Sonicwall TZ300 SSL VPN Connectivity Problems

I'm having intermittent problems with my TZ300. Occasionally, from remote computers that have successfully connected via SSL VPN to my server (SBS2008), user are receiving the following error:

"the server is not reachable. the server may be down or your internet settings may be down"

Some remote computers can't connect at all. I've reinstalled NetExtender, rebooted, had users try connecting by IP address, etc. but still can't pin this one down.

I
mapalaska2003Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Wayne88Commented:
In your SSL bookmarks, did you specify the SBS2008 by computer name?  If so, switch to using the IP address of the server.  The name translation may not be working properly.
0
mapalaska2003Author Commented:
When you say "in your SSL bookmarks", what are you referring to??
0
Wayne88Commented:
From the Virtual Office window, you can see the portal bookmarks.

http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

mapalaska2003Author Commented:
There are no bookmarks specified. What does this mean?
0
Wayne88Commented:
Can you clarify "Occasionally, from remote computers that have successfully connected via SSL VPN to my server (SBS2008)"

Are you using the remote office on the SBS or Sonicwall SSL VPN ?  It's two different things.  When stating SSL VPN, it is generally referred to the Sonicwall since you're using that appliance.
0
mapalaska2003Author Commented:
The problem is inconsistent, meaning it happens randomly.

The system was just recently set up., so I'm trying to understand how things work as well as troubleshoot his problem (the server is not reachable. the server may be down or your internet settings may be down.)

I thought at first it was a concurrent license issue, but I have now learned that using SSL VPN I can have up to 50 simultaneous connections from different remote users.
0
Wayne88Commented:
I know what "inconsistent" means.

My question is this.  You stated the user is using SSL VPN.  Is it SSL VPN on the Sonicwall or were you referring to Web Workplace?

Here is an example of Sonicwal SSL VPN: http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/

Here is an example of SBS2008 Web Workplace: http://blogs.technet.com/b/sbs/archive/2009/09/28/remote-working-enabled-by-windows-small-business-server-2008.aspx

If you don't have any SSL portal bookmark then can you walk me through how are your users connecting to the SBS2008 via SSL VPN for them to get the message "the server is not reachable. the server may be down or your internet settings may be down"?
0
mapalaska2003Author Commented:
I'm referring to SSL VPN
0
Wayne88Commented:
You said, there's no bookmark correct?

Go to this link, at the bottom left there is the word "SERVER" in blue.  That's the bookmark I was referring to.

Can you take a screenshot because I am confused and nothing is making sense.
0
Wayne88Commented:
If you don't have any SSL portal bookmark then can you walk me through how are your users connecting to the SBS2008 via SSL VPN for them to get the message "the server is not reachable. the server may be down or your internet settings may be down"?
0
mapalaska2003Author Commented:
Yes. I found that . Your link is where I looked in the administrative tool. There were no entries in the virtual office bookmarks, where as you l;ink does have one named server. Do I need to create a bookmark, with my static ip?
0
mapalaska2003Author Commented:
the users have Netextender installed.

They enter the static ip and then :4433
their email address
their password  
and lastly the domain name
scrnshot.jpg
0
Wayne88Commented:
Yes, create a bookmark with a static IP to the SBS2008. Then let's test if you can connect to the server and if the connection is stable or not.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Wayne88Commented:
Ok thanks for the info.   When you connect through SSL VPN we will test two ways.  I assume that the netextender is giving you problems.  How about when you launch VPN directly from the SSL Portal?  What happens here basically is that Sonicwall will just mirror the server using JAVA on the remote screen. It should be able to connect without issues and find the server since when you click on the bookmark it basically initiate an internal connection from the Sonicwall appliance to the server.
0
mapalaska2003Author Commented:
I'm not sure how to launch VPN directly from the SSL Portal.

After adding  the Static IP as a bookmark,

The same problem exists when trying to connect from the remote PC, via Netextender.
0
Wayne88Commented:
We need to be able to narrow down if the problem was due to the Sonicwall wall box disconnecting the SSL VPN or is it because of the internet connection on the user's side.

You can test this by downloading http://www.colasoft.com/ping_tool/ to do a continuous ping to your ISP default gateway and your Sonicwall box simultaneously.

See if your ping get dropped when the SSL VPN cuts off.  If the ping to the default gateway of the ISP is also dropped then the problem is the unreliable internet connection between the user and the Sonicwall.

If the ping to the default gateway is fine but to the Sonicwall is dropped then the problem is with the Sonicwall box (do a firmware upgrade to see if it fix the problem) or the internet connection on the Sonicwall side.

If the ping to both the Sonicwall and default gateway is fine but the SSL VPN get randomly dropped then the problem is with the NETEXTENDER or the SSL VPN portion of the Sonicwall.  Also do a firmware upgrade to see if it fix the problem.  There may be a problem with the Sonicwall box.  Contact DELL support for help.

These are just some examples on how to troubleshoot the problem.  The point is that you're trying to see isolate the problem to whether the VPN connection drop was due to internet connection or a faulty Sonicwall box/application.
0
mapalaska2003Author Commented:
I used the IP address rather then then mail.domain.com:4433  and that did the trick. Still not sure why though.

Thanks for the help.
0
Wayne88Commented:
Glad to help. Cheers!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.