Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 185
  • Last Modified:

Sonicwall SOHO SSL-VPN no LAN Access

I have a new Sonicwall SOHO appliances that I am trying to setup the SSL-VPN.  I can successfully connect with the NetExtender and get an IP Address but can not access anything on the LAN????

This isn't my first time setting up the SSL-VPN setup on a Sonicwall (but the first time with SOHO version) and have not run into this problem before.  Seems something has changed with the newer firmware or my new Sonicwall is simply broke?

Any advice would help.... Thanks!
0
April33
Asked:
April33
  • 3
  • 2
1 Solution
 
J SpoorTMECommented:
Did you add the X0 subnet to the VPN access list of the user/group ?

There are basically two access lists
1) in the firewall SSLVPN->LAN zone
2) on the user/group VPN Access tab

View example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0
 
April33Author Commented:
Did you add the X0 subnet to the VPN access list of the user/group ?   Yes I did....

There are basically two access lists
 1) in the firewall SSLVPN->LAN zone    This is set correctly
 2) on the user/group VPN Access tab    This Is set correctly

This is a strange issue.  It's like it is being blocked.  

I also updated to the Latest Firmware... Even tried the Early release firmware?

Not sure how to fix this?  I did submit a ticket to Dell.  I am waiting to hear back.

Anymore ideas?
0
 
J SpoorTMECommented:
log on with the user via SSL VPN
go to the user status and find the IP address
log the user out,
from a device on thelan try to ping that IP address
if it replies there's a duplicate IP.
if not, log in again
then from the client do a constant ping to a server

run a packet capture with ethertype=ip and src ip is the above IP
also check the logs on that source IP for a block message
0
 
April33Author Commented:
I tried pining the SSL Client IP when connected from within the LAN, got nothing.

I haven't run a packet trace yet.  I do have a call from Sonicwall support scheduled for tomorrow.

I will update afterward.
0
 
April33Author Commented:
I spoke with Dell Sonicwall Support today.  They remoted to the SW and looked around and did some packet captures while pinging from a connected SSLVPN client.

The capture showed packets being dropped by the firewall due to a policy.  

When I set up the SW initially, I Bridged the LAN and WLAN networks.  The problem was that I needed to add a rule in the Firewall SSLVPN to WLAN to Allow traffic to flow between them.  Once the rule was added I can ping everyone thing on the LAN from the SSLVPN client.

JSpoor, thanks for helping!
1

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now