We help IT Professionals succeed at work.

Can access VPN internally but not externally?

598 Views
Last Modified: 2010-04-21
I have a Sonicwall TZ180 and for some reason no one is able to connect using VPN from outside of the company.  If I launch the Sonicwall VPN client internally I can get through.  Externally though it just hangs on "connecting."  The configuration has not changed.  It is a broadband connection with a static IP address.  VPN was working well up until a few days ago.  The only change made was the hosting service but the IP stayed the same for the ISP.  Here is the error from the VPN client log.  Any ideas?

2008/07/10 23:15:50:461 Information <local host> Reading configuration file C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf.

2008/07/10 23:15:52:544 Information <local host> Saving configuration file C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf.

2008/07/10 23:15:52:564 Information <local host> The configuration file 'C:\Documents and Settings\user\Application Data\SonicWALL\SonicWALL Global VPN Client\SonicWALL Global VPN Client.rcf' has been saved.

2008/07/10 23:15:53:054 Information <local host> SonicWALL Global VPN Client version 4.0.0.830

2008/07/10 23:15:55:097 Information <local host> The connection "70.*.*.*" has been enabled.

2008/07/10 23:15:55:578 Information 70.*.*.* Starting ISAKMP phase 1 negotiation.

2008/07/10 23:16:13:904 Error 70.*.*.* An error occurred.
2008/07/10 23:16:13:924 Error 70.*.*.* The peer is not responding to phase 1

ISAKMP requests. 2008/07/10 23:16:14:235 Information 70.*.*.* Starting ISAKMP phase 1 negotiation.
Comment
Watch Question

gi2untIT Manager

Commented:
What type of Internet connection is this. Is it DSL/Cable, or is it a leased line, T1/T3/Frame Relay? Who was the ISP and who is the current ISP?

Author

Commented:
It is DSL and the ISP is Verizon which has not changed.  The only thing that changed was the hosting service for the website to GoDaddy.com.
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Commented:
I get a set of errors that are fairly similar when I do anything that points the client to an incorrect IP.

So, I would confirm you are pointing at the correct IP.  
This 70.*.*.* is the IP on the outside interface of your sonicwall correct?  
This worked prior to the hosting change? Do the events indicate that the hosting change may have had a hand in this?

Check in the sonicwall, the Outside IP.  I would allow ICMP responses and confirm you can ping the device through the internet(outside of your network), then create a brand new Sonicwall client vpn and try to hit it.  The setup of the client is very simple (in the one I am using, it may be old).  I would go as far as to reinstall, or install a fresh copy of the client on a machine and set up the client.  

If you do all of this and still cant connect, and you know the IP is correct and you could ping it, I would start to look at the sonicwall itself.  
-recreate the VPN info

other than that what hosting services changed? just the location of your website? name servers? if the IP did not change, the only way i see the clients being affected is if (dont know ifthis is possible) you were using a name to resolve the IP you vpn to.  ie you used vpn.yourdomain.com as your peer instead of the IP that that name would resolve to.

Author

Commented:
Thanks for the help.  I should of started with the basics first.  Rebooting the firewall had resolved the problem.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.