Solved

Wireshark Files Needed to be explained

Posted on 2013-06-12
24
387 Views
Last Modified: 2013-06-26
We have a sonicwall firewall that is in place in our network.  We just had a new phone system put in that will allow vendor to get to it remotely and allow main office to transfer phone calls to branch offices by using VOIP.  There are times where the VOIP feature does not work and the vendor states that the sonicwall is blocking VOIP traffic or packets to their phone system.  We have opened up the ports they need and there are still issues.  They have ran wire shark to show us that that something is blocking the traffic.

If I upload these files can someone read these and tell me what is blocking traffic?  They have wire shark files between the sonicwall and phone system.

Can someone assist me by reading these and letting me know if it is the Sonicwall?
0
Comment
Question by:maximus7569
  • 12
  • 12
24 Comments
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39242281
can you upload it to Google drive and make access available with link?
0
 

Author Comment

by:maximus7569
ID: 39242504
Ok I will do that.
0
 

Author Comment

by:maximus7569
ID: 39242519
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39242769
on which log they saying that sonicwall is dropping pockets?
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39242796
pocket 613- on log beetween sonicwall and vc0 -  "tcp checksum offloading problem"

to fix do that

1. Open Device manager (right click "Computer" and click "Manage")
2. Click on "Device Manager"
3. Expand "Network adapters"
4. Right click your network adapter mine is called "Nvidia nForce 10/100/1000 Mbps Ethernet" etc.
5. click "properties"
6. click the tab named "Advanced"
7. Find "IP Checksum Offload" and click it
8. Put the value to the right to "Disabled"
9. Find "TCP Checksum offload (IPvX)
10. Set the value to the right to "Disabled"
0
 
LVL 14

Accepted Solution

by:
JAN PAKULA earned 500 total points
ID: 39242812
also what sonicwalls you have?

can you tell me what setting you have on these (on both firewalls)

usually under
Firewall > TCP Settings or Firewall > advanced> TCP Settings

Enforce strict TCP compliance with RFC 793 and RFC 1122 - enabled?

Enable TCP handshake enforcement - enabled?

Enable TCP checksum enforcement – If an invalid TCP checksum is calculated, the packet will be dropped. - that might be why you loosing traffic - make sure this one is disabled

Default TCP Connection Timeout – enabled?

Maximum Segment Lifetime (seconds) -enabled?


https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=3768&p=
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39242888
if you want you can disable Google sharing - i have all 4 logs
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39244266
any update?
0
 

Author Comment

by:maximus7569
ID: 39244410
Let me look over your responses.  Just saw your responses.  Thanks!
0
 

Author Comment

by:maximus7569
ID: 39244574
The logs that have ICV in them is the ones they state that are blocking packets.
The sonicwall is a TZ100W.
I am looking at the settings you mentioned now.
0
 

Author Comment

by:maximus7569
ID: 39244596
Here are the firewall settings in a snap shot.
0
 

Author Comment

by:maximus7569
ID: 39244600
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39244611
was that original settings ? are you just changed it  to that?

if original try enabling two top ones
0
 

Author Comment

by:maximus7569
ID: 39244645
No I have not made any changes.
0
 

Author Comment

by:maximus7569
ID: 39244648
Ok I will enable.
0
 

Author Comment

by:maximus7569
ID: 39244724
Ok its done.
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39244745
is it working now? have you done changes on both firewalls?
0
 

Author Comment

by:maximus7569
ID: 39244783
Yes I have made changes.  Well its working now, its just later they cant get back into it.  They state that sonicwall starts to block the connection.  I don't understand how the sonicwall will start all of a sudden blocking traffic.   Is that even possible?
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39244801
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39244806
inactivity timouts on udp or sip might be also causing it - second article
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39263058
any update?
0
 

Author Comment

by:maximus7569
ID: 39263205
Seems to be staying stable.  Did you ever see where the sonicwall was blocking packets with those wireshark files?
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 39267988
not sure what was your sonicwall ips - but it would be all with tcp checksum offloading problem" (black ones)
0
 

Author Comment

by:maximus7569
ID: 39278351
ok thanks.  Looks like we have not had any issues so far. You were very helpful.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding 14 151
GRE Trunnel with IPsec Encryption Issue 3 65
SonicWall blocking WOL 11 138
ipsec tunnel comme not up 10 101
Having worked with technical  professionals (tech communication) ranging from top IT executives to Ivy League scientists to internationally ranked engineers,  I fancy myself a cocktail party technologist – I understand enough about a wide spectrum o…
Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question