Solved

sonicwall and citrix xgenapp dropging client

Posted on 2010-08-25
24
931 Views
Last Modified: 2012-05-10
have qwest dsl line for inet
and t1 line for citrix xenapp
sonicwall tz170
route setup in sonicwall for the t1
the citrix client drops every 6-7 mins then reconnects
0
Comment
Question by:Aunwin
  • 12
  • 10
  • +1
24 Comments
 
LVL 11

Expert Comment

by:Coast-IT
Comment Utility
the logs on the Sonicwall are quite intuitive.  Do they suggest there is an issue?
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
check that your MTU is configured properly...see the article below.  Also, check that your speed/duplex on interface for the T1 are set properly...may require a static combination setting of some sort.http://www.experts-exchange.com/viewArticle.jsp?aid=3110
0
 

Author Comment

by:Aunwin
Comment Utility
routing  through the sonicwall to a private t1 line
can ping the gateway on the t1 box even when the citrix client drops.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
ok and my suggestion, http:#a33522311?
0
 

Author Comment

by:Aunwin
Comment Utility
Have 25 computers xp, vista, win7
if i turn off the windows firewall and trendmicro firewall
the xp and vista boxes do do drop.
the win7 boxes even with the firewalls turned off and trendmicro uninstalled still drop
the client every 6.45 min. like clock work, but not at the same time on each computer.
0
 

Author Comment

by:Aunwin
Comment Utility
need to get on site to try 33522311
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
OK...
0
 

Author Comment

by:Aunwin
Comment Utility
33522311
did not work
0
 

Author Comment

by:Aunwin
Comment Utility
33522311
did not work
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
i wonder if it's the TCP timeout set for the firewall rule...do you have an interface that the T1 router connects to on the sonicwall or does the lan side of the t1 router have an IP address that's on the IP network of the LAN interface of the sonicwall?
0
 

Author Comment

by:Aunwin
Comment Utility
the t1 comes from the Cisco 1700 to lan port on sonicwall tz-170.
The t1 has ip on the sonic lan 10.10.17.240
Add a route in the sonic for the t1 side with a gateway 10.10.17.240
I disconnected the wan port on the sonic,
And only had a laptop connected to the sonic and the to the cisco.
if routed through the sonic client will drop ever 6.45 min.
and reconnects less than a second.
If I add a route on the laptop to the t1, the connection does not drop.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
I'm wondering if the sonicwall is dropping packets based on TCP timeouts.  What I've seen done is modifying the TCP timeouts within the firewall rules.  For you, your traffic is trusted.  However, I've seen creating a LAN > LAN firewall rule for that specific traffic.  Source would be Any and Destination would be an address object of the 1700.  On the Advanced tab of the rule, you can specify TCP/UDP timeouts.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:Aunwin
Comment Utility
33536139 didn't work. set time out to 99.
sonic show on new event when client drops.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
what event does it show?

another possibility is to setup an interface on the sonicwall and create a new IP network there.  connect the cisco to that interface and change the LAN interface of the cisco to match the network.  it's what i would do at this point.
0
 

Author Comment

by:Aunwin
Comment Utility
Sorry Sonic show No event.
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
ah...my brain put an 'e' on the end of on...that's funny!  i'd go with my last option then...connecting the cisco to a sonicwall interface.
0
 

Author Comment

by:Aunwin
Comment Utility
Thanks for all the help.
I'am new to this office and network setup. (about 2 weeks)
one of the problems is that qwest modem/router and the sonicwall that runs 3 offices
2 of which I know nothing about, and a cisco box with dual ports one for one office and the other for office that i service, all 3 office are connected to sonicwall. and are on same net.
I think about adding a router for the office i service, and just bypass the sonicwall.
the other office have 2 or 3 computers, the one i have have 25 units plus 10 net printers
one off the office is using the same t1, but as far as i know the do not have any problems with time outs.
and there is no route statements in the sonicwall.
add a route statement to pc, but when the win7 unit reboot they will drop the client for about 30-40 min.
then they will work fine.
Al
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
when you perform the route add command, include the -p switch which will make the route persistent across multiple reboots.  Or, you can add the route with a login script.  This would allow you centrally manage the routes without needing to go to each machine in the event of an IP change.

It sounds like quite the diverse network, parts of which, you have not control over.  I think bypassing the sonicwall is the simplest solution here.
0
 

Author Comment

by:Aunwin
Comment Utility
I did the -p switch, was not on site when the computer got rebooted.
did not do the route add command only sent how to do it.
they do not have a server yet.
thanks again
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
Comment Utility
aren't making it easy for you are they?
0
 
LVL 5

Expert Comment

by:mittermueller
Comment Utility
Maybe an issue of DPD (dead peer)...
0
 

Author Comment

by:Aunwin
Comment Utility
switching out the sonicwall tonite.
I thought the problem was fixed, after the route statment was add to the win 7 boxes.
But not every thing goes to plan, win7 boxes did not drop the client, until the boxes get reboot or turned off, they will drop the client every 6 min. even though the route statment is persistent, take about 15-20 min. for client stay up. happens every time they get restarted.
going to add a switch between the qwest modem and the routers.
not not have problems with the xp boxes when firewalls are turn off.
0
 

Author Comment

by:Aunwin
Comment Utility
switch out sonewall have not problems.
thank for you help and onfo.
al
0
 
LVL 33

Expert Comment

by:digitap
Comment Utility
gotta love those hardware problems that don't reveal them as such...thanks for the points!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now