Solved

Sonicwall SOHO SSL-VPN no LAN Access

Posted on 2016-08-23
5
54 Views
Last Modified: 2016-08-30
I have a new Sonicwall SOHO appliances that I am trying to setup the SSL-VPN.  I can successfully connect with the NetExtender and get an IP Address but can not access anything on the LAN????

This isn't my first time setting up the SSL-VPN setup on a Sonicwall (but the first time with SOHO version) and have not run into this problem before.  Seems something has changed with the newer firmware or my new Sonicwall is simply broke?

Any advice would help.... Thanks!
0
Comment
Question by:April33
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:JSpoor
Comment Utility
Did you add the X0 subnet to the VPN access list of the user/group ?

There are basically two access lists
1) in the firewall SSLVPN->LAN zone
2) on the user/group VPN Access tab

View example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0
 

Author Comment

by:April33
Comment Utility
Did you add the X0 subnet to the VPN access list of the user/group ?   Yes I did....

There are basically two access lists
 1) in the firewall SSLVPN->LAN zone    This is set correctly
 2) on the user/group VPN Access tab    This Is set correctly

This is a strange issue.  It's like it is being blocked.  

I also updated to the Latest Firmware... Even tried the Early release firmware?

Not sure how to fix this?  I did submit a ticket to Dell.  I am waiting to hear back.

Anymore ideas?
0
 
LVL 5

Accepted Solution

by:
JSpoor earned 500 total points
Comment Utility
log on with the user via SSL VPN
go to the user status and find the IP address
log the user out,
from a device on thelan try to ping that IP address
if it replies there's a duplicate IP.
if not, log in again
then from the client do a constant ping to a server

run a packet capture with ethertype=ip and src ip is the above IP
also check the logs on that source IP for a block message
0
 

Author Comment

by:April33
Comment Utility
I tried pining the SSL Client IP when connected from within the LAN, got nothing.

I haven't run a packet trace yet.  I do have a call from Sonicwall support scheduled for tomorrow.

I will update afterward.
0
 

Author Closing Comment

by:April33
Comment Utility
I spoke with Dell Sonicwall Support today.  They remoted to the SW and looked around and did some packet captures while pinging from a connected SSLVPN client.

The capture showed packets being dropped by the firewall due to a policy.  

When I set up the SW initially, I Bridged the LAN and WLAN networks.  The problem was that I needed to add a rule in the Firewall SSLVPN to WLAN to Allow traffic to flow between them.  Once the rule was added I can ping everyone thing on the LAN from the SSLVPN client.

JSpoor, thanks for helping!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now