Search Results

Search found 114 results on 5 pages for 'sonicwall'.

Page 1/5 | 1 2 3 4 5  | Next Page >

  • Tunnel into Sonicwall VPN while on Sonicwall wifi?

    - by Patrick Harrington
    Hey all, I am able to hit my company's VPN while I am at home using a dedicated IP with no issue. When I am at work, the VPN we use (a Sonicwall router/VPN/wifi access point), I can get outside internet fine, but am unable to connect to the VPN. I know that the wifi puts me on a different subnet, and when I try to connect to the normal VPN IP it won't work, and a traceroute just times out. Any suggestions? Might there be an internal IP I need to hit while here at work?

    Read the article

  • Route additional network through Sonicwall site-to-site VPN

    - by Brandon
    I have a sonicwall site to site vpn. At one of the sites there is another Cisco vpn to another site. I need to route the traffic for the cisco vpn through the site to site from the other sonicwall site. Site A - 10.10.0.0 /16 network Site B - 192.168.1.0 /24 Sonicwall, A cisco vpn is on 192.168.1.226 address and has routes the 10.10.0.0 network to Site A. Site C - 192.168.2.0 /24 Sonicwall Site A-B VPN is working Site B-C VPN is working I need to get Site C to transmit the 10.10.0.0 traffic over the VPN to site B and then out the Cisco device.

    Read the article

  • How to configure remote access to multiple subnets behind a SonicWALL NSA 2400

    - by Kyle Noland
    I have a client that uses a SonicWALL NSA 2400 as their firewall. I need to setup a second LAN subnet for a handful of PC. Management has decided that there should be a second subnet even though intend to allow access across the two subnets - I know... I'm having trouble getting communication across the 2 subnets. I can ping each gateway, but I cannot ping or seem to route traffic fron subnet A to subnet B. Here is my current setup: X0 Interface: LAN zone with IP addres 192.168.1.1 X1 Interface: WAN zone with WAN IP address X2 Interface: LAN zone with IP address 192.168.75.1 I have configured ARP and routes for the secondar subnet (X2) according to this SonicWALL KB article: http://www.sonicwall.com/downloads/supporting_multiple_firewalled_subnets_on_sonicos_enhanced.pdf using "Example 1". At this point I don't minding if I have to throw the SonicWALL GVC software VPN client into the mix to make it work. It feel like I have an Access Rule issue, but for testing I made LAN LAN, WAN LAN and VPN LAN rules wide open with the same results.

    Read the article

  • Sonicwall NSA 240, Configured for LAN and DMZ, X0 and X2 on same switch - ping issues

    - by Klaptrap
    Our Sonicwall vendor supplied and networked the NSA240 when we required a DMZ in our infrastructure. This was configured and appeared correct although VPN users periodically dropped DNS and Terminal Services. The vendor could not resolve and so the call was escalated to Sonicwall. The Sonicwall support engineer took a look and concluded that the X0 (LAN) and X2 (DMZ) intefaces were cabled to the same switch and so this is the issue. What he observed is a ping request to the LAN Domain Controller, from a connected VPN user, is forwarded (x0) from the VPN client IP to the DC IP but the ping response from the DC IP to the VPN client IP is on X2, a copy of the log is detailed below:- 02/02/2011 10:47:49.272 X1*(hc) X0 192.168.1.245 192.168.1.8 IP ICMP -- FORWARDED 02/02/2011 10:47:49.272 -- X0* 192.168.1.245 192.168.1.8 IP ICMP -- FORWARDED 02/02/2011 10:47:49.272 X2*(i) -- 192.168.1.8 192.168.1.245 IP ICMP -- Received X0 - LAN X1 - WAN X2 - DMZ The Sonicwall engineer concluded that we either need a seperate switch for X2 or we use a VLAN switch for both. I am the companies software engineer and we have yet to have heard back from the vendor, so I am lost at sea at the moment. Do we need to buy this additional equipment or is there another configuration on the NSA240 we can use?

    Read the article

  • SonicWall HA "gotchas"?

    - by Mark Henderson
    We're looking to move away from PFSense and CARP to a pair of SonicWall NSA 24001 configured in Active/Passive for High Availability. I've never dealt with SonicWall before, so is there anything I should know that their sales guy won't tell me? I'm aware that they had an issue with a lot of their devices shutting down connectivity because of a licensing fault, and they have an overtly complex management GUI (on the older devices at least), but are there any other big "gotchas" that I need to be aware of before committing a not insubstantial amount of money towards these devices? 1If you're outside the US, the SonicWall global sites suck balls. Use the US site for all your product research, and then use your local site when you're after local information.

    Read the article

  • Sonicwall NSA 3500, public ip for SSL VPN clients is not visible

    - by SlyMcFly
    I have a Sonciwall NSA 3500 and I'm setting up the SSL VPN according to this guide. I get through setting up the Sonicwall router, but then to test it says "Users can now go to the public IP of the sonicwall. Notice the new “click here for SSL login” hyper link". However, when I go to the public ip of the Sonicwall I don't get a web page, it just times out. Is there some other setting that I'm missing in order to make the SSL VPN login page public?

    Read the article

  • Multiple WAN interfaces on SonicWall TZ 100?

    - by Chad Decker
    I'm using a SonicWall TZ 100 with a basic configuration of X0 for the LAN and X1 for the WAN. The WAN uses DHCP to obtain its routable IP address. I want to obtain a second routable IP from my ISP. I'm in luck because my cable company will provide me with an additional dynamic IP for $5/mo. How do I bind this IP to my SonicWall? My additional dynamic IP will not be consecutive to the original one. It won't even be on the same class C. I think what I want to do is to use one of the empty ports/interfaces (X2, X3, or X4), tell that interface to use DHCP, and then add that interface to the WAN "zone". I can't figure out how to do this though. Here's what I've tried so far: (1) I've looked in Network Interfaces. I see X0 and X1 but the other unused interfaces don't show up. I don't see an "Add" button to add the new interfaces. (2) I've looked in Network Zones. I see that X0, X2, X3, X4 are in the LAN zone. I tried to drag X3 into the WAN zone but I can't. Nor does clicking the "Configure" button allow me to move an unused interface from LAN to WAN. (3) I've read the post entitled Splitting up multiple WAN's on Sonicwall. This doesn't seem applicable to me. Any thoughts?

    Read the article

  • VPN Setup: Mac OS X and SonicWall

    - by noloader
    I'm trying to get VPN access up and running. The company has a SonicWall firewall/concentrator and I'm working on a Mac. I'm not sure of the SonicWall's hardware or software level. My MacBook Pro is OS X 10.8, x64, fully patched. The Mac Networking applet claims the remote server is not responding. The connection attempt subsequently fails: This is utter bullshit, as a Wireshark trace shows the Protected Mode negotiation, and then the fallback to Quick Mode: I have two questions (1) does Mac OS X VPN work in real life? (2) Are there any trustworthy (non-Apple) tools to test and diagnose the connection problem (Wireshark is a cannon and I have to interpret the results)? And a third question (off topic): what is broken in Cupertino such that so much broken software gets past their QA department? EDIT (12/14/2012): The network guy sent me "VPN Configuration Guide" (Equinox document SonicOS_Standard-6-EN). It seems an IPSec VPN now requires a Firewall Unique Identifier. Just to be sure, I revisited RFC 2409, where Main Mode, Aggressive Mode, and Quick Mode are discussed. I cannot find a reference to Firewall Unique Identifier. I think I am screwed here: I am trying to connect to a broken (non-standard) firewall, with a broken Mac OS X client. Fortunately, I can purchase VPN Tracker Personal (a {SonicWall|Equinox}-authored client) for $129US from Equinox. So much for standards....

    Read the article

  • Modify SonicWALL Global VPN Client Encrypted RCF

    - by PaulWaldman
    Presently rolling out VPN to access to a small office. I am using a SonicWALL TZ-170 running SonicOS Enhanced 3.4.1.0-2e. I've created an encrypted RCF file for the clients to import into the SonicWALL Global VPN Client. Is there a way to provide friendly names for the "Connection Name" and "HostName" in the RCF file? If I create an unencrypted RFC file I can easily modify these values. Is there anyway to modify them in an encrypted RCF file? Thanks.

    Read the article

  • Error connecting to Sonicwall L2TP VPN from iPad/iPhone

    - by db2
    A client has a Sonicwall Pro 2040 running SonicOS 3.0, and they'd like to be able to use the L2TP VPN client from their iPads to connect to internal services (Citrix, etc). I've enabled the L2TP VPN server on the Sonicwall, made sure to set AES-128 for phase 2, and set up the configuration on a test iPad with the appropriate username, password, and pre-shared key. When I attempt to connect, I get some rather cryptic error messages in the log on the Sonicwall: 2 03/29/2011 12:25:09.096 IKE Responder: IPSec proposal does not match (Phase 2) [My outbound IP address redacted] (admin) [WAN IP address redacted] 10.10.130.7/32 -> [WAN IP address redacted]/32 3 03/29/2011 12:25:09.096 IKE Responder: Received Quick Mode Request (Phase 2) [My outbound IP address redacted], 61364 (admin) [WAN IP address redacted], 500 4 03/29/2011 12:25:07.048 IKE Responder: IPSec proposal does not match (Phase 2) [My outbound IP address redacted] (admin) [WAN IP address redacted] 10.10.130.7/32 -> [WAN IP address redacted]/32 5 03/29/2011 12:25:07.048 IKE Responder: Received Quick Mode Request (Phase 2) [My outbound IP address redacted], 61364 (admin) [WAN IP address redacted], 500 The console log on the iPad looks like this: Mar 29 13:31:24 Daves-iPad racoon[519] <Info>: [519] INFO: ISAKMP-SA established 10.10.130.7[500]-[WAN IP address redacted][500] spi:5d705eb6c760d709:458fcdf80ee8acde Mar 29 13:31:24 Daves-iPad racoon[519] <Notice>: IPSec Phase1 established (Initiated by me). Mar 29 13:31:24 Daves-iPad kernel[0] <Debug>: launchd[519] Builtin profile: racoon (sandbox) Mar 29 13:31:25 Daves-iPad racoon[519] <Info>: [519] INFO: initiate new phase 2 negotiation: 10.10.130.7[500]<=>[WAN IP address redacted][500] Mar 29 13:31:25 Daves-iPad racoon[519] <Notice>: IPSec Phase2 started (Initiated by me). Mar 29 13:31:25 Daves-iPad racoon[519] <Info>: [519] ERROR: fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted. Mar 29 13:31:25 Daves-iPad racoon[519] <Info>: [519] ERROR: Message: '@ No proposal is chosen'. Mar 29 13:31:46 Daves-iPad racoon[519] <Info>: [519] ERROR: fatal NO-PROPOSAL-CHOSEN notify messsage, phase1 should be deleted. Mar 29 13:31:46 Daves-iPad racoon[519] <Info>: [519] ERROR: Message: '@ No proposal is chosen'. Mar 29 13:31:55 Daves-iPad pppd[518] <Notice>: IPSec connection failed Does this offer any clues as to what's going wrong?

    Read the article

  • Sonicwall settings for Polycom TFTP

    - by Michael Glenn
    I'm switching our VoIP phones (Polycom 301s and 501s) to our data network. They were previously segmented to their own network. This means disabling the DHCP on the Trixbox (Asterisk) server and configuring the Sonicwall TZ 210 DHCP to indicate that Trixbox is the TFTP server. The Polycom phones are stating "could not contact boot server". All phones are configured to TFTP and were confirmed working when previously using the Trixbox server for DHCP. Trixbox DHCP is now turned off. I've configured options 66(as String), 128(as IP) and 150(as IP) in DHCP and added them to a TFTP Option Group. I've enabled "Allow BOOTP Clients to use Range" for the Dynamic IP range and assigned the Option Group TFTP as the DHCP Generic Option Group. Any idea what I'm missing? Is there a separate tool to inspect the DHCP response to compare Trixbox to the Sonicwall?

    Read the article

  • SonicWall and Windows CA

    - by Nathan C
    I'm attempting to import a certificate created by a CA I've set up in Windows using AD CS. I've done the following: 1) Created my own CA (MyCompany) 2) Enabled web services (mostly for ease of configuration) 3) Generated a certificate request on the Sonicwall itself 4) Used web services to sign the certificate 5) Imported the sign certificate into the Sonicwall ...this caused the certificate to show "No" for the Verified field. 6) Imported the CA's certificate. This is where I get stuck. I attempted to import the CRL list, but get the following error: CRL Error - Verification failed using CA certificate. No further errors appear in the logs. Without the CRL list the certificate won't verify and it doesn't appear under the "Administration" page so I can select it for use via HTTPS. Any ideas?

    Read the article

  • Sonicwall - dual WAN ports - switch from one to another

    - by Charles
    Hi, Folks! I'm using a SonicWall NSA 240 which has two WAN ports (T1 and Comcast) and the LAN port has a cable which connects to a switch. From the switch, several cables connect to other switches. The SonicWall doesn't have DHCP enabled; one of our domain controllers running Windows Server 2003 also functions as a DHCP server. Is there a way for a user in our network to change connection from T1 to Comcast as their ISP or vice versa? In other words, if a user is connected via the T1, can he/she somehow connect via Comcast instead? Thanks, in advance, for your help! Sincerely, Charles

    Read the article

  • Sonicwall NAT Policy Loopback

    - by John
    I have an issue and am pretty perplexed over it. I have a sonicwall and its setup with NAT polices and reflexive nat for an internal web server. That is, only 2 policies, no loopback policy, and the internal clients can access the web server by public ip no problems. Now, on another connection, another sonicwall, i have the exact same setup for another web server, with exact same policies (obviously different IP's) and the internal clients can't access the internal website by its public IP without creating the loopback policy. Maybe on the first one I've overlooked it, but I don't see any loopback what so ever and its working fine. My question is, does anyone know why the first one works like this but the second one needs the loopback policy? Thanks

    Read the article

  • Sonicwall Enhanced With One-To-One NAT, Firewall Blocking Everything

    - by Justin
    Hello, just migrated from a Sonicwall TZ180 (Standard) to a Sonicwall TZ200 (Enhanced). Everything is working except the firewall rules are blocking everything. All hosts are online, and being assigned correct ip addresses. I can browse the internet on the hosts. I am using one-to-one NAT translating public ip addresses to private. 64.87.28.98 -> 192.168.1.2 64.87.28.99 -> 192.168.1.3 etc First order of business is to get ping working. My rule is in the new firewall is (FROM WAN to LAN): SOURCE DESTINATION SERVICE ACTION USERS ANY 192.168.1.2-192.168.1.6 PING ALLOW ALL This should be working, but not. I even tried changing the destination to the public ip addresses, but still no luck. SOURCE DESTINATION SERVICE ACTION USERS ANY 64.87.28.98-64.87.28.106 PING ALLOW ALL Any ideas what I am doing wrong?

    Read the article

  • Converge Voice and Data networks using Sonicwall

    - by skinneejoe
    We are looking to converge VOIP and Data traffic onto a single wire so that our client's VOIP phones pass data through to the users computer. We are specing out a new Sonicwall NSA appliance to handle routing functions and layer 2 switches to manage VLANS. Not a huge network, medium sized. What should I know about converging the networks onto a single wire? Obviously I'll want to prioritize voice traffic, is this handled solely in the Sonicwall with QoS configurations or do the layer 2 switches need to be configured differently? Any other pitfalls I should be aware of, or any good resources for learning more?

    Read the article

  • SonicWALL NetExtender - Client Install?

    - by JArmani
    We are about to push out a new VPN solution for our organization. One of the beautiful things we saw in SonicWALL's SSL-VPN was the thin, browser-based solution of NetExtender. Does anybody have experience with this? My specific concern is that, at least in Windows 7 during testing, it prompts for admin credentials to install the ActiveX NetExtender plugin, which is standard for installing anything in a Windows domain environment. But doesn't this mean I actually have to go in and install the client on all domain laptops that will be using the VPN in the field? They wouldn't actually be able to simply visit the site and run the client, as advertised? By the way, we're using the SonicWALL NSA 3500 device. We do have ManageEngine's Desktop Central, which can push out software installations, but it usually has to be in the form of a .MSI package. Is there any solution to this, besides hitting up all my organization's computers?

    Read the article

  • Accessing network shares on Windows7 via SonicWall VPN client

    - by Jack Lloyd
    I'm running Windows7 x64 (fully patched) and the SonicWall 4.2.6.0305 client (64-bit, claims to support Windows7). I can login to the VPN and access network resources (eg SSH to a machine that lives behind the VPN). However I cannot seem to be able to access shared filesystems. Windows is refusing to do discovery on the VPN network. I suspect part of the problem is Windows persistently considers the VPN connection to be a 'public network'. Normally, you can open the network and sharing center and modify this setting, however it does not give me a choice for the VPN. So I did the expedient thing and turned on file sharing for public networks. I also disabled the Windows firewall for good measure. Still no luck. I can access the server directly by putting \\192.168.1.240 in the taskbar, which brings up the list of shares on the server. However, trying to open any of the shares simply tells me "Windows cannot access \\192.168.1.240\share You do not have permission to access ..."; it never asks for a domain password. I also tried Windows7 native VPN functionality - it couldn't successfully connect to the VPN at all. I suspect this is because SonicWall is using some obnoxious special/undocumented authentication system; I had similar problems trying to connect on Linux with the normal IPsec tools there. What magical invocation or control panel option am I missing that will let this work? Are there any reasonable debugging strategies? I'm feeling quite frustrated at Windows tendency to not give me much useful information that might let me understand what it is trying to do and what is going wrong.

    Read the article

  • Sonicwall routing between multiple subnets on multiple interfaces

    - by Rain
    As shown by the network diagram below, I have two completely separate networks. One is being managed by a Sonicwall NSA 220, the other by some other router (the brand is not important). My goal is to allow devices within the 192.168.2.0/24 network to access devices in the 192.168.3.0/24 network. Allowing the reverse (192.168.3.0/24 - 192.168.2.0/24) is not required. So far, I have done the following: I connected the X3 Interface on the Sonicwall to the 192.168.3.0/24 network switch (shown as the dashed red line in the diagram). Next, I gave it a static ip address of 192.168.3.254 and set the Zone to LAN (the same Zone for the X0 interface). Judging by various articles and KBs I've read, this is all that should be necessary, although it does not work. I can ping 192.168.3.254 from any device in the 192.168.2.0/24 network although I cannot ping/connect to any device within the 192.168.3.0/24 network. Any help would be greatly appreciated! Network Diagram: (I asked a similar, yet more complicated, question earlier; although, I realized that I cannot solve that without first solving this (which may actually solve my original question))

    Read the article

  • Accessing network shares on Windows7 via SonicWall VPN client

    - by Jack Lloyd
    I'm running Windows7 x64 (fully patched) and the SonicWall 4.2.6.0305 client (64-bit, claims to support Windows7). I can login to the VPN and access network resources (eg SSH to a machine that lives behind the VPN). However I cannot seem to be able to access shared filesystems. Windows is refusing to do discovery on the VPN network. I suspect part of the problem is Windows persistently considers the VPN connection to be a 'public network'. Normally, you can open the network and sharing center and modify this setting, however it does not give me a choice for the VPN. So I did the expedient thing and turned on file sharing for public networks. I also disabled the Windows firewall for good measure. Still no luck. I can access the server directly by putting \\192.168.1.240 in the taskbar, which brings up the list of shares on the server. However, trying to open any of the shares simply tells me "Windows cannot access \\192.168.1.240\share You do not have permission to access ..."; it never asks for a domain password. I also tried Windows7 native VPN functionality - it couldn't successfully connect to the VPN at all. I suspect this is because SonicWall is using some obnoxious special/undocumented authentication system; I had similar problems trying to connect on Linux with the normal IPsec tools there. What magical invocation or control panel option am I missing that will let this work? Are there any reasonable debugging strategies? I'm feeling quite frustrated at Windows tendency to not give me much useful information that might let me understand what it is trying to do and what is going wrong.

    Read the article

  • Sonicwall NSA 240 or Netgear ProSecure UTM 25

    - by Markus Larsson
    Hi! I'm about to buy a new firewall and I’m choosing between a Sonicwall NSA 240 and a Netgear ProSecure UTM 25. I have already done research for which kind of firewall I need and limit it to these two, now I just have to choose between them. But what I don’t know is which one of them is easiest to administrate, which one has the best UI? Any thoughts?

    Read the article

  • Add DNS suffixes to a Sonicwall PRO2040 firewall?

    - by eidylon
    I want to have our network pass out DNS suffixes with the DHCP assignments, so that we don't need to add them to the TCP/IP settings on each computer. Our DHCP is not being handled by an actual server box, but by our Sonicwall firewall, which is a PRO 2040. Can this firewall be set up to append DNS suffixes? Thanks!

    Read the article

1 2 3 4 5  | Next Page >