Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Sonicwall U-Turn PING interface

Posted on 2014-04-03
7
Medium Priority
?
542 Views
Last Modified: 2014-04-18
I have setup 2 zone in my firewall LAN and WAN.

the WAN connected with 1 cisco router just to provide IPSEC VPN to some other vendor via my LAN interface.

now I need to have SSL VPN enable on my WAN and the SSL VPN request will from my LAN.

is it possible?
0
Comment
Question by:hell_angel
  • 4
  • 3
7 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 39974532
If you want to use the SSLVPN you must have a license for it. First check on your Sonicwall under System -> Licenses to make sure you have an SSLVPN license. If so, to configure use the following.

https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=6461
0
 

Author Comment

by:hell_angel
ID: 39974848
we have the license and already configured it.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39974899
Can you be more specific on what your issue is?

If it is already configured, are you saying you are having a problem getting it to work?
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 

Author Comment

by:hell_angel
ID: 39975346
OK.. let me re-phase it...

My Sonicwall configured with LAN and WAN zone. LAN zone is facing corp network for internet access and other department routing.

WAN zone is connected with a Cisco router with Public IP. this router establish IPSEC VPN tunnel to access other private subnet behind the router. the route traffic will routed via corp network to vendor via LAN zone--> Corp network

We managed to get the routing works for both LAN and WAN. IPSEC working fine.

Now comes to our issue..
the so call WAN zone is configured with internet routable IP, in order to allowed users at corp or outside corp network able access the SSL VPN from internet, we need to terminate the SSL VPN at that WAN zone.

infront the sonicwall is Dell Force10 core switch which faced to corp network.
from core switch, im able reach to the router that at wan zone, BUT I can't PING the WAN zone interface IP which I terminate the SSL VPN..

hope this is clear
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39975487
Just to be clear, you are referring to the Sonicwall SSLVPN and not something else. If so, what do you mean by terminate the SSLVPN at the WAN interface. Normally the SSLVPN is used to connect to specified lans or vlans on the LAN interface side of the Sonicwall.

Regarding the ping, do you have ping enabled for the X1 interface. Check on the Sonicwall at Network -> Interfaces  then click the Configure button for the X1 interface. On the Management line, is ping checked?
0
 

Author Comment

by:hell_angel
ID: 39976221
that's correct.
what I mean is users will enter the specific interface IP for ssl vpn login page.

for the PING test. yes, the interface already enable with PING.
only that when the client is resided at LAN zone, it can't PING the WAN zone  interface IP.
0
 
LVL 20

Accepted Solution

by:
carlmd earned 1500 total points
ID: 39976300
It is not a problem that you cannot ping the WAN interface from the LAN.

You cannot use the SSLVPN from the LAN to connect to the WAN. The Sonicwall only listens for the SSLVPN connection on the WAN interface.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question