Solved

Sonic Wall TZ 100 VPN

Posted on 2013-12-06
3
1,125 Views
Last Modified: 2016-12-25
I have set up an ssl vpn on a sonicwall tz100.  All internal setting are correct (server, client, portal etc...)  per the sonicwall instructions.  However when I test the vpn connection using netextender it tells me that the username and password are wrong.  I have verified the info.

I am using the external ip address of our comcast box + port 443 in the server field of netextender.  However I don't think this is correct because when I type that into the url bar in my browser it takes me to the comcast management log in screen.  What is the proper set up with netextender, or can I just initiate the ssl VPN tunnel and use RDP to get to my machine?

Thanks
0
Comment
Question by:Sapeur
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 39702156
Your Comcast router has management enabled on the interface so its not passing the traffic to your TZ100. You would either need to change the port hosting the SSL VPN site on the TZ100 or disable management on the Comcast modem.

Also, if you're using the modem interface IP you may want to set your TZ100 as the DMZ unless you're forwarding other ports to devices inside your network. Also, if you have more than 1 public address (IE, your Comcast public IP subnet is better than 255.255.255.252) you can assign a public IP to the internet interface on the Sonicwall.
0
 
LVL 25

Accepted Solution

by:
Diverse IT earned 500 total points
ID: 39706771
Hi Sapeur,

SonicWALL SSL-VPN runs on port 4433 by default. So you should type it in after your Public IP, e.g. 1.1.1.1:4433, then the other fields: username, password, domain. The domain must match that which you setup on the SSL-VPN domain field. So if you have a different one setup in the SSL-VPN Server than your Windows Server you should match them, but nevertheless use the one in the SSL-VPN Server.

Also, if you have remote management enabled for the SonicWALL or anything else with port forwarding running on 443 this will be an issue as well, which is why, again, SonicWALL designed SSL-VPN to run on 4433.

You can check/change the port for SSL-VPN on the SSL-VPN > Server settings.

You should put the Comcast modem into bridge mode if it isn't already and let the SonicWALL authenticate (depending on your broadband type). Call Comcast for instructions how if needed.

can I just initiate the ssl VPN tunnel and use RDP to get to my machine?
Yes, most assuredly you can!

Let me know if you have any other questions!
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39743896
I'm glad I could help and thanks for the points!
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question