?
Solved

sonicwall vpn connection.... can't connect unless using a static ip

Posted on 2014-08-21
9
Medium Priority
?
1,210 Views
Last Modified: 2014-08-27
ok here is the enviroment

sonicwall tz-170 with enhanced os

Windows 2008r2 server with DCHP server giving out leases

I setup the sonicwall globalVPN i believe correctly... I cannot seem to connect.... IT passes the first 2 sets and logs in
It then gets stuck at getting an IP address....

I've tried over hotspot and get the same response... so i dont think its internal

The error is "failed to renew the IP address for the virtual interface"

However if i go to the sonicwall vpn connection in the Network connections and assign it a IP address and subnet it works fine.... If i put the gateway of the firewall in it doesnt work

I'm completely stumped...any help will be greatly appreciated

Mike

sonicwall.rtf
0
Comment
Question by:punkrawkdude99
  • 5
  • 4
9 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40279190
It's easier to let the sonicwall assign ip addresses. I suggest you get things working like that first.

Then If you want to push for windows doing dhcp for the VPN connection here is a guide
http://help.mysonicwall.com/sw/eng/general/ui1/6600/DHCP/DHCP_over_VPN.htm
0
 
LVL 1

Author Comment

by:punkrawkdude99
ID: 40279545
I forgot to mention that there is a SSL vpn connection from one office to another.... will any of this effect it??

Couldnt i just use the non existent wlan interface and pass out dhcp on there instead?
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40279598
Are you trying to get vpn dhcp through the ssl VPN? If so, you probably need to add a firewall rule to allow that
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
LVL 1

Author Comment

by:punkrawkdude99
ID: 40279616
there is a tz150 in another building and it is on a completely separate network..... 10.0.0.0

there is a ssl vpn connection from 10.0.0.0 to 192.168.99.0

i dont want to screw anything up by changing about the dhcp over vpn settings... i only want whatever i try to effect the vpn connections
0
 
LVL 1

Accepted Solution

by:
punkrawkdude99 earned 0 total points
ID: 40279658
Ok i went in and added another interface for the WLAN i set it up on 192.168.100.1

i created a dhcp scope for it and told the dhcp over vpn to relay to that....

it works fine with windows... i can get on and connect to the file server without an issue

Now the mac is another issue... i have an ipad and the sonicwall mobile client... i just cant get it to connect....
0
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 2000 total points
ID: 40279666
I had problems with the mobile connect app. It was messing up the domain name for the routes with a ";" so I just use l2tp personally. It works for windows, osx, and iOS. Android oddly enough likes the app.
0
 
LVL 1

Author Comment

by:punkrawkdude99
ID: 40279671
is the L2 setup a pain??? do i need a radius server? This sonicwall is a POS and logs me out every 30 seconds....so yeah... i already have a low tolerance for it

my issue with the app is it wont connect.. it is supposed to populate the domain field... or something like that and it does nothing...and i dont know what to enter there....
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40279705
I use a windows 2012 domain and enabled nps (radius) on that. In sonicwall users settings, connect via ldap and radius. It needs ldap for groups and radius for user/passwords. Make a VPN group in ad, in the sonicwall add the VPN group to the VPN users local group.
0
 
LVL 1

Author Closing Comment

by:punkrawkdude99
ID: 40287424
I was able to figure out a solution on my own however aaron was very helpful as well
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
#Citrix #Netscaler #MSSQL #Load Balance
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question