Global VPN SonicWall TZ105 setup

we just got a new TZ 105, and have it setup with the WAN interface pulling from the Comcast box ip address instead of our external ip address. Traffic is running through it fine, but is there a way to setup the Global VPN client to work like this? I can't get it to connect, and I am guessing it is because the VPN client can't see the Firewall.

Thank you.
raffie613Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
carlmdConnect With a Mentor Commented:
Yes, the you need to be able to access the Sonicwall WAN ip for the VPN to work.
0
 
Network ZeroCloud Engineer Commented:
If your connected to the internet, then you need to look at the VPN settings them selves.

Something you need to make sure is where you're getting the DHCP from.

Global VPN needs DHCP configure from the sonicwall in order to be to connect.

go to vpn -> settings

go to WAN group vpn

pick an authentication type

example ike preshared key

set up a shared secret

DH group use GROUP 5

aes 256

SHA 1

28800

ipec2

esp

aes 256

sha1

life time is on you

advanced tab =>  

enable netbios

enable mutlicast

client authen

** trusted users ** or your own level

client tab

user name and password set your own settings

virtual adapter dhcp lease or manual config or just dhcp

allow connection to split tunnels

go to DHCP over VPN

central gateway

click configure

check use internal

for global vpn client

send DHCP request to the server address below

put in the address of the DHCP server or where ever you get DHCP

on network

go to DHCP server

enable DHCP server

then you need configure local users under

users -> local users

VPN access firewall subnet or whatever access you want them to have

groups make sure you put trusted users or whatever group you decide to give vpn access to

then download the VPN client and give that a shot
0
 
raffie613Author Commented:
did all this. Global VPN log shows error "the peer is not responding to phase 1 ISAKMP requests."

Are you sure that I do not need to have the ISP modem in bridge mode and my Sonicwall device have the external IP address as it's own WAN interface?
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
raffie613Author Commented:
ok, my ISP says my modem is in bridge mode but changing my X1 port to the external ip drops the network completely. Is there another setting i need?
0
 
carlmdCommented:
A couple of possibilities. Take a look at the following...

https://support.software.dell.com/kb/sw3875

https://support.software.dell.com/kb/sw5593

Does either resolve the problem?
0
 
Blue Street TechLast KnightsCommented:
Hi raffie613,

You need to login to the Comcast modem directly and look for a Passthrough IP option so that the modem will pass the External IP address to your SonicWALL. Also you will want to disable Firewall, Block IPsec, etc. since your SonicWALL will be handling that...and no in this scenario it doesn't benefit you to have both enabled.

Let me know how it goes!
0
 
Network ZeroCloud Engineer Commented:
OK raffie613 it sounds to me like the problem is with the Comcast modem. Try this:

Remove the Ethernet cable from the Cable modem or reset it. (I recommended powering it down)

Wait till the modem comes back usually some sorta of green light should come on.

Connect your modem into the want port of the sonic wall...

check if auto-negotiation is correct.

give me the mode number of the comcast modem if it's still not working also...

back up the current configuration and then make sure the sonicwall is updated with the latest firmware.
0
All Courses

From novice to tech pro — start learning today.