• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 666
  • Last Modified:

Sonicwall Global VPN connection degrades

Hello all,

Im having a problem with a clients VPN connection. This is a laptop that the user leaves at home. The problem is that the network resources become unreachable although the vpn connection remains active. The laptop is XP sp3 and it is connecting to a sonicwall TZ190 with the latest firmware. The Global VPN client is the latest version. User authentication is off, were using a shared key, but we tried it with user auth and got the same results. The PDC is a windows 2003 Standard, its the DNS and DHCP server from which the laptop is getting its IP. There is also a BDC that is also a windows 2003 Standard.

I spent three hours today on technical support with Sonicwall. The connection will work initially, sometimes for 4 minutes, sometimes for as much as 25 so far. But inevitably, it simply stops passing data. When this happens, I cannot browse any network resource. Ive left a ping t running and it suddenly starts reporting that the pings time out. If I leave this running maybe every 10 minutes one ping will get through with a normal response time, but then it will go back to timing out. I am always able to ping the firewall. I CAN ping the client from within the network. Interesting note: When the connection IS working, I generally get a range of latency between 26ms and 300ms. When I ping from the server, even after the client stops receiving data, the reply comes back with a  response time of 1ms. Always.

When the connections stops working, the sonicwall shows the ICPM packets coming in and being forwarded on to the destination, but the server simply doesnt respond. if I disable, and re-enable it the vpn connection in the global vpn client software, the data begins to flow again probably 99% of the time occasionally, I have to disable it twice. But it usually starts right back up, only to fail again shortly thereafter.

Ive already removed and reinstalled the client software. I have disabled all firewalls and antivirus on both the server and the laptop. I have checked for duplicate IPs in DHCP. I have checked for duplicate DNS entries. The user had offline files set to synchronize every so often, Ive removed offline files all together.

Ive connected from my own personal laptop, Im in a different location than either the clients laptop or the sonicwall, and my connection has not dropped.

Im out of ideas here. Any thoughts would be greatly appreciated.

Thanks!

Matt Conlon
0
mstumpo
Asked:
mstumpo
  • 5
  • 4
1 Solution
 
Shecky919Commented:
HAve you checked for conflicting IP addresses? Maybe it is being given an address that another device is using?
0
 
mstumpoAuthor Commented:
Apparently, I'm haing a problem with my apostrophes showing up as squares too, but that's only on this site...
0
 
mstumpoAuthor Commented:
Yeah, in the last part there I said:  I have checked for duplicate IPs in DHCP. I have checked for duplicate DNS entries.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
mstumpoAuthor Commented:
I should also add, he doesn't lose the ability to access the internet, just the network resources.
0
 
Shecky919Commented:
Hmmm.. well with you having connected your laptop and not experienced the same issues, I would start by running some scans on the machine giving you problems, and check into possible isp issues.
0
 
Shecky919Commented:
My thinking is that maybe the ISP has a filter somewhere causing the problem. Have you tried taking that laptop to a different location and seeing of you can replicate the problem?
0
 
mstumpoAuthor Commented:
I thought the same things, except I keep coming back to the fact that the packet capture on the sonicwall always shows the ICPM packets coming in, and being delivered to their destination, which in this case is the DC, but it never shows the DC replying.
0
 
Shecky919Commented:
Are the ip schemes in the office and at the remote location the same? Maybe its not routing out properly.
0
 
mstumpoAuthor Commented:
Scheme in the office is 172.16.1.x. home is 192.168.1.x
0
 
moniqaCommented:
Give the sonicwall virtual adapter a static IP and fill in the subnet mask gateway and dns for the remote network. It worked for me I have had the same problem.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now