Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Sonicwall Global VPN Client  grabs all internet traffic

Posted on 2014-11-29
6
Medium Priority
?
192 Views
Last Modified: 2014-12-05
When configuring the GVC to connect to a Sonicwall NSA 2600, every time the GVC connects, the pc's internet traffic does one of two things:
Either it goes entirely through the remote Sonicwall, or it just stops altogether.
i have teh GVC configured on the NSA to run in Split Tunnels, but if i configure the Sonicwall Virutal adapter witha  default gateway, the vpn works and i can access the machines on the remote subnet just fine, as well as on my local subnet.  But all internet traffic goes through the vpn at that point.
If I delete the default gateway on the vpn adapter and connect, my local intranet traffic as well as internet traffic passes normally out of my local router... but I lose all contact with the machines on the remote network.
Please help!
0
Comment
Question by:Digital_Skream
  • 3
  • 3
6 Comments
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 40471697
This looks to be the correct fix:

http://dleetor.blogspot.com/2013/02/solution-sonicwall-global-vpn-user.html

FIXED!: SonicWall Global VPN User cannot get out to internet but can access stuff on the company's LAN
I just spent quite some time doing research into this issue.  If you have a user who connects to the company SonicWall with Global VPN Client but cannot get out to the internet but can ping and access everything internal on the company's LAN, here are a couple things to check out.

1) Go into VPN > Settings > Click Configure for the WAN GroupVPN
2) Go to the Advanced tab and make sure default gateway is set to 0.0.0.0
3) Go to the Client tab and make sure you have it setup like this:
4) Go into Users > Local Users and hover your mouse cursor over the VPN Access column for all users
5) If you see that VPN DHCP Clients or WAN RemoteAccess Networks is in any of the bubbles, this is what's causing the issue!  These objects will turn a Split Tunnel setup into a Tunnel All GroupVPN setup and so it will attempt to tunnel all internet traffic through the SonicWall which defeats the purpose of having Split Tunnels setup (I'm assuming S.T. because it's the most common kind of setup)

6) If you find that you can't edit the config for the local user All LDAP Users, try this...
7) Go into Local Groups, hover your mouse cursor over everything under VPN Access and check for the same entries (VPN DHCP Clients or WAN RemoteAccess Networks).  In my case, it was the SSLVPN Services group
8) Go into Config > VPN Access and remove both VPN DHCP Clients and WAN RemoteAccess Networks and leave only LAN Subnets
0
 
LVL 1

Author Comment

by:Digital_Skream
ID: 40472173
I already had that configuration setup.
I am having an issue wherein I am not aquiring an IP... the gvc just sits there saying aquiring ip for as long as I let it.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 40472484
Please review your DHCP configuration

Is your relay agent setup correctly?

https://support.software.dell.com/kb/sw11769
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 1

Author Comment

by:Digital_Skream
ID: 40482121
We are using the Sonicwall as the DHCP server.
0
 
LVL 13

Accepted Solution

by:
Greg Hejl earned 2000 total points
ID: 40483349
0
 
LVL 1

Author Closing Comment

by:Digital_Skream
ID: 40483370
Beautiful.

That's got it sorted.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question