Solved

Global VPN SonicWall TZ105 setup

Posted on 2014-11-26
7
321 Views
Last Modified: 2014-12-11
we just got a new TZ 105, and have it setup with the WAN interface pulling from the Comcast box ip address instead of our external ip address. Traffic is running through it fine, but is there a way to setup the Global VPN client to work like this? I can't get it to connect, and I am guessing it is because the VPN client can't see the Firewall.

Thank you.
0
Comment
Question by:raffie613
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 7

Expert Comment

by:Network Zero
ID: 40471103
If your connected to the internet, then you need to look at the VPN settings them selves.

Something you need to make sure is where you're getting the DHCP from.

Global VPN needs DHCP configure from the sonicwall in order to be to connect.

go to vpn -> settings

go to WAN group vpn

pick an authentication type

example ike preshared key

set up a shared secret

DH group use GROUP 5

aes 256

SHA 1

28800

ipec2

esp

aes 256

sha1

life time is on you

advanced tab =>  

enable netbios

enable mutlicast

client authen

** trusted users ** or your own level

client tab

user name and password set your own settings

virtual adapter dhcp lease or manual config or just dhcp

allow connection to split tunnels

go to DHCP over VPN

central gateway

click configure

check use internal

for global vpn client

send DHCP request to the server address below

put in the address of the DHCP server or where ever you get DHCP

on network

go to DHCP server

enable DHCP server

then you need configure local users under

users -> local users

VPN access firewall subnet or whatever access you want them to have

groups make sure you put trusted users or whatever group you decide to give vpn access to

then download the VPN client and give that a shot
0
 

Author Comment

by:raffie613
ID: 40472052
did all this. Global VPN log shows error "the peer is not responding to phase 1 ISAKMP requests."

Are you sure that I do not need to have the ISP modem in bridge mode and my Sonicwall device have the external IP address as it's own WAN interface?
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 40473503
Yes, the you need to be able to access the Sonicwall WAN ip for the VPN to work.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:raffie613
ID: 40474483
ok, my ISP says my modem is in bridge mode but changing my X1 port to the external ip drops the network completely. Is there another setting i need?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40475734
A couple of possibilities. Take a look at the following...

https://support.software.dell.com/kb/sw3875

https://support.software.dell.com/kb/sw5593

Does either resolve the problem?
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 40476146
Hi raffie613,

You need to login to the Comcast modem directly and look for a Passthrough IP option so that the modem will pass the External IP address to your SonicWALL. Also you will want to disable Firewall, Block IPsec, etc. since your SonicWALL will be handling that...and no in this scenario it doesn't benefit you to have both enabled.

Let me know how it goes!
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40477616
OK raffie613 it sounds to me like the problem is with the Comcast modem. Try this:

Remove the Ethernet cable from the Cable modem or reset it. (I recommended powering it down)

Wait till the modem comes back usually some sorta of green light should come on.

Connect your modem into the want port of the sonic wall...

check if auto-negotiation is correct.

give me the mode number of the comcast modem if it's still not working also...

back up the current configuration and then make sure the sonicwall is updated with the latest firmware.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now