Solved

Sonicwall Global VPN Client  grabs all internet traffic

Posted on 2014-11-29
6
178 Views
Last Modified: 2014-12-05
When configuring the GVC to connect to a Sonicwall NSA 2600, every time the GVC connects, the pc's internet traffic does one of two things:
Either it goes entirely through the remote Sonicwall, or it just stops altogether.
i have teh GVC configured on the NSA to run in Split Tunnels, but if i configure the Sonicwall Virutal adapter witha  default gateway, the vpn works and i can access the machines on the remote subnet just fine, as well as on my local subnet.  But all internet traffic goes through the vpn at that point.
If I delete the default gateway on the vpn adapter and connect, my local intranet traffic as well as internet traffic passes normally out of my local router... but I lose all contact with the machines on the remote network.
Please help!
0
Comment
Question by:Digital_Skream
  • 3
  • 3
6 Comments
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 40471697
This looks to be the correct fix:

http://dleetor.blogspot.com/2013/02/solution-sonicwall-global-vpn-user.html

FIXED!: SonicWall Global VPN User cannot get out to internet but can access stuff on the company's LAN
I just spent quite some time doing research into this issue.  If you have a user who connects to the company SonicWall with Global VPN Client but cannot get out to the internet but can ping and access everything internal on the company's LAN, here are a couple things to check out.

1) Go into VPN > Settings > Click Configure for the WAN GroupVPN
2) Go to the Advanced tab and make sure default gateway is set to 0.0.0.0
3) Go to the Client tab and make sure you have it setup like this:
4) Go into Users > Local Users and hover your mouse cursor over the VPN Access column for all users
5) If you see that VPN DHCP Clients or WAN RemoteAccess Networks is in any of the bubbles, this is what's causing the issue!  These objects will turn a Split Tunnel setup into a Tunnel All GroupVPN setup and so it will attempt to tunnel all internet traffic through the SonicWall which defeats the purpose of having Split Tunnels setup (I'm assuming S.T. because it's the most common kind of setup)

6) If you find that you can't edit the config for the local user All LDAP Users, try this...
7) Go into Local Groups, hover your mouse cursor over everything under VPN Access and check for the same entries (VPN DHCP Clients or WAN RemoteAccess Networks).  In my case, it was the SSLVPN Services group
8) Go into Config > VPN Access and remove both VPN DHCP Clients and WAN RemoteAccess Networks and leave only LAN Subnets
0
 
LVL 1

Author Comment

by:Digital_Skream
ID: 40472173
I already had that configuration setup.
I am having an issue wherein I am not aquiring an IP... the gvc just sits there saying aquiring ip for as long as I let it.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 40472484
Please review your DHCP configuration

Is your relay agent setup correctly?

https://support.software.dell.com/kb/sw11769
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 1

Author Comment

by:Digital_Skream
ID: 40482121
We are using the Sonicwall as the DHCP server.
0
 
LVL 13

Accepted Solution

by:
Greg Hejl earned 500 total points
ID: 40483349
0
 
LVL 1

Author Closing Comment

by:Digital_Skream
ID: 40483370
Beautiful.

That's got it sorted.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now