SonicWall Mobile Connect Setup

bkisiel
bkisiel used Ask the Experts™
on
I am trying to get the SonicWALL mobile connect setup on my iPhone. When I try to setup at the add name/server option I input the IP:port where the SonicWALL I'm trying to connect to is located also just tried the IP.

"Mobile Connect can't verify the identity of "IP Address". Would you like to continue anyway? I continue.
"IP Address" is either currently unreachable or is not a valid SonicWALL appliance.

NetExtender works on this SonicWALL.

Any help is appreciated.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
bbaoIT Consultant

Commented:
better to have a screenshot for any factors not mentioned in the question.

it seems the SonicWALL device doesn't have a proper certificate installed for mobile clients to connect. or are you sure the given IP address for the firewall is a public IP?

Author

Commented:
These are the only options I have when using the Mobile Connect app. If I go to details it has info about a certificate and I choose "Always Trust", it doesn't seem to help. The SonicWALL uses a Selfsigned Certificate.

I double checked the public IP address and it was correct.

Thanks for your help.
image1.PNG
image2.PNG
bbaoIT Consultant

Commented:
what kind of info was masked in your screenshots? IP address or FQDN?
Should you be charging more for IT Services?

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
I used the Public IP Address where the SonicWALL is located, I tried with/without the port.

I also tried the dynDNS URL that works from NetExtender - *******.thruhere.net, also with/without port but no luck.

Thanks
bbaoIT Consultant

Commented:
> I used the Public IP Address where the SonicWALL is located

so you do mean there is nothing before the SonicWALL device, or in other words the IP is assigned to the WAN interface of the SonicWALL device? if so, what does the SonicWALL's log say? ever tried tracing packets from your mobile device's (public) IP using its Diagnosis option?
Blue Street TechLast Knight
Distinguished Expert 2018

Commented:
Hi bkisiel,

Here are some things to consider:
1. SSL-VPN must be configured correctly for NetExtender/Mobile Connect to work.
2. Default self-cert will work just fine. I'd recommend upgrading to a real cert via godaddy or the like for better security.
3. The port of the SSL-VPN must always be specified after a FQDN or Public IP address.

Let me know once these items have all been cleared so we can continue.

Author

Commented:
The Public IP address is assigned to X1:V11 (X1 is WAN). When checking the log I did see an error message: destination for 255.255.255.255 is not allowed by access control, that was all the information that it gave me.

1. NetExtender works fine on the laptops.
2. The certificate that is currently setup also works for NetExtender.
3. I have used the port after when entering the IP Address.

Thanks for your help.
Blue Street TechLast Knight
Distinguished Expert 2018

Commented:
Check your licensing...make sure you have enough. You can locate in the Licensing page.

Also make sure you have allocated enough IPs for the SSL-VPN.

If all the above check out and all other devices can access OK then that points to the device.
Blue Street TechLast Knight
Distinguished Expert 2018

Commented:
You have to provide feedback in order for us to help you!

Author

Commented:
For the SSL VPN License: Licensed      3  Max: 102 (I guess that means I have 3 licenses or 102?)

No one else is connected at the moment and still have the issue. (Not sure where to check to make sure there is enough available IPs)

I will get another device and try to use the mobile connect. (All devices that use NetExtender have no issues)

Thanks for your help.
Last Knight
Distinguished Expert 2018
Commented:
This question is probably dead now but in case it isn't. Licensed: 3  Max: 102, means you have 3 licenses and this device can support at maximum 102 licenses.

What model is this SonicWALL? and what is the SonicOS version?

Make sure your SSL-VPN is setup like this:SSL-VPN SettingsSpecifically, make sure the WAN is green by clicking on it to enable it. Specify the port and use the same port after your domain in the Mobile Connect settings.

Incidentally, it seems like a peculiarly odd setup to specify the primary public IP address to a sub-interface/VLAN. Since, you can only enable primary physical interfaces, this is your issue. Assign the Public IP address to the WAN (X1) instead of the X1:V11 and you should be able to connect.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start Today