Sonicwall SSL-VPN DNS bookmarks do not seem to work

Posted on 2014-03-12
Last Modified: 2014-05-06
Hello all,

I am running a Sonicwall SSL-VPN2000 appliance.  I have a number of bookmarks that do RDP (Both Java and Active X)

When I put the IP address of the device in the bookmark, I can connect to the end device just fine.  When I put in the DNS name into the bookmark, I can not connect.

I have looked at the DNS settings in the Sonicwall and they are correct.  When I goto the diagnostics page of the sonicwall, I can do DNS resolution, ping by DNS name, traceroute to both the name and the IP address.

Seems strange but this is what I am seeing.  Any ideas?


Question by:thafemann
  • 4
  • 4

Expert Comment

ID: 39925466
It's the VPN client that needs to be able to resolve the DNS, not the appliance itself.

When you connect to the VPN from a client computer, are you able to resolve DNS for the RDP server? If not, you may need to change the DNS servers given to your VPN clients.

Author Comment

ID: 39925481
We are not using the VPN client.  We are using the Bookmark feature, which is a web vpn portal.  
As I shared, IP addresses work, DNS addresses do not work.  :(

Expert Comment

ID: 39925490
The web VPN portal uses the NetExtender SSL VPN client. The bookmark feature still requires the client machine to have correct DNS servers set to resolve your DNS addresses.

Author Comment

ID: 39925508
Ok, but isn't the appliance DNSpassed thru to the clients?  The device itself can do appropriate DNS resolution and even trace route by name. Is there another place to set DNS?
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.


Expert Comment

ID: 39925557
Open your NetExtender client when connected to the VPN and click on the "DNS" tab. Are the correct DNS servers set?

Can you resolve the full FQDN? (i.e. "myserver.mydomain.local" instead of just "myserver")

Author Comment

ID: 39926090
Thanks for replying.  I do not have the NetExtender client on my machine.  When I login to the web portal, we do not have the client install to the workstation.  We only use the web interface, no client.

Again, this all works fine when we use the IP address of the workstations we wish to RDP or SSL into.  As soon as we use a DNS name, we can not connect.

I have looked on the SSL-VPN appliance itself.  All the places that I see the DNS settings are set correctly.  

One thing I did find interesting is if I add an entry to the host resolution table on the SSL VPN appliance, and then it works!

Author Comment

ID: 39926106
When I am connected to the web portal, and I am able to connect to a server via RDP, I opened a command line to see what I could ping.

I could not ping the IP address of the server that I was RDP'd into (ping is enabled and no firewal), I could not resolve by netbios name or dns name (fqdn).  

It seem that the web portal does some sort of reverse proxy to present these services to the end user without the user actually being connected to the remote network.

When I look at the management interface while I am connected, I see active users, but I see no NetExtender sessions.  I don't even have these sections turned on.

Accepted Solution

N-W earned 500 total points
ID: 39933137
Yes, that's right. The VPN appliance does application offloading for services that are bookmarked so you don't actually have VPN access to the internal network itself.

If you would like VPN access to the network, you need to enable NetExtender and use your bookmarks through it. This way you'll be able to ping the servers and resolve both DNS/NetBIOS.

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sonicwall routing between VPNs 5 45
Choosing a firewall for our broadband cable connection 2 56
Which the best UTM recommended ? 2 73
Sonicwall blocks a site 49 56
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now