Solved

Sonicwall Global VPN - No Internet

Posted on 2012-03-14
2
615 Views
Last Modified: 2012-03-30
So I've got a SonicWall NSA 4500.  I've set up a ton of these guys in the past, and there is always one thing that I end up running around trying to figure out, and  sure enough I'm running into it right now.

So, we're using the Global VPN (not SSL-VPN).  No problem connecting and accessing local resources.  Now, I have this odd thing where SOMETIMES users can access the internet when connected, other times they can't.  I don't make any change, I get a call that users on the VPN can't get out to the net.  Next thing I know,  I get a call saying it's all good.

So, My setup.  The Sonicwall is passing out DHCP addresses in the 192.168.15.0 /24 range.  My Local subnet is 192.168.10.0 /24.  The sonicwall's LAN IP is in that subnet.  

VPN items I have setup:
Advanced tab:
"Default  Gateway" has IP 192.168.15.1 entered (although this IP does not exist?!)
Client tab:
Virtual Adapter Settings: DHCP Lease or manual Config
Allow access to: Split tunnels
Set Default Route as this Gateway is checked

Suggestions?
0
Comment
Question by:JamesonJendreas
2 Comments
 
LVL 4

Expert Comment

by:schmitty007
ID: 37721966
Well in my standard configuration of the Global VPN Client I have never put a gateway in the advanced tab i always leave the default 0.0.0.0
In my configuration I do not have the "Set route as this Gateway" checked. I can't say I have ever checked this before. I also run DHCP lease not DHCP Lease or Manual Config, although that should not cause this issue.

The added default gateway I would guess is causing the issue, especially since you say that IP does not exist. Although just to be sure I would make sure it is not the Create Interfaces IP for your Group VPN interface.

I have not seen this issue before or heard of it from any of my users with this set up.

But I create a new interface that is a member of my X0 or LAN interface on the Sonicwall for my group VPN clients and when I set up the DHCP over VPN (which is under the VPN link) then click configure button, I set the relay IP address as the IP of my newly created interface for Group VPN.

Hopefully this makes sense and helps.
0
 
LVL 16

Accepted Solution

by:
Syed_M_Usman earned 500 total points
ID: 37723776
Dear

edit your WAN Group vpn polices as follows

1) Advanced Tab:Default Gateway should be 0.0.0.0
2) in client tab: Virtual Adapter settings: DHCP Lease or manual Config
3) in client tab: Alloww Connections to :Split Tunnel
4) in client tab : Set Default Route as this Gateway is checked
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adding VPN user with Cisco RV110W changes IP address 7 52
ASA 5505 latency problem 8 45
Sonicwall TZ 190 2 19
VLAN Question 13 43
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question