[Webinar] Learn how to a build a cloud-first strategyRegister Now


Sonicwall VPN connection dropping

Posted on 2005-04-11
Medium Priority
Last Modified: 2012-05-05
I have a problem with the VPN connection, for a Tz170.  After connecting and using eitherthe Citrix or RDP connection to connect to the server, after around 5-10mins the Citrix or RDP connection kicks you out.  

I'm using the latest firmware (3.1) but I still have a user getting kicked out of the VPN every 5 or so minute. The connection receives an IPSEC delete request for some reason, then the connection resets and the client policy synchronizes. There isn't any idle time or inactivity as the user is constantly using an ICA Citrix connection. They are using BT Broadband and are sitting behind an ASDL router with NAT, although the connection isn't being shared with anyone else.  NAT Travesal is disabled on the VPN client as when it's set to automatic the client can connect to the VPN but cannot access any resources.

The logs don't really provide any clues at all, even with all catergories selected & logged.

Please help ?
Question by:stevendunne

Expert Comment

ID: 13764443
Check with the ADSL service provider. There may be an inactivity timeout on the connection.
LVL 17

Expert Comment

ID: 13767356
Is there any time it's better or worse? We see VPN drop-outs with people who use 50:1 "LITE" or "home" ADSL especially at times when the network is particularly busy.

Try leaving a window open pinging the non-VPN address of the far end, see if there are any drop-ous or spikes in resonse time co-inciding with the tunnel collapse.

Accepted Solution

Brbear01 earned 1500 total points
ID: 14092275
Couple of questions

Are you using the Sonicwall  VPN client, Windows VPN Client or is this a Sonicwall to Sonicwall VPN connection?

Are you connecting to the VPN and using a private IP to use RDP?

Have you tested your Broadband connection for Packet loss? I would use the ping command to test to see if you are dropping packets from on side to the other. You could also ping a site like yahoo.com.  

From the command prompt Type

ping yahoo.com -t

See if you are droppping packet, try the same test to other sites. If you drop packet meaning getting a no reply, then it more than likely is your internet connection.

An internet connection with packet loss would be my first thought. That is very common with Cable internet or Wireless internet.

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.


Expert Comment

ID: 14204620
I have this same problem. It also effects other RTP conversations like VOIP. It's weird b/c there is not a connectivity issue, you can reconnect immediatly. You just get dropped every 10-15 minutes or so.

Continuous pings are set up on both sides and packets are not being dropped. I have a TZ-170 on one side and I think it's the problem. I didn't have this problem with the old pro 100 the it replaced. Just uploaded the newest Sonic OS enhanced and the problem is still there.

Expert Comment

ID: 23015631
We are also having the problem. We have been using Citrix on T1's for years - just moved to SonicWall TZ190's for VPN conectivity and are dropping sessions. This every branch on the VPN, while the others on the T1 are fine.

Expert Comment

ID: 23943814
Not sure why this is closed, dont see the solution other than a flaky isp connection.
I have the same issue - had a Symantec Gateway 1620 - no issues, switched to
a sonicwall NSA240 - TS drops, all sorts of problems.

Expert Comment

ID: 33039683
Agreed, having the same issue. Did anyone ever get this resolved? Thanks in advance.

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question