Solved

Sonicwall SSL VPN users sometimes experience frequently lost connections

Posted on 2010-09-02
10
559 Views
Last Modified: 2012-05-10
We have a Sonicwall SSL-VPN 2000 running version SonicOS SSL-VPN 4.0.0.0-16sv that serves typically four to six people at once. Occassionally, I get a call saying that the user is in a connect/disconnect loop with the device. I see nothing unsual about the device, other users might be connected persistenly at the same time.

It happens enough that I wonder if something is configured wrong on the systems side. I cannot find much on the knowledgebase or from tech support, or from Google on such an issue. Thought I would try this forum for suggestions or advice. The users are connecting the netextender client on Vista.

There are some properties settings such enable/disable use TCPv6 that I wonder if anyone has experimented with. I have also started asking users to enable and send their debug log.--I can't see much in the system debug log.
0
Comment
Question by:rzup
  • 5
  • 5
10 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33588949
I see what you mean.  I found something about Ubuntu having some issues and a solutioin for that loop, but can't find much of anything else.  There is a long drawn out forum thread where they've experienced your exact issue, but no solution has emerged.  Have you tried to uninstall the Netextender client completely?  Since the original installation, have you gone through a firmware and subsequent client upgrade?  Is it only one user?
0
 
LVL 1

Author Comment

by:rzup
ID: 33590657
Different users have reported this. Most users are happy and have no problems.. I have not asked anyone to resinstall--I might try that next.. The firmware was upgraded a few months ago, but this complalint, though intermittent, spans several firmware patches.
It's just enough users to make me suspect something systemic rather than isolated issues. Also, if they keep trying for awhile, they eventually get connected for good. So, for example, I might have  a user complain at 9am that she has spend an hour getting knocked off every few minutes. In the course of communicating, maybe by 10: 30 she connects and is happy from then on. Suggesting that the client is fine.
Users insist their network connection is good and nothing else is affected.
Thanks.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33590803
I would assume if it was something hardware related, then it would affect everyone at once and occur more often.  I'm of the mind that the client needs to be removed and the current version that's installed from the ssl-vpn installed.  I'd do it on one user and wait it out.

This sounds almost like a misconfigured MTU.  Are you using this appliance in conjuction with a sonicwall UTM appliance?  If so, do you use the GVC with the UTM?  You might consider looking at this article I posted that walks through setting this.

http://www.experts-exchange.com/viewArticle.jsp?aid=3110
0
ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

 
LVL 1

Author Comment

by:rzup
ID: 33591233
We do not use UTM. That is a very interesting post and configuraiton. I'm reviewing those settings now. Thanks.
0
 
LVL 1

Author Comment

by:rzup
ID: 33591281
It doesn't look like this model has an "Advanced Tab" within the interfaces configuraiton.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33591431
Oh...my MTU suggestion was meant for the Cisco, but perhaps you haven't deployed the ssl-vpn through your firewall.  Do you have the SSL-VPN connected directly to the Internet?  One of the configurations of the SSL-VPN appliance is to have it go through a Sonicwall firewall (or UTM).  Which deployment method are you using?

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=6122
0
 
LVL 1

Author Comment

by:rzup
ID: 33591486
Ours is deployed directly to the Internet--it has an interface with a public IP versus being behind our firewall.
0
 
LVL 33

Accepted Solution

by:
digitap earned 250 total points
ID: 33591511
Hmmm...I think I'm going to stick with the client theory for now.
0
 
LVL 1

Author Closing Comment

by:rzup
ID: 33939080
It seems the client rebooting his or her wireless router solves the issue. Still not certain why.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33939911
Restarts are quite overlooked...i guess they are too simple and we think it HAS to be a solution that is more complex...>GRIN<!  Thanks for the points!
0

Featured Post

ScreenConnect 6.0 Free Trial

Check out the updates in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI that improves session organization and overall user experience. See the enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5500 Series Site-to-Site Azure 6 107
Reading registry key from HKCU and not hklm 10 107
RemoteApps using Remote Desktop Services 9 52
VPN Access to Network 4 30
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question