Sonicwall VPN connection dropping

Posted on 2005-04-11
Last Modified: 2012-05-05
I have a problem with the VPN connection, for a Tz170.  After connecting and using eitherthe Citrix or RDP connection to connect to the server, after around 5-10mins the Citrix or RDP connection kicks you out.  

I'm using the latest firmware (3.1) but I still have a user getting kicked out of the VPN every 5 or so minute. The connection receives an IPSEC delete request for some reason, then the connection resets and the client policy synchronizes. There isn't any idle time or inactivity as the user is constantly using an ICA Citrix connection. They are using BT Broadband and are sitting behind an ASDL router with NAT, although the connection isn't being shared with anyone else.  NAT Travesal is disabled on the VPN client as when it's set to automatic the client can connect to the VPN but cannot access any resources.

The logs don't really provide any clues at all, even with all catergories selected & logged.

Please help ?
Question by:stevendunne
    LVL 3

    Expert Comment

    Check with the ADSL service provider. There may be an inactivity timeout on the connection.
    LVL 16

    Expert Comment

    Is there any time it's better or worse? We see VPN drop-outs with people who use 50:1 "LITE" or "home" ADSL especially at times when the network is particularly busy.

    Try leaving a window open pinging the non-VPN address of the far end, see if there are any drop-ous or spikes in resonse time co-inciding with the tunnel collapse.
    LVL 1

    Accepted Solution

    Couple of questions

    Are you using the Sonicwall  VPN client, Windows VPN Client or is this a Sonicwall to Sonicwall VPN connection?

    Are you connecting to the VPN and using a private IP to use RDP?

    Have you tested your Broadband connection for Packet loss? I would use the ping command to test to see if you are dropping packets from on side to the other. You could also ping a site like  

    From the command prompt Type

    ping -t

    See if you are droppping packet, try the same test to other sites. If you drop packet meaning getting a no reply, then it more than likely is your internet connection.

    An internet connection with packet loss would be my first thought. That is very common with Cable internet or Wireless internet.

    LVL 5

    Expert Comment

    I have this same problem. It also effects other RTP conversations like VOIP. It's weird b/c there is not a connectivity issue, you can reconnect immediatly. You just get dropped every 10-15 minutes or so.

    Continuous pings are set up on both sides and packets are not being dropped. I have a TZ-170 on one side and I think it's the problem. I didn't have this problem with the old pro 100 the it replaced. Just uploaded the newest Sonic OS enhanced and the problem is still there.

    Expert Comment

    We are also having the problem. We have been using Citrix on T1's for years - just moved to SonicWall TZ190's for VPN conectivity and are dropping sessions. This every branch on the VPN, while the others on the T1 are fine.

    Expert Comment

    Not sure why this is closed, dont see the solution other than a flaky isp connection.
    I have the same issue - had a Symantec Gateway 1620 - no issues, switched to
    a sonicwall NSA240 - TS drops, all sorts of problems.

    Expert Comment

    Agreed, having the same issue. Did anyone ever get this resolved? Thanks in advance.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now