Last Modified: 2010-04-22
We run a SonicWALL PRO-330 with firmware version 6.6. I am currently attempting to get the vpn operational (we've paid for the vpn component and it is a registered product service on the SonicWALL website), the Global VPN client has been downloaded and installed on a notebook I am using for the testing. ALL tests thus far have been performed with the notebook connected to a small 3Com switch on the DMZ using one of our legal public IPs for the hard connection...

The firewall VPN settings areas follows:

In "Global VPN Settings"  - VPN is enabled; Disable all VPN Windows Networking (NetBIOS) broadcast is NOT selected; Require authentication of VPN clients via XAUTH IS selected; In VPN "Advanced Settings" - Enable Windows Networking (NetBIOS) broadcast IS selected; VPN Terminated at  LAN IS selected; Client is allowed traffic to any destination IS selected...
At this point, DHCP is NOT enabled on the firewall - and the firewall is NOT providing pass through for the client to get an IP from a DHCP server on the LAN...... (more on this later)......
There is a test user with password set up on the firewall, and the connection is configured to use a shared secret.
I can make a connection to the WAN IP of the firewall, and can ping IP addresses and FQDNs on the LAN with the following config on the VPN virtual adapter:
Obtain an IP automatically (DHCP, believe it or not); internal DNS and WINS servers statically entered, and NO gateway configured....when i do an ipconfig /all on the virtual adapter, I get this:

IP=223.1.1.28   (not sure where this address is coming from)
MASK=255.255.255.0
Gateway= NONE
DHCP Server=223.1.1.128  (not sure where this address is coming from)

What I CAN'T do is map to a UNC path: ex. \\servername\c$, or resolve the Exchange server name when attempting to set up an Outlook profile....get the messages "Network path not found", or "Server not found"... NetBIOS resolution not working, perhaps ??
When I initially tried to set up the VPN connection, I configured the clients to get DHCP addresses from a server on the LAN, and that WAS successful, BUT if I got an address this way, I couldn't ping ANYTHING on the LAN, no IP addresses, no names....nothing. And if I configure the virtual adapter with a static LAN IP, MASK, gateway, etc..I get the same result, not able to ping anything.....I am only able to ping with the IP config listed above....at this point, the VPN client is not authenticating to the domain as far as I can tell........how would that be set up ??
 If anyone has any ideas, I'd certainly appreciate your input.

THANKS ALL !

0
Comment
Question by:ccherman3
2 Comments
 
LVL 2

Accepted Solution

by:
tonyhowarth earned 250 total points
ID: 11836026
The VPN client has a log viewer, can you post the log

Tony
0
 

Author Comment

by:ccherman3
ID: 11871782
On vacation last week.....I apologize for the delayed response.
Will get a log posted ASAP.

C.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question