Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1318
  • Last Modified:

Sonic Wall TZ 100 VPN

I have set up an ssl vpn on a sonicwall tz100.  All internal setting are correct (server, client, portal etc...)  per the sonicwall instructions.  However when I test the vpn connection using netextender it tells me that the username and password are wrong.  I have verified the info.

I am using the external ip address of our comcast box + port 443 in the server field of netextender.  However I don't think this is correct because when I type that into the url bar in my browser it takes me to the comcast management log in screen.  What is the proper set up with netextender, or can I just initiate the ssl VPN tunnel and use RDP to get to my machine?

Thanks
0
Sapeur
Asked:
Sapeur
  • 2
1 Solution
 
Britt ThompsonSr. Systems EngineerCommented:
Your Comcast router has management enabled on the interface so its not passing the traffic to your TZ100. You would either need to change the port hosting the SSL VPN site on the TZ100 or disable management on the Comcast modem.

Also, if you're using the modem interface IP you may want to set your TZ100 as the DMZ unless you're forwarding other ports to devices inside your network. Also, if you have more than 1 public address (IE, your Comcast public IP subnet is better than 255.255.255.252) you can assign a public IP to the internet interface on the Sonicwall.
0
 
Blue Street TechLast KnightsCommented:
Hi Sapeur,

SonicWALL SSL-VPN runs on port 4433 by default. So you should type it in after your Public IP, e.g. 1.1.1.1:4433, then the other fields: username, password, domain. The domain must match that which you setup on the SSL-VPN domain field. So if you have a different one setup in the SSL-VPN Server than your Windows Server you should match them, but nevertheless use the one in the SSL-VPN Server.

Also, if you have remote management enabled for the SonicWALL or anything else with port forwarding running on 443 this will be an issue as well, which is why, again, SonicWALL designed SSL-VPN to run on 4433.

You can check/change the port for SSL-VPN on the SSL-VPN > Server settings.

You should put the Comcast modem into bridge mode if it isn't already and let the SonicWALL authenticate (depending on your broadband type). Call Comcast for instructions how if needed.

can I just initiate the ssl VPN tunnel and use RDP to get to my machine?
Yes, most assuredly you can!

Let me know if you have any other questions!
0
 
Blue Street TechLast KnightsCommented:
I'm glad I could help and thanks for the points!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now