Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Global VPN SonicWall TZ105 setup

Posted on 2014-11-26
7
Medium Priority
?
368 Views
Last Modified: 2014-12-11
we just got a new TZ 105, and have it setup with the WAN interface pulling from the Comcast box ip address instead of our external ip address. Traffic is running through it fine, but is there a way to setup the Global VPN client to work like this? I can't get it to connect, and I am guessing it is because the VPN client can't see the Firewall.

Thank you.
0
Comment
Question by:raffie613
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 7

Expert Comment

by:Network Zero
ID: 40471103
If your connected to the internet, then you need to look at the VPN settings them selves.

Something you need to make sure is where you're getting the DHCP from.

Global VPN needs DHCP configure from the sonicwall in order to be to connect.

go to vpn -> settings

go to WAN group vpn

pick an authentication type

example ike preshared key

set up a shared secret

DH group use GROUP 5

aes 256

SHA 1

28800

ipec2

esp

aes 256

sha1

life time is on you

advanced tab =>  

enable netbios

enable mutlicast

client authen

** trusted users ** or your own level

client tab

user name and password set your own settings

virtual adapter dhcp lease or manual config or just dhcp

allow connection to split tunnels

go to DHCP over VPN

central gateway

click configure

check use internal

for global vpn client

send DHCP request to the server address below

put in the address of the DHCP server or where ever you get DHCP

on network

go to DHCP server

enable DHCP server

then you need configure local users under

users -> local users

VPN access firewall subnet or whatever access you want them to have

groups make sure you put trusted users or whatever group you decide to give vpn access to

then download the VPN client and give that a shot
0
 

Author Comment

by:raffie613
ID: 40472052
did all this. Global VPN log shows error "the peer is not responding to phase 1 ISAKMP requests."

Are you sure that I do not need to have the ISP modem in bridge mode and my Sonicwall device have the external IP address as it's own WAN interface?
0
 
LVL 20

Accepted Solution

by:
carlmd earned 2000 total points
ID: 40473503
Yes, the you need to be able to access the Sonicwall WAN ip for the VPN to work.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:raffie613
ID: 40474483
ok, my ISP says my modem is in bridge mode but changing my X1 port to the external ip drops the network completely. Is there another setting i need?
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40475734
A couple of possibilities. Take a look at the following...

https://support.software.dell.com/kb/sw3875

https://support.software.dell.com/kb/sw5593

Does either resolve the problem?
0
 
LVL 27

Expert Comment

by:Blue Street Tech
ID: 40476146
Hi raffie613,

You need to login to the Comcast modem directly and look for a Passthrough IP option so that the modem will pass the External IP address to your SonicWALL. Also you will want to disable Firewall, Block IPsec, etc. since your SonicWALL will be handling that...and no in this scenario it doesn't benefit you to have both enabled.

Let me know how it goes!
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40477616
OK raffie613 it sounds to me like the problem is with the Comcast modem. Try this:

Remove the Ethernet cable from the Cable modem or reset it. (I recommended powering it down)

Wait till the modem comes back usually some sorta of green light should come on.

Connect your modem into the want port of the sonic wall...

check if auto-negotiation is correct.

give me the mode number of the comcast modem if it's still not working also...

back up the current configuration and then make sure the sonicwall is updated with the latest firmware.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question