Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SonicWALL Global VPN DHCP over VLAN issues

Posted on 2010-08-12
7
Medium Priority
?
3,249 Views
Last Modified: 2013-08-15
Hello,

I am having an issue with our SonicWALL Pro 4100.  I am attempting to set up DHCP over a VLAN on our main subnet (X0) for all of our Global VPN clients.  This was working, but now isn't.  When clients attempt to log in, they can authenticate, but get stuck on the Acquiring IP step.  If I look in the log, the furthest they get is the "DHCP DISCOVER received from remote device" step.  The IP is never sent to them.  Below is the set up:

I have a VLAN set up off of the X0 (LAN) interface.  The IP is 192.168.12.1 with a subnet mask of 255.255.255.0.
I have a Dynamic DHCP entry, enabled, using the interface including IPs 192.168.12.100-192.168.12.254 with gateway 192.168.12.1 using the VLAN interface.
The WAN Group VPN is set up for the Virtual Adapter to use DHCP Lease.
DHCP over VPN Central Gateway is set to Use Internal DHCP Server for Global VPN Clients with the relay IP set to 192.168.12.1.

I'm not sure where to go from here and SonicWALL support has been pretty much a waste of time.  Any ideas?

Thanks,
Christine
0
Comment
Question by:clarkincit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33426730
So, you have an internal Windows server supplying an IP to your GVC clients?  I've only had problems with this.  I setup the Sonicwall to supply IP addresses.
0
 

Author Comment

by:clarkincit
ID: 33434648
No, we have the SonicWALL set up to serve the .12 subnet IPs via DHCP.  It's almost like the SonicWALL can't see the VLAN.  I've tried recreating it using a separate subnet and it still doesn't work.
0
 
LVL 33

Accepted Solution

by:
digitap earned 2000 total points
ID: 33434928
Go to VPN > DHCP over VPN. Confirm Central Gateway then click Configure.  Confirm the following are set:

Check "Use Internal DHCP Server"
Check "For Global VPN Client"
Not Checked "For Remote Firewall"
Not Checked "Send DHCP requests to the server listed below"

Set the "Relay IP Address" to the gateway IP of the X0:V10 (or whatever the VLAN is) VLAN - 192.168.12.1.

Also, on the Local User account on the 3060 that I was using to authenticate, on the Users>Local Users screen, on the VPN Access configuration tab for that user, I allowed access to the following networks;

LAN Primary Subnet
X0:V10 (or whatever the VLAN is) Subnet

Hope it helps!
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:clarkincit
ID: 33446771
These are all done.  I'm really not sure what is going on here.  It is very strange.  It almost looks like it can't get to that DHCP range.  If I change it to use an IP in the LAN range (.1 subnet) or to use our internal DHCP server, it works.  We're running out of IPs and that is why we need this..
0
 

Author Comment

by:clarkincit
ID: 33488381
I gave up on getting this to work.  I decided to set one of our open ports up as a dummy LAN with the .12 subnet assigned to it and run DHCP off of there.  It appears to be working.

I  used directions above to make it work.

Thanks for your assistance!
0
 
LVL 33

Expert Comment

by:digitap
ID: 33488781
That's a good idea.  Sorry the VLAN config didn't work.  Thanks for the points!
0
 
LVL 1

Expert Comment

by:pdmills12
ID: 39412817
I know this is an old thread, BUT, For what it's worth... I had the EXACT same scenario with my Sonicwall NSA-3500 and the Accepted Solution actually worked with my VLAN config!
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question