Sonicwall Global VPN - No Internet

So I've got a SonicWall NSA 4500.  I've set up a ton of these guys in the past, and there is always one thing that I end up running around trying to figure out, and  sure enough I'm running into it right now.

So, we're using the Global VPN (not SSL-VPN).  No problem connecting and accessing local resources.  Now, I have this odd thing where SOMETIMES users can access the internet when connected, other times they can't.  I don't make any change, I get a call that users on the VPN can't get out to the net.  Next thing I know,  I get a call saying it's all good.

So, My setup.  The Sonicwall is passing out DHCP addresses in the 192.168.15.0 /24 range.  My Local subnet is 192.168.10.0 /24.  The sonicwall's LAN IP is in that subnet.  

VPN items I have setup:
Advanced tab:
"Default  Gateway" has IP 192.168.15.1 entered (although this IP does not exist?!)
Client tab:
Virtual Adapter Settings: DHCP Lease or manual Config
Allow access to: Split tunnels
Set Default Route as this Gateway is checked

Suggestions?
LVL 1
JamesonJendreasAsked:
Who is Participating?
 
Syed_M_UsmanConnect With a Mentor System AdministratorCommented:
Dear

edit your WAN Group vpn polices as follows

1) Advanced Tab:Default Gateway should be 0.0.0.0
2) in client tab: Virtual Adapter settings: DHCP Lease or manual Config
3) in client tab: Alloww Connections to :Split Tunnel
4) in client tab : Set Default Route as this Gateway is checked
0
 
schmitty007Commented:
Well in my standard configuration of the Global VPN Client I have never put a gateway in the advanced tab i always leave the default 0.0.0.0
In my configuration I do not have the "Set route as this Gateway" checked. I can't say I have ever checked this before. I also run DHCP lease not DHCP Lease or Manual Config, although that should not cause this issue.

The added default gateway I would guess is causing the issue, especially since you say that IP does not exist. Although just to be sure I would make sure it is not the Create Interfaces IP for your Group VPN interface.

I have not seen this issue before or heard of it from any of my users with this set up.

But I create a new interface that is a member of my X0 or LAN interface on the Sonicwall for my group VPN clients and when I set up the DHCP over VPN (which is under the VPN link) then click configure button, I set the relay IP address as the IP of my newly created interface for Group VPN.

Hopefully this makes sense and helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.