[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Sonicwall Global VPN - No Internet

Posted on 2012-03-14
2
Medium Priority
?
625 Views
Last Modified: 2012-03-30
So I've got a SonicWall NSA 4500.  I've set up a ton of these guys in the past, and there is always one thing that I end up running around trying to figure out, and  sure enough I'm running into it right now.

So, we're using the Global VPN (not SSL-VPN).  No problem connecting and accessing local resources.  Now, I have this odd thing where SOMETIMES users can access the internet when connected, other times they can't.  I don't make any change, I get a call that users on the VPN can't get out to the net.  Next thing I know,  I get a call saying it's all good.

So, My setup.  The Sonicwall is passing out DHCP addresses in the 192.168.15.0 /24 range.  My Local subnet is 192.168.10.0 /24.  The sonicwall's LAN IP is in that subnet.  

VPN items I have setup:
Advanced tab:
"Default  Gateway" has IP 192.168.15.1 entered (although this IP does not exist?!)
Client tab:
Virtual Adapter Settings: DHCP Lease or manual Config
Allow access to: Split tunnels
Set Default Route as this Gateway is checked

Suggestions?
0
Comment
Question by:JamesonJendreas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Expert Comment

by:schmitty007
ID: 37721966
Well in my standard configuration of the Global VPN Client I have never put a gateway in the advanced tab i always leave the default 0.0.0.0
In my configuration I do not have the "Set route as this Gateway" checked. I can't say I have ever checked this before. I also run DHCP lease not DHCP Lease or Manual Config, although that should not cause this issue.

The added default gateway I would guess is causing the issue, especially since you say that IP does not exist. Although just to be sure I would make sure it is not the Create Interfaces IP for your Group VPN interface.

I have not seen this issue before or heard of it from any of my users with this set up.

But I create a new interface that is a member of my X0 or LAN interface on the Sonicwall for my group VPN clients and when I set up the DHCP over VPN (which is under the VPN link) then click configure button, I set the relay IP address as the IP of my newly created interface for Group VPN.

Hopefully this makes sense and helps.
0
 
LVL 16

Accepted Solution

by:
Syed_M_Usman earned 2000 total points
ID: 37723776
Dear

edit your WAN Group vpn polices as follows

1) Advanced Tab:Default Gateway should be 0.0.0.0
2) in client tab: Virtual Adapter settings: DHCP Lease or manual Config
3) in client tab: Alloww Connections to :Split Tunnel
4) in client tab : Set Default Route as this Gateway is checked
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question