Avatar of TeddyZ83
TeddyZ83 asked on

Can access VPN internally but not externally?

I have a Sonicwall TZ180 and for some reason no one is able to connect using VPN from outside of the company.  If I launch the Sonicwall VPN client internally I can get through.  Externally though it just hangs on "connecting."  The configuration has not changed.  It is a broadband connection with a static IP address.  VPN was working well up until a few days ago.  The only change made was the hosting service but the IP stayed the same for the ISP.  Here is the error from the VPN client log.  Any ideas?

2008/07/10 23:15:50:461 Information <local host> Reading configuration file C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf.

2008/07/10 23:15:52:544 Information <local host> Saving configuration file C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf.

2008/07/10 23:15:52:564 Information <local host> The configuration file 'C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf' has been saved.

2008/07/10 23:15:53:054 Information <local host> SonicWALL Global VPN Client version 4.0.0.830

2008/07/10 23:15:55:097 Information <local host> The connection "70.*.*.*" has been enabled.

2008/07/10 23:15:55:578 Information 70.*.*.* Starting ISAKMP phase 1 negotiation.

2008/07/10 23:16:13:904 Error 70.*.*.* An error occurred.
2008/07/10 23:16:13:924 Error 70.*.*.* The peer is not responding to phase 1

ISAKMP requests. 2008/07/10 23:16:14:235 Information 70.*.*.* Starting ISAKMP phase 1 negotiation.
VPNHardware FirewallsNetworking Hardware-Other

Avatar of undefined
Last Comment
TeddyZ83

8/22/2022 - Mon
gi2unt

What type of Internet connection is this. Is it DSL/Cable, or is it a leased line, T1/T3/Frame Relay? Who was the ISP and who is the current ISP?
ASKER
TeddyZ83

It is DSL and the ISP is Verizon which has not changed.  The only thing that changed was the hosting service for the website to GoDaddy.com.
ASKER CERTIFIED SOLUTION
sharedit

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
sharedit

I get a set of errors that are fairly similar when I do anything that points the client to an incorrect IP.

So, I would confirm you are pointing at the correct IP.  
This 70.*.*.* is the IP on the outside interface of your sonicwall correct?  
This worked prior to the hosting change? Do the events indicate that the hosting change may have had a hand in this?

Check in the sonicwall, the Outside IP.  I would allow ICMP responses and confirm you can ping the device through the internet(outside of your network), then create a brand new Sonicwall client vpn and try to hit it.  The setup of the client is very simple (in the one I am using, it may be old).  I would go as far as to reinstall, or install a fresh copy of the client on a machine and set up the client.  

If you do all of this and still cant connect, and you know the IP is correct and you could ping it, I would start to look at the sonicwall itself.  
-recreate the VPN info

other than that what hosting services changed? just the location of your website? name servers? if the IP did not change, the only way i see the clients being affected is if (dont know ifthis is possible) you were using a name to resolve the IP you vpn to.  ie you used vpn.yourdomain.com as your peer instead of the IP that that name would resolve to.
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER
TeddyZ83

Thanks for the help.  I should of started with the basics first.  Rebooting the firewall had resolved the problem.