Solved

Sonic Wall TZ 100 VPN

Posted on 2013-12-06
3
1,064 Views
Last Modified: 2016-12-25
I have set up an ssl vpn on a sonicwall tz100.  All internal setting are correct (server, client, portal etc...)  per the sonicwall instructions.  However when I test the vpn connection using netextender it tells me that the username and password are wrong.  I have verified the info.

I am using the external ip address of our comcast box + port 443 in the server field of netextender.  However I don't think this is correct because when I type that into the url bar in my browser it takes me to the comcast management log in screen.  What is the proper set up with netextender, or can I just initiate the ssl VPN tunnel and use RDP to get to my machine?

Thanks
0
Comment
Question by:Sapeur
  • 2
3 Comments
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 39702156
Your Comcast router has management enabled on the interface so its not passing the traffic to your TZ100. You would either need to change the port hosting the SSL VPN site on the TZ100 or disable management on the Comcast modem.

Also, if you're using the modem interface IP you may want to set your TZ100 as the DMZ unless you're forwarding other ports to devices inside your network. Also, if you have more than 1 public address (IE, your Comcast public IP subnet is better than 255.255.255.252) you can assign a public IP to the internet interface on the Sonicwall.
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39706771
Hi Sapeur,

SonicWALL SSL-VPN runs on port 4433 by default. So you should type it in after your Public IP, e.g. 1.1.1.1:4433, then the other fields: username, password, domain. The domain must match that which you setup on the SSL-VPN domain field. So if you have a different one setup in the SSL-VPN Server than your Windows Server you should match them, but nevertheless use the one in the SSL-VPN Server.

Also, if you have remote management enabled for the SonicWALL or anything else with port forwarding running on 443 this will be an issue as well, which is why, again, SonicWALL designed SSL-VPN to run on 4433.

You can check/change the port for SSL-VPN on the SSL-VPN > Server settings.

You should put the Comcast modem into bridge mode if it isn't already and let the SonicWALL authenticate (depending on your broadband type). Call Comcast for instructions how if needed.

can I just initiate the ssl VPN tunnel and use RDP to get to my machine?
Yes, most assuredly you can!

Let me know if you have any other questions!
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39743896
I'm glad I could help and thanks for the points!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question