VPN disconnecting

I'm using a Sonicwall TZ 170 and I'm attempting to VPN into our network from a remote site (ex: a coffee shop). I open Sonicwall Global VPN Client, click enable. It prompts that I have been connect successfully. Then I attempt to connect to our server, for anywhere from 10 seconds to 2 minutes it works perfectly! Then nothing works. I can't even ping our server or any other workstations. I've check the log of the client, windows logs, and the log on the Sonicwall and there are no errors.
I've looked through the Sonicwall getting started guide and manual; it appears everything is configured correctly.

I ran a test to try to see if the disconnection was a timed occurrence and it doesn't appear to be.  I timed from the moment that I was prompted that the VPN connection was established until I was no longer able to ping the server. These are the timespans (mm:ss).
1:45
0:12
1:27
0:30
0:38
0:20

With no errors, I'm clueless on where to look next.

Thanks in advance.
Root777Software JediAsked:
Who is Participating?
 
Root777Connect With a Mentor Software JediAuthor Commented:
I've gotten at least a bandaid fix on this for now. We are upgrading our server in about a month. I'm just hoping the problem fixes itself with the new server, otherwise I will revisit this issue.
0
 
xDUCKxCommented:
When you ping -t during the timeout you get a "Request Timed Out" and it won't recover?

Are you connecting via wireless or wired?  Are you able to try each and see if the results are the same?
0
 
Root777Software JediAuthor Commented:
Request timed out.

I've been doing all of my testing over wired currently.
One of our engineers does it over wireless and it appears he has the same exact issue. But I will grab my laptop and give it a try.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
xDUCKxCommented:
Did a quick google to see how to change to verbose logging on your sonicwall model and found this:

https://www.sonicwall.com/downloads/site_to_site_vpn_troubleshooting_on_sonicwall_security_appliances.pdf

It seems to address this issue exactly.  Have you seen this and tried the steps/solution?
0
 
Root777Software JediAuthor Commented:
I attempted everything that could have been the issue and nothing worked. But I found something in the process.

On the VPN client, if I go to properties of the VPN connection there is a status tab and I have the option to renew the Virtual IP. If I wait until "ping server -t" shows "Request Timed Out", then click renew. I get a reply on the ping immediately and it works for another 10 seconds- 2 minutes.
I haven't looked into it yet but I imagine its something in the DHCP server. I'm done for the night on this, I will take a look tomorrow, I will post back what I find out.
0
 
Syed_M_UsmanSystem AdministratorCommented:
Dear,

if you are using SNA-TZ series as DHCP, than by default DHCP lease times on the SonicWALL is 1440 minutes. In a more mobile network this can pose a problem.  
can you try to lower the lease time to 2-4 hours..

please also verify you are NOT using static DHCP lease... pelase also clear arp entries in your SNA.
0
 
Root777Software JediAuthor Commented:
I'm not using the Sonicwall for DHCP. DHCP is handled by a Windows SBS '03 server.
0
 
Root777Software JediAuthor Commented:
Any additional thoughts? I've been trying to solve this all morning and I haven't made any progress. I've been looking on google but I can't find anyone that has had this issue.
0
 
Root777Software JediAuthor Commented:
Interestingly if I reserve an IP on the DHCP server for a specific computer, it doesn't drop the connection anymore. I'm going to test this on a few more computers tonight.
0
 
Syed_M_UsmanSystem AdministratorCommented:
could you please check the elased time of SBS? what are the TCP/IP properties etting of the client? are you using Domain Credintial? is there any GPO or policy preveting idle clients or ....... :)
0
 
Syed_M_UsmanSystem AdministratorCommented:
Thanks for the update.
0
 
Root777Software JediAuthor Commented:
No solution as of right now. I will revisit this in approximately a month.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.