Sonicwall Firewall Routing Issue

I have a Dell SonicWall NSA 4500 that I'm having an issue with.  I have only been with the company for a few months and this was here when I got here.  I am not real versed in the SonicWall.   What is happening is that when I VPN in, I am able to reach any computer/device that is on the primary subnet (same subnet as to which the SonicWall is on), but I'm not able to ping or connect to any other subnets.  When I do an IPConfig, it does not give me a gateway.  Is that the issue?   Could someone point me in the right direction?

Thanks
BCHCAdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
how are you vpn in? using netextender or an ipsec vpn?
once your vpn in and able to see anything internally the vpn adapter must have a gateway/config.

you need to look at ipconfig /all to see the vpn adapters settings.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Anyway in regards to not being able to hit a different subnet I would imagine the other subnet is setup on a different interface on the sonicwall? You can see this through the sonicwall web interface where it tells you whether the interfaces are up or down.

It sounds like there is simply no rule to allow the traffic from the vpn address ranges to the second subnet, can you have a look at the logs in the sonicwall, they should tell you why it is not allowing the packets through.

Also you will need to set a log server up for this, you need logs on these things. for issues such as this.
The logs are too detailed to be on the firewall itself so you point them off to a windows server.
0
BCHCAdminAuthor Commented:
We use L2TP/IPSEC.  When I do an ipconfig /all I get an IP, Subnet mask, DNS servers but no gateway.
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Ok, well how are you connecting in ssl vpn netextender or using sonicwall global vpn client.

What about the logs? have you tried looking at the interfaces and the rules matrix?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BCHCAdminAuthor Commented:
Ended up being the check box in the Advanced TCP/IP settings for the VPN connection (using the Windows vpn connector) that said "Use Default Gateway on Remote Network".  It was not checked.  Once I checked it, then I was able to get to all subnets.

Thanks for everyone's help.
0
Mark BillExchange, AD, SQL, VMware, HPE, 3PAR, FUD, Anti MS Tekhnet, Pro EE, #1Commented:
Ta ty.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.