VPN problems on Sonicwall TZ210

Posted on 2013-12-14
Medium Priority
Last Modified: 2014-01-14
I am using net extender to create a VPN from my laptop at home. My laptop at home has a dynamically assigned IP address from my router at home. My home router is a netgear.

My VPN was working fine for a long time. I would connect to my work network using net extender. Then i would launch a remote desktop and type in the server name that i wanted to remote into. RDP just times out. However, if I type in the IP address of the server I am able to log in.

Also i have mapped drives that do not work if using the server name however when I use IP address it works fine.

My home gateway is on and my work gateway is

My home computer is a laptop that is on a domain. It used to be a workstation at work. So when i login it is not authenticated by a DC. I just login using my name@mydomain.com and password and I never have a problem.

I did notice however that when I dolog into VPN successfully I no longer have local internet access. So in order to google search I have to disconnect from Net Extender, launch google, then log back in. Is that normal also since i am in tunnel mode?
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 25

Expert Comment

by:Blue Street Tech
ID: 39719094

NetExtender in tunnel all mode forces all traffic to be routed over the SSL-VPN adapter. To allow your end users access to internet over the UTM-SSLVPN, you will need to allow “WAN RemoteAccess Networks” (a network address object whose value acts like a default route), and the Tunnel All option must be selected on the Client Routes page.  The method below is appropriate when the administrator wants all of their NetExtender users to have their internet access provided through the SSL-VPN otherwise disable Tunnel All mode.  Be sure that you are not overwhelming the internet bandwidth at the location where the firewall is installed, as this traffic will be added to the other loads from inside the network.
Step 1: On the SonicWALL, go to SSL-VPN > Client Routes screen, enable the Tunnel All option in the drop down menu.

Step 2: On the Users > Local Groups screen, configure SSLVPN Services group and under tab “VPN Access,” add the object WAN RemoteAccess Networks.

Step 3: No custom rules are needed on the Firewall > Access Rules screen for this to work.  You can see auto-added rules in the section SSLVPN to WAN.
Make sense?

Expert Comment

by:Ramakrishna Prabhu
ID: 39719640
Agree with diverseit

Author Comment

ID: 39738468
That sounds like it will solve the internet connection issue. However, my big problem is that I can not connect via host name  using RDP. i used to connect my secure vpn and then RDP using my server name MYSERVER01 and now I can only connect to this server if I type in the IP address.

When I type NSLOOKUP in CMD Prompt I get the DNS server IP address from my office because I'm in tunnel mode,  but not the DNS server name. It says unknown.

Did I screw something up on my remote client side or is this a active directory DNS issue on my office network side?

Accepted Solution

robertmparten earned 2000 total points
ID: 39747694
The problem is it appears you have a tunnel misconfiguration issue. You need to setup a split tunnel and forward DNS so you can have Internet through your home connection but utilize the forwarded DNS to resolve the hostnames of your work servers so your file shares work.
LVL 25

Expert Comment

by:Blue Street Tech
ID: 39763507
It is not a misconfiguration to have Tunnel All mode enabled nor is it the appropriate fix to use a Split Tunnel if that is not desired! My solution (http:#a39719094) is a validated one and is accurate if you want to stick with Tunnel All mode, which will force all the traffic through to the your Office securely.


Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question