Solved

Sonicwall SOHO SSL-VPN no LAN Access

Posted on 2016-08-23
5
70 Views
Last Modified: 2016-08-30
I have a new Sonicwall SOHO appliances that I am trying to setup the SSL-VPN.  I can successfully connect with the NetExtender and get an IP Address but can not access anything on the LAN????

This isn't my first time setting up the SSL-VPN setup on a Sonicwall (but the first time with SOHO version) and have not run into this problem before.  Seems something has changed with the newer firmware or my new Sonicwall is simply broke?

Any advice would help.... Thanks!
0
Comment
Question by:April33
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:J Spoor
ID: 41768301
Did you add the X0 subnet to the VPN access list of the user/group ?

There are basically two access lists
1) in the firewall SSLVPN->LAN zone
2) on the user/group VPN Access tab

View example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0
 

Author Comment

by:April33
ID: 41769591
Did you add the X0 subnet to the VPN access list of the user/group ?   Yes I did....

There are basically two access lists
 1) in the firewall SSLVPN->LAN zone    This is set correctly
 2) on the user/group VPN Access tab    This Is set correctly

This is a strange issue.  It's like it is being blocked.  

I also updated to the Latest Firmware... Even tried the Early release firmware?

Not sure how to fix this?  I did submit a ticket to Dell.  I am waiting to hear back.

Anymore ideas?
0
 
LVL 7

Accepted Solution

by:
J Spoor earned 500 total points
ID: 41769991
log on with the user via SSL VPN
go to the user status and find the IP address
log the user out,
from a device on thelan try to ping that IP address
if it replies there's a duplicate IP.
if not, log in again
then from the client do a constant ping to a server

run a packet capture with ethertype=ip and src ip is the above IP
also check the logs on that source IP for a block message
0
 

Author Comment

by:April33
ID: 41775569
I tried pining the SSL Client IP when connected from within the LAN, got nothing.

I haven't run a packet trace yet.  I do have a call from Sonicwall support scheduled for tomorrow.

I will update afterward.
0
 

Author Closing Comment

by:April33
ID: 41777028
I spoke with Dell Sonicwall Support today.  They remoted to the SW and looked around and did some packet captures while pinging from a connected SSLVPN client.

The capture showed packets being dropped by the firewall due to a policy.  

When I set up the SW initially, I Bridged the LAN and WLAN networks.  The problem was that I needed to add a rule in the Firewall SSLVPN to WLAN to Allow traffic to flow between them.  Once the rule was added I can ping everyone thing on the LAN from the SSLVPN client.

JSpoor, thanks for helping!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now