Solved

Global VPN SonicWall TZ105 setup

Posted on 2014-11-26
7
343 Views
Last Modified: 2014-12-11
we just got a new TZ 105, and have it setup with the WAN interface pulling from the Comcast box ip address instead of our external ip address. Traffic is running through it fine, but is there a way to setup the Global VPN client to work like this? I can't get it to connect, and I am guessing it is because the VPN client can't see the Firewall.

Thank you.
0
Comment
Question by:raffie613
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 7

Expert Comment

by:Network Zero
ID: 40471103
If your connected to the internet, then you need to look at the VPN settings them selves.

Something you need to make sure is where you're getting the DHCP from.

Global VPN needs DHCP configure from the sonicwall in order to be to connect.

go to vpn -> settings

go to WAN group vpn

pick an authentication type

example ike preshared key

set up a shared secret

DH group use GROUP 5

aes 256

SHA 1

28800

ipec2

esp

aes 256

sha1

life time is on you

advanced tab =>  

enable netbios

enable mutlicast

client authen

** trusted users ** or your own level

client tab

user name and password set your own settings

virtual adapter dhcp lease or manual config or just dhcp

allow connection to split tunnels

go to DHCP over VPN

central gateway

click configure

check use internal

for global vpn client

send DHCP request to the server address below

put in the address of the DHCP server or where ever you get DHCP

on network

go to DHCP server

enable DHCP server

then you need configure local users under

users -> local users

VPN access firewall subnet or whatever access you want them to have

groups make sure you put trusted users or whatever group you decide to give vpn access to

then download the VPN client and give that a shot
0
 

Author Comment

by:raffie613
ID: 40472052
did all this. Global VPN log shows error "the peer is not responding to phase 1 ISAKMP requests."

Are you sure that I do not need to have the ISP modem in bridge mode and my Sonicwall device have the external IP address as it's own WAN interface?
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 40473503
Yes, the you need to be able to access the Sonicwall WAN ip for the VPN to work.
0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 

Author Comment

by:raffie613
ID: 40474483
ok, my ISP says my modem is in bridge mode but changing my X1 port to the external ip drops the network completely. Is there another setting i need?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40475734
A couple of possibilities. Take a look at the following...

https://support.software.dell.com/kb/sw3875

https://support.software.dell.com/kb/sw5593

Does either resolve the problem?
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 40476146
Hi raffie613,

You need to login to the Comcast modem directly and look for a Passthrough IP option so that the modem will pass the External IP address to your SonicWALL. Also you will want to disable Firewall, Block IPsec, etc. since your SonicWALL will be handling that...and no in this scenario it doesn't benefit you to have both enabled.

Let me know how it goes!
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40477616
OK raffie613 it sounds to me like the problem is with the Comcast modem. Try this:

Remove the Ethernet cable from the Cable modem or reset it. (I recommended powering it down)

Wait till the modem comes back usually some sorta of green light should come on.

Connect your modem into the want port of the sonic wall...

check if auto-negotiation is correct.

give me the mode number of the comcast modem if it's still not working also...

back up the current configuration and then make sure the sonicwall is updated with the latest firmware.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question