Sonicwall TZ300 SSL VPN Connectivity Problems
I'm having intermittent problems with my TZ300. Occasionally, from remote computers that have successfully connected via SSL VPN to my server (SBS2008), user are receiving the following error:
"the server is not reachable. the server may be down or your internet settings may be down"
Some remote computers can't connect at all. I've reinstalled NetExtender, rebooted, had users try connecting by IP address, etc. but still can't pin this one down.
I
"the server is not reachable. the server may be down or your internet settings may be down"
Some remote computers can't connect at all. I've reinstalled NetExtender, rebooted, had users try connecting by IP address, etc. but still can't pin this one down.
I
Wayne88
In your SSL bookmarks, did you specify the SBS2008 by computer name? If so, switch to using the IP address of the server. The name translation may not be working properly.
ASKER
When you say "in your SSL bookmarks", what are you referring to??
From the Virtual Office window, you can see the portal bookmarks.
http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/
http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/
ASKER
There are no bookmarks specified. What does this mean?
Can you clarify "Occasionally, from remote computers that have successfully connected via SSL VPN to my server (SBS2008)"
Are you using the remote office on the SBS or Sonicwall SSL VPN ? It's two different things. When stating SSL VPN, it is generally referred to the Sonicwall since you're using that appliance.
Are you using the remote office on the SBS or Sonicwall SSL VPN ? It's two different things. When stating SSL VPN, it is generally referred to the Sonicwall since you're using that appliance.
ASKER
The problem is inconsistent, meaning it happens randomly.
The system was just recently set up., so I'm trying to understand how things work as well as troubleshoot his problem (the server is not reachable. the server may be down or your internet settings may be down.)
I thought at first it was a concurrent license issue, but I have now learned that using SSL VPN I can have up to 50 simultaneous connections from different remote users.
The system was just recently set up., so I'm trying to understand how things work as well as troubleshoot his problem (the server is not reachable. the server may be down or your internet settings may be down.)
I thought at first it was a concurrent license issue, but I have now learned that using SSL VPN I can have up to 50 simultaneous connections from different remote users.
I know what "inconsistent" means.
My question is this. You stated the user is using SSL VPN. Is it SSL VPN on the Sonicwall or were you referring to Web Workplace?
Here is an example of Sonicwal SSL VPN: http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/
Here is an example of SBS2008 Web Workplace: http://blogs.technet.com/b/sbs/archive/2009/09/28/remote-working-enabled-by-windows-small-business-server-2008.aspx
If you don't have any SSL portal bookmark then can you walk me through how are your users connecting to the SBS2008 via SSL VPN for them to get the message "the server is not reachable. the server may be down or your internet settings may be down"?
My question is this. You stated the user is using SSL VPN. Is it SSL VPN on the Sonicwall or were you referring to Web Workplace?
Here is an example of Sonicwal SSL VPN: http://thebeagle.itgroove.net/2013/07/01/a-bunch-of-sonicwall-goodies-part-1-ssl-vpn/
Here is an example of SBS2008 Web Workplace: http://blogs.technet.com/b/sbs/archive/2009/09/28/remote-working-enabled-by-windows-small-business-server-2008.aspx
If you don't have any SSL portal bookmark then can you walk me through how are your users connecting to the SBS2008 via SSL VPN for them to get the message "the server is not reachable. the server may be down or your internet settings may be down"?
ASKER
I'm referring to SSL VPN
You said, there's no bookmark correct?
Go to this link, at the bottom left there is the word "SERVER" in blue. That's the bookmark I was referring to.
Can you take a screenshot because I am confused and nothing is making sense.
Go to this link, at the bottom left there is the word "SERVER" in blue. That's the bookmark I was referring to.
Can you take a screenshot because I am confused and nothing is making sense.
If you don't have any SSL portal bookmark then can you walk me through how are your users connecting to the SBS2008 via SSL VPN for them to get the message "the server is not reachable. the server may be down or your internet settings may be down"?
ASKER
Yes. I found that . Your link is where I looked in the administrative tool. There were no entries in the virtual office bookmarks, where as you l;ink does have one named server. Do I need to create a bookmark, with my static ip?
ASKER
the users have Netextender installed.
They enter the static ip and then :4433
their email address
their password
and lastly the domain name
They enter the static ip and then :4433
their email address
their password
and lastly the domain name
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Ok thanks for the info. When you connect through SSL VPN we will test two ways. I assume that the netextender is giving you problems. How about when you launch VPN directly from the SSL Portal? What happens here basically is that Sonicwall will just mirror the server using JAVA on the remote screen. It should be able to connect without issues and find the server since when you click on the bookmark it basically initiate an internal connection from the Sonicwall appliance to the server.
ASKER
I'm not sure how to launch VPN directly from the SSL Portal.
After adding the Static IP as a bookmark,
The same problem exists when trying to connect from the remote PC, via Netextender.
After adding the Static IP as a bookmark,
The same problem exists when trying to connect from the remote PC, via Netextender.
We need to be able to narrow down if the problem was due to the Sonicwall wall box disconnecting the SSL VPN or is it because of the internet connection on the user's side.
You can test this by downloading http://www.colasoft.com/ping_tool/ to do a continuous ping to your ISP default gateway and your Sonicwall box simultaneously.
See if your ping get dropped when the SSL VPN cuts off. If the ping to the default gateway of the ISP is also dropped then the problem is the unreliable internet connection between the user and the Sonicwall.
If the ping to the default gateway is fine but to the Sonicwall is dropped then the problem is with the Sonicwall box (do a firmware upgrade to see if it fix the problem) or the internet connection on the Sonicwall side.
If the ping to both the Sonicwall and default gateway is fine but the SSL VPN get randomly dropped then the problem is with the NETEXTENDER or the SSL VPN portion of the Sonicwall. Also do a firmware upgrade to see if it fix the problem. There may be a problem with the Sonicwall box. Contact DELL support for help.
These are just some examples on how to troubleshoot the problem. The point is that you're trying to see isolate the problem to whether the VPN connection drop was due to internet connection or a faulty Sonicwall box/application.
You can test this by downloading http://www.colasoft.com/ping_tool/ to do a continuous ping to your ISP default gateway and your Sonicwall box simultaneously.
See if your ping get dropped when the SSL VPN cuts off. If the ping to the default gateway of the ISP is also dropped then the problem is the unreliable internet connection between the user and the Sonicwall.
If the ping to the default gateway is fine but to the Sonicwall is dropped then the problem is with the Sonicwall box (do a firmware upgrade to see if it fix the problem) or the internet connection on the Sonicwall side.
If the ping to both the Sonicwall and default gateway is fine but the SSL VPN get randomly dropped then the problem is with the NETEXTENDER or the SSL VPN portion of the Sonicwall. Also do a firmware upgrade to see if it fix the problem. There may be a problem with the Sonicwall box. Contact DELL support for help.
These are just some examples on how to troubleshoot the problem. The point is that you're trying to see isolate the problem to whether the VPN connection drop was due to internet connection or a faulty Sonicwall box/application.
ASKER
I used the IP address rather then then mail.domain.com:4433 and that did the trick. Still not sure why though.
Thanks for the help.
Thanks for the help.
Glad to help. Cheers!