Solved

SonicWALL VPN Problems

Posted on 2004-08-10
2
1,305 Views
Last Modified: 2010-04-22
We run a SonicWALL PRO-330 with firmware version 6.6. I am currently attempting to get the vpn operational (we've paid for the vpn component and it is a registered product service on the SonicWALL website), the Global VPN client has been downloaded and installed on a notebook I am using for the testing. ALL tests thus far have been performed with the notebook connected to a small 3Com switch on the DMZ using one of our legal public IPs for the hard connection...

The firewall VPN settings areas follows:

In "Global VPN Settings"  - VPN is enabled; Disable all VPN Windows Networking (NetBIOS) broadcast is NOT selected; Require authentication of VPN clients via XAUTH IS selected; In VPN "Advanced Settings" - Enable Windows Networking (NetBIOS) broadcast IS selected; VPN Terminated at  LAN IS selected; Client is allowed traffic to any destination IS selected...
At this point, DHCP is NOT enabled on the firewall - and the firewall is NOT providing pass through for the client to get an IP from a DHCP server on the LAN...... (more on this later)......
There is a test user with password set up on the firewall, and the connection is configured to use a shared secret.
I can make a connection to the WAN IP of the firewall, and can ping IP addresses and FQDNs on the LAN with the following config on the VPN virtual adapter:
Obtain an IP automatically (DHCP, believe it or not); internal DNS and WINS servers statically entered, and NO gateway configured....when i do an ipconfig /all on the virtual adapter, I get this:

IP=223.1.1.28   (not sure where this address is coming from)
MASK=255.255.255.0
Gateway= NONE
DHCP Server=223.1.1.128  (not sure where this address is coming from)

What I CAN'T do is map to a UNC path: ex. \\servername\c$, or resolve the Exchange server name when attempting to set up an Outlook profile....get the messages "Network path not found", or "Server not found"... NetBIOS resolution not working, perhaps ??
When I initially tried to set up the VPN connection, I configured the clients to get DHCP addresses from a server on the LAN, and that WAS successful, BUT if I got an address this way, I couldn't ping ANYTHING on the LAN, no IP addresses, no names....nothing. And if I configure the virtual adapter with a static LAN IP, MASK, gateway, etc..I get the same result, not able to ping anything.....I am only able to ping with the IP config listed above....at this point, the VPN client is not authenticating to the domain as far as I can tell........how would that be set up ??
 If anyone has any ideas, I'd certainly appreciate your input.

THANKS ALL !

0
Comment
Question by:ccherman3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
tonyhowarth earned 250 total points
ID: 11836026
The VPN client has a log viewer, can you post the log

Tony
0
 

Author Comment

by:ccherman3
ID: 11871782
On vacation last week.....I apologize for the delayed response.
Will get a log posted ASAP.

C.
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

634 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question