Sonicwall Remote Access

Is there a way to remotely access a Sonicwall appliance simply through the internet?  We have TZ150 in another country, and if the VPN is up, I can use the private (192.168.x.x) address to connect to it, but if the VPN goes down, I cannot connect to it using the public address.  There is a "Web Management Settings" section in the "Administration" section but it only appears to work with clients on the local area network.  I looked in the Sonicwall manual but it didn't mention anything about remote access (that I could find)
LVL 1
jbobstAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Blue Street TechLast KnightCommented:
Hi jbobst,

Yes, there sure is!

Follow these steps under the SonicOS Standard section to enable Remote Management: https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=7946

I'd consider upgrading to a TZ 105 too...the gear you have is EOL (End of Life - no longer supported) and there have been a vast amount of improvements in the newer versions - night and day. All new security appliances come standard with SonicOS Enhanced too.

Let me know if you have any questions!
0
jbobstAuthor Commented:
Thanks for the link diverseit,  However, I just cannot get it working.  The instructions are simple but it will never connect.  I added the firewall access rule, even check the allow fragmented packets, and still I get "problem loading page".  I also have a Sonicwall 2040 (basically the exact same user interface as the TZ 150) and I cannot get remote access to that one either.  I am at a loss.
0
Blue Street TechLast KnightCommented:
Are you using https://your_public_IP? (I'm trying to emphasize the "s")

Is it a static IP or dynamic?
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

jbobstAuthor Commented:
Yes, definitely adding the "s"...didn't add the .com though.  Just the number.  I'll try adding a .com but is that correct?
0
Blue Street TechLast KnightCommented:
My bad...pure typo...I'm so used to dealing with A Record lookups when logging in, e.g. https://rmc12.domain.com.

No, it's either https://<public_IP> or https://sub-domain.TLD if you have one setup.
0
Blue Street TechLast KnightCommented:
Could it be the wrong IP? Is it dynamic or static?

If you login to the console via VPN got to Network > Interfaces and verify the WAN IP otherwise have someone internally go the whatismyip.com and tell you what it is.

Try rebooting the Firewall as well.
0
jbobstAuthor Commented:
Thanks for the clarification.  It's still not working so I am not sure what I am doing wrong.
0
Blue Street TechLast KnightCommented:
This is a very basic configuration...meaning it is going to be something really simple that you are missing (info or configuration-wise) or there is an issue with the SonicWALL. I bet on the former only because you'd be noticing issues continually if it was due to a corruption in the firmware.

Overlooking things happens to the best of us so, in fact sometimes they are typically the most obvious:
1. Re-read the article I provided you (https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=7946),
2. Check the logical paths in your mind,
3. Verify you have the correct IP,
4. Reboot the firewall and test again.
It would help to know if you can ping the firewall. To setup Ping on the WAN follow this step-by-step under the SonicOS Standard section: https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=3785
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jbobstAuthor Commented:
Thanks for the information diverseit,

So, I've found out a little more information.  First, we also have a Sonicwall 2040 at our main location.  I was not able to get it to allow remote access either, even though I followed the instructions.  However, I was able to get the ping working on our 2040 but not the remote TZ150.  I know for sure I have the correct IP addresses, as both sonicwalls are VPN'd together constantly using the static IP addresses at each location.  However, there is one difference on the Taiwan TZ150.  They have a dsl line there, and when I look at the WAN settings, they have it set to NAT with DHCP enabled.  And, the WAN address is a 192.168.1.X address.  So, their ISP must have them behind some other sort of firewall.  But, they DO have a static public IP address, and that is how we establish the permanent VPN between the two sites.  My 2040 has a static IP address, but it is delivered to us in a more normal way...as the WAN IP in the Sonicwall is the static public IP address.  So I am guessing the remote access and ping is not working because of their ISP setup.  That still doesn't answer why my 2040 doesn't allow remote https access, but the ping does work.
0
Blue Street TechLast KnightCommented:
Interesting.

The TZ may have a router before it routing the Public IP to it thereby getting the site-to-site VPN to work but if that is the case they would need to possibly add a route, port forward to the TZ's interface to manage it. It seems very odd to have any complicated routing where there is a TZ 150 SonicOS Standard in place...it's the lowest entry point device SonicWALL made at the time. Just seems odd to have a router ahead of it. But I digress.

Let's focus on the 2040. Is it in the States? Can you get login access via VPN? Check it's WAN settings. What type of connection? Is it showing the Public IP there? Can you verify nothing is upstream from it?

Thanks.
0
Blue Street TechLast KnightCommented:
Any update on this?
0
jbobstAuthor Commented:
Sorry for the delay.  Couldn't get to it before the weekend.

The 2040 is in the states and located in the office I work at.  I can access it from home (for example) if I connect my laptop to the VPN first and use it's private ip address.  If I don't use the VPN and try the https://mypublicipaddress, it does not work.  I can verify there is nothing upstream...unlike the Taiwan office.
0
Blue Street TechLast KnightCommented:
Make sure there are no rules above it. Re-prioritize it if you have to by clicking on the priority arrows and moving it to the top of the list. Then re-test.

Download & install the latest firmware updates available as well.
0
Blue Street TechLast KnightCommented:
Any update on this??
0
jbobstAuthor Commented:
So sorry for the delay diverseit.  No update at this time.  We are eventually going to be getting rid of this firewall so I am going to have to just address this with what ever product we purchase next.  I also have another client with a TZ105 and I could not get that setup either to be accessible from the outside.  Very frustrating, but thanks for all the help.  I am going to close the question now.
0
Blue Street TechLast KnightCommented:
This is frustrating to hear. I have performed remote configuration hundreds of time with no issues whatsoever. There has to be some sort of anomaly going on here. If you have any more questions don't hesitate to open some new questions up...I'd be glad to take a look. Thanks for the points!

Cheers!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.