• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 456
  • Last Modified:

Problem with site to site VPN using a SonicWall PRO 2040 to a SonicWall TZ180

I have a SonicWall PRO 2040 currently setup with a VPN tunnel to a remote network using a SonicWall TZ170.
This works absolutely fine, however, i am in the process of setting up another remote network using the slightly newer TZ180.

The problem I have is that i cannot access the main network from the new remote (TZ180).
The VPN tunnel is active and i can ping computers from the remote to the main network i just can't access any files etc.

I have copied all the settings from the TZ170 to the TZ180 (except for the obvious; IP address, name etc) and i still have no luck.
Is there something obvious i am missing. Do I need to add the details of the new network to any of our servers?
0
James Cook
Asked:
James Cook
  • 8
  • 6
1 Solution
 
lnkevinCommented:
I have been through this before and solved it by set up DNS server value on the remote VPN location. Do you have a separate Domain controller in the remote location? if not, use the DNS from your router.

If it still doesn't solve your problem, I suggest you to call SonicWall. They are very good on getting their product connected. If you just purchase the new TZ180, you are still under warranty and should not be charged for anything. Just give them your SN and you can go from there.

K
0
 
James CookIT ManagerAuthor Commented:
One thing i failed to mention was that this is a test setup using one of our spare IP addresses. So they are both connected to the same router.
It makes sense that this could be a DNS issue as both firewalls are using the same DNS from the router.
Unfortunatly I am unable to get to the remote site until next week so had to test it somehow, do you think this could be the cause of the issue.
Also another point to note is that when the tunnel is active I can ping the servers just not access them.
Thanks
0
 
lnkevinCommented:
Can you try to access your server with IP addresss? example: \\10.10.x.x\sharefile....
Can you terminal service to the server with IP address?
What is the error message you have got when attempting to access the server?

To me, it looks much like DNS mis configures  in the VPN firewall.

K
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
James CookIT ManagerAuthor Commented:
I've tried what you suggested, and yes, i can rdp to our terminal server with the local ip address.
i can also access the fileshare via the ip. I agree it must be a DNS issue. how would i resolve that?
Thanks
0
 
lnkevinCommented:
Get in your firewall (both remote and main). Make sure you have proper DNS server IP address set in DNS section. This DNS entry should be your local DNS server. If DNS server is also in DC, your entry should be DC ip address. If the task is hard for you, call SonicWall they will walk you through the steps without any charges.

K
0
 
James CookIT ManagerAuthor Commented:
That worked! Thank you!
Just to confirm I have set it up correctly...
The remote site doesn't have a local DNS server it is located at the main site, therefore i have used the local IP of the DNS server on the main network.
I thought the DNS had to be the DNS that was provided by the ISP, is this not the case? Our other site2site (TZ170) doesn't use a local IP for DNS.
0
 
lnkevinCommented:
If you want to map or browse from remote to main with DNS entry, you have to use DNS entry of the main NOT isp one. Otherwise, how does it recognize the DNS in different servers? You have to make sure both firewalls talking on the same page (DNS), haven't you?

K
0
 
lnkevinCommented:
It's better to have both main and ISP DNSs as primary and secondary DNS. Primary should be main and ISP is sec.

K
0
 
James CookIT ManagerAuthor Commented:
Here's the situation...
Main (PRO 2040): Uses the DNS from ISP - 62.xxx.xxx.xxx
Remote 1 (TZ170): Uses the DNS from ISP - 194.xxx.xxx.xxx * This setup works fine
Remote 2 (TZ180): Now configuered to use local (Main) DNS - 10.0.0.xxx
Remote 2 now works but i don't understand why when remote 1 is different and still works.
0
 
lnkevinCommented:
Must be some blind luck here :P

But it should not work on R 1, indeed. Unless in R 1, there is some where in your configuration a pointer from isp to local dns... or there may be a secondary dns set somewhere. I can't be convinced until I have a touch on your VPN. 194.xxx... looks like an internal IP, to me. Are you sure it's a public IP? the network 62.xxx... looks more like a public one.

K
0
 
James CookIT ManagerAuthor Commented:
194.xxx i think is a BT DNS server.
As main and R1 are working OK i shall leave them as they are. i'll configure R2 to use local DNS plus put the ISP DNS in as a second DNS.
All is working now so thanks for all your help!
0
 
lnkevinCommented:
Plus, you have different version of firewall on R1 and R2 so it's hard to know without taking a close look. I show you the trick. Go in to the firewall under support section and export your configuration and compare between the two. You will see all the hidden things.

K
0
 
James CookIT ManagerAuthor Commented:
Thanks once again for all your help! Much appreciated!
J
0
 
lnkevinCommented:
You can close this question and award points.

K
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now