SonicWall VPN Woes

Are the sites having problems on Comcast? I've had their crap block dhcp

Two months ago we replaced an aging firewall with a SonicWall NSA 2600. It fulfilled several of my goals in one device: ability to expand the network, IPS, easier to manage, etc.However, VPN has never consistently worked since. I worked with our MSP on the multiple issues our remote users have been having these two months and now have no ideas how to proceed. Maybe you can help?Yesterday we spent seven hours on the phone with SonicWall support, through several engineers reinstalling software, doing registry hacks, using Powershell, etc. to no avail. At the end of the day the engineer says, "It is not a SonicWall problem." To be fair, an identical machine works here at the office (through hotspot) but not in Maine, and other identical machines have no problems in their locations.The Meat: SonicWall NSA 2600 SSL-VPN with Active...
This topic first appeared in the Spiceworks Community

Similar Messages

  • Connecting through SonicWall VPN

    Has anyone managed to connect to a file server through a SonicWall VPN? The only vpn connection profiles are for Cisco routers.

    Yes, I'll go into the SonicWall tomorrow and see what I can finds out, or call thier tech support if I can't figure it out.
    Thanks for your help.

  • SonicWall VPN on 3G ?

    Hello,
    Do you know if it's possible to use my Iphone 3G on a SonicWall VPN ?
    I use NetExtender on my Mac OS 10.5.5.
    I think it's not possible but...who know...
    Thanks to everyone.
    Nicolas,
    France
    Message was edited by: Nico, St Malo

    I would like to add the same for the Pacific Northwest, USA. In addition, I have the iSSH app. It connects immediately to my internet connected firewall but never does on 3g.
    To add further pain I did a speed test for wi-fi and 3g. The 3g is faster than the wi-fi.
    What is causing this?

  • Sonicwall VPN

    Has anyone used Arch to connect to a sonicwall VPN?  If so, how'd you do it?  What tools do I need to install?
    Thanks,

    Depends on the sonicwall device you have.
    Some sonicwalls support both IPSec and L2TP (L2TP-over-IPsec). It just depends on which one you want to go with.
    If you google around for "sonicwall linux ipsec" or "sonicwall linux l2tp" you should find some good info.

  • Cisco wireless and Sonicwall VPN

    My network consists of an 871 router, 48 port Switch, 2006 WLAN Controller, 1231 APs, and SonicWall VPN.
    VPN connections are fine if the client is using the wired network. VPN connections do not work if the client is wireless. I've had a couple of suggestions...VPN Passthrough on the WLAN Controller - that didn't work, but I'm not sure I had the right gateway. And they also suggested changing the MTU size on the wireless card in the laptop. Still trying to figure out how to do that.
    Any other ideas? This seems like it should be a fairly easy fix.
    Thanks.

    Are your wireless clients getting an IP? That is are you using the SonicWall as your DHCP server for the wireless clients?
    If so it will probably not work. There is something with the SonicWalls that they don't support. I went round and round with SonicWall and couldn't get DHCP working for wireless clients coming through Cisco WLC Controllers.

  • Windows 8.1 Remote Desktop Connection dies with feeble "An internal error has occurred" with SonicWALL VPN

    Back when life was simple, under Windows XP, i simply fired up my SonicWALL client, connected to the host, and then connected via RDC and all was good.
    Now I have Windows 8.1 and SonicWALL's v4.9.0.1202 64-bit client.  I can connect with the client - although it seems to drop the connection quite a bit - but when it is up, I can ping the host.  But when I try to RDC, I get the completely unhelpful
    error mentioned above.
    My version of 8.1 is up-to-date - the VPN client came right from DELL's website.  What am I doing wrong?
    Just in case you want to know, yes - I can RDC to non VPN and PPTP VPN sites no problem - and on the same LAN, my XP box can RDC with SonicWALL with no issues.
    Please, somebody - i need to get back to Planet 10!

    Did you ever find a solution to this problem. I am having the exact same problem

  • Sonicwall VPN DHCP

    Greetings.  Probably simple thing overlooking here.
    Recently changed TZ205 Client VPN from static IPs to DHCP over VPN.
    It's a split tunnel VPN allowing Sonicwall X0 + 2 other VLANs.  VPN used only for MGT.
    Since going DHCP I'll get occasional packet drops and RDP session hangs for 5 sec or so. If I manually assign just IP/mask to adapter no drops. 
    My desktop will just drop few packets.  My Laptop show general failure.  What of DHCP over VPN is causing these drops?
    Thanks!
    This topic first appeared in the Spiceworks Community

    PowerShell Direct – Running PowerShell inside a virtual machine from the Hyper-V hostAt Ignite we announced PowerShell Direct, and briefly demoed it’s capabilities in the “What’s New in Hyper-V” session. This is a follow up so you can get started using PowerShell Direct in your own environment.What is PowerShell Direct?It is a new way of running PowerShell commands inside a virtual machine from the host operating system easily and reliably.There are no network/firewall requirements or configurations.
    It works regardless of Remote Management configuration.
    You still need guest credentials.For people who want to try it out immediately, go ahead and (as Administrator) run either of these commands on a Windows10 Hyper-V host where VMName refers to a VM running Windows10:Enter-PSSession -VMName VMNameInvoke-Command -VMName VMName -ScriptBlock...

  • RVS4000 VPN Woes

    I created a VPN client account on my RVS4000 but I am unable to connect to it.  When I attempt to connect using the OS X VPN client it says it can't connect to the VPN server.  The VPN log in the RVS4000 shows this:
    May 15 14:58:40 - [VPN Log]: IP interfaces ppp0 and eth0:0 share address xxx.xxx.xxx.xxx!
    May 15 14:58:40 - [VPN Log]: no public interfaces found
    I suspect that is the problem but I don't know how to correct it in the RVS4000 settings.  The WAN is configured for Unnumbered IP + Private.
    How do I correct the interface problem?

    I believe I have the VPN configured correctly on the RVS4000, and I think it should work with the OS X VPN client, but the VPN client always reports that the vpn server does not respond, which is likely related to this entry in the VPN log on the RVS4000 when I enable the VPN:
    [VPN Log]: IP interfaces ppp0 and eth0:0 share address xxx.xxx.xxx.xxx!
    [VPN Log]: no public interfaces found
    I suspect that error is related to the WAN configuration being set to Unnumbered IP + Private, which is necessary for my network configuration, and the VPN settings in the RVS4000 do not allow me to manually set the gateway IP address for the VPN to an unused address in the unnumbered set.  That leaves me wondering if it is even possible to use the VPN on this router if the WAN is configured for unnumbered IPs.

  • VPN Woes with new AP unit

    I bought a new Airport Extreme, hooked it up and was enjoying everything that was flawlessly running... Then we tried our vpns.
    I ended up calling support to find out what I was doing wrong, and it tunes out that my purchase was the issue!
    We have two types of vpns here, cisco and Nortel. The recomendation was to negate our NAT and place everything out in the DMZ. After I finished laughing, I regretably took my unit back.
    Is there ANYONE that has a logical fix for this or recomendation... comments? I can see from oher posts that we are not alone here as far as getting propper vpn pass through on the new access point.
    We really liked the unit, but can not live without our vpn connections...
    Thanks

    Still reading -- but these links are very useful:
    Protocols supported by iOS:
    http://support.apple.com/kb/HT1288
    Setting up VPN (basic guide):
    http://support.apple.com/kb/HT1424?viewlocale=en_US

  • VPN Woes

    After working (sometimes) for a year, now my VPN seems completely broken. I've been using it to access computers on the LAN using ARD while on the road. I can only connect to VPN currently while on the LAN while connecting to OSX Server's router address (10.0.1.1). This work. But if I try to connect the server's external IP address I get no connection. At first I thought it was a firewall issue, but after opening almost everything, both on the server and the client, I still have no luck.

    Jeff --
    Within the LAN I can connect and authenticate from a client only to the server's internal port (10.0.1.1) although once connected it shows as connected to the server's external IP.
    From the client I can ping both 10.0.1.1 and the external IP from within the LAN. Stopped and restarted VPN. It's setup to hand out addressed from 10.0.1.200 to 210. I'm using MS-Chap to authenticate, as Kerberos does not work for VPN for some reason. The DNS server on the "client info" page is set to 10.0.1.1 and a private routing definition is assigned to 10.0.1.0.
    The error returned is: "The server did not respond"
    It "feels" like a firewall problem, but I have all necessary ports open on both the server and the client.
    A log from a recent attempt:
    2006-08-25 17:29:45 EDT Loading plugin /System/Library/Extensions/L2TP.ppp
    2006-08-25 17:29:45 EDT Listening for connections...
    2006-08-25 17:30:05 EDT Incoming call... Address given to client = 10.0.1.200
    Fri Aug 25 17:30:06 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:06 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:06 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:06 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:06 2006 : L2TP sent SCCRP
    2006-08-25 17:30:06 EDT Incoming call... Address given to client = 10.0.1.201
    Fri Aug 25 17:30:06 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:06 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:07 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:07 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:07 2006 : L2TP sent SCCRP
    2006-08-25 17:30:07 EDT Incoming call... Address given to client = 10.0.1.202
    Fri Aug 25 17:30:07 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:07 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:07 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:07 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:07 2006 : L2TP sent SCCRP
    2006-08-25 17:30:08 EDT Incoming call... Address given to client = 10.0.1.203
    Fri Aug 25 17:30:09 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:09 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:09 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:09 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:09 2006 : L2TP sent SCCRP
    2006-08-25 17:30:09 EDT Incoming call... Address given to client = 10.0.1.204
    Fri Aug 25 17:30:09 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:09 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:09 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:09 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:09 2006 : L2TP sent SCCRP
    2006-08-25 17:30:10 EDT Incoming call... Address given to client = 10.0.1.205
    Fri Aug 25 17:30:10 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:10 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:10 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:10 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:10 2006 : L2TP sent SCCRP
    2006-08-25 17:30:11 EDT Incoming call... Address given to client = 10.0.1.206
    Fri Aug 25 17:30:11 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:11 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:11 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:12 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:12 2006 : L2TP sent SCCRP
    2006-08-25 17:30:12 EDT Incoming call... Address given to client = 10.0.1.207
    Fri Aug 25 17:30:12 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:12 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:12 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:12 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:12 2006 : L2TP sent SCCRP
    2006-08-25 17:30:13 EDT Incoming call... Address given to client = 10.0.1.208
    Fri Aug 25 17:30:13 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:13 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:14 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:14 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:14 2006 : L2TP sent SCCRP
    2006-08-25 17:30:14 EDT Incoming call... Address given to client = 10.0.1.209
    Fri Aug 25 17:30:15 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:15 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:15 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:15 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:15 2006 : L2TP sent SCCRP
    2006-08-25 17:30:15 EDT Incoming call... Address given to client = 10.0.1.210
    Fri Aug 25 17:30:16 2006 : Directory Services Authentication plugin initialized
    Fri Aug 25 17:30:16 2006 : Directory Services Authorization plugin initialized
    Fri Aug 25 17:30:16 2006 : L2TP incoming call in progress
    Fri Aug 25 17:30:16 2006 : L2TP received SCCRQ
    Fri Aug 25 17:30:16 2006 : L2TP sent SCCRP
    Fri Aug 25 17:31:06 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:06 EDT --> Client with address = 10.0.1.200 has hungup
    Fri Aug 25 17:31:06 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:06 EDT --> Client with address = 10.0.1.201 has hungup
    Fri Aug 25 17:31:07 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:07 EDT --> Client with address = 10.0.1.202 has hungup
    Fri Aug 25 17:31:09 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:09 EDT --> Client with address = 10.0.1.203 has hungup
    Fri Aug 25 17:31:09 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:09 EDT --> Client with address = 10.0.1.204 has hungup
    Fri Aug 25 17:31:10 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:10 EDT --> Client with address = 10.0.1.205 has hungup
    Fri Aug 25 17:31:11 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:11 EDT --> Client with address = 10.0.1.206 has hungup
    Fri Aug 25 17:31:12 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:12 EDT --> Client with address = 10.0.1.207 has hungup
    Fri Aug 25 17:31:13 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:13 EDT --> Client with address = 10.0.1.208 has hungup
    Fri Aug 25 17:31:14 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:14 EDT --> Client with address = 10.0.1.209 has hungup
    Fri Aug 25 17:31:15 2006 : L2TP received AVP with bad length... AVP type = 0
    2006-08-25 17:31:15 EDT --> Client with address = 10.0.1.210 has hungup
    Lost count   Mac OS X (10.4.5)  

  • VPN connection problem

    I am currently unable to connect to my VPN server with either of 2 Lion machines 2010 white MacBook and a black MacBook .  I run iVPN (L2TP) on an old PPC Mac Mini, my iPhone and iPad still connect instantly.  When the Lion machines try to connect for they try for about a minute and fail returning  "The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator."  I currently have my router setup to port foward and use a dynamic DNS.  I tried connecting straight to the VPN directly by changing to the internal LAN IP still no luck.  Any suggestions

    I've been out of my SonicWall VPN since I upgraded to Lion last week.  Found a trick and succeeded.  I had to reconfigure the settings on the Sonicwall and make sure that the phase 1 and phase 2 authentications were using AES encryption rather than 3DES.
    That did the trick and I was back in.
    Of course now my 10.6.8 clients are out - I'll post more on that front if I figure it out.

  • Windows 8 and IPSec VPN issues

    I have a number of customers that leverage the Cisco IPSec VPN. I can connect to the VPN without any problems but when I attempt to RDP, that fails. I have no RDP or ping or anything. Here are some more symptoms of the issues that I find odd:
    Anyconnect works just fine
    Fortinet VPN clients work fine
    Sonicwall VPN clients work fine
    Cisco IPSec VPN client is the only one affected
    Cisco IPSec VPN client worked fine for months then just decided it was no longer going to allow RDP or ping
    I have duplicated this issue on a half dozen or so laptops
    This is on a Windows 8 laptop but I believe I have also experienced this on Windows 7
    Just to clarify, the IPSec VPN does succesfully connect. But nothing else works after that. I do understand that AnyConnect is the direction that Cisco would like for people to move towards. Unfortunately, I have quite a few customers that are leveraging the IPSec VPN. I have been through a number of laptops in the last year and every single laptop had a working Cisco IPSec VPN for months....then one day it would just stop passing RDP.
    Please somebody tell me that there is a workaround for this. I have played with the IP settings for the Cisco Systems virtual adapter in my network and sharing center. I've modified the binding order. I've compared a routeprint from a working laptop to mine....I'm not sure what else to do. I've uninstalled ALL VPN software and only reinstalled the Cisco VPN. So far the ONLY fix I have found is a clean install of Windows and that solution sucks.

    Doing a little more homework on this and I noticed that the tunnel details show no bytes sent or recieved and no packets encrypted, decrypted, or discarded....everything is bypassed.  My coworker (who is on Windows 7) is able to launch this VPN and connect to the customer's servers without issues and the tunnel details show all of the appropriate data.

  • Can't get VPN to work on RV220W

    I am a home office user who bought a RV220W router for the speed advertised on smallnetbuilder.  I am trying to set up the VPN but can't get it to work with the Quick VPN client.  I am using dyndns to manage the dynamic IP and have entered that into the setup noted below.  I can access the router remotely (remote administration) when enabled using the dyndns address so I know that is working.
    IKE Policy Table
    General
    Policy Name:                 krafty001vpn    
    Direction / Type             Responder    
    Exchange Mode:           Aggresive    
    Enable XAUTH Client:    None    
    Local Identification
    Identifier Type:               FQDN    
    FQDN:                          krafty001.dyndns.org    
    Peer IKE Identification
    Identifier Type:               Remote Wan IP    
    FQDN:                          krafty001.dyndns.org    
    IKE SA Parameters
    Encryption Algorithm:     3DES    
    Authentication Algorithm:          SHA-1    
    Authentication Method:          Pre-Shared Key    
    Pre-Shared Key:          xxxxxxxxx    
    Diffie-Hellman (DH) Group:          Group 2 (1024bit )    
    SA-Lifetime:          28800 Seconds
    VPN Policy Table
    Add / Edit VPN Policy Configuration
    Policy Name:
    krafty001vpn
    Policy Type:
    Auto Policy
    Remote Endpoint:
    FQDN
    krafty001.dyndns.org
    NETBIOS:
    Enable
    Local Traffic Selection
    Local IP:
    ANY
    Start Address:
    End Address:
    Subnet Mask:
    Remote Traffic Selection
    Remote IP:
    ANY
    Start Address:
    End Address:
    Subnet Mask:
    Split DNS
    Split DNS:
    Enable
    Domain Name Server 1:
    Domain Name Server 2:
    (Optional)
    Domain Name 1:
    Domain Name 2:
    (Optional)
    Manual Policy Parameters
    SPI-Incoming:
    SPI-Outgoing:
    Encryption Algorithm:
                                 3DES                             None                             DES                             AES-128                             AES-192                             AES-256                             AES-CCM                             AES-GCM                            
    Key-In:
    Key-Out:
    Integrity Algorithm:
                                 SHA-1                             SHA2-256                             SHA2-384                             SHA2-512                             MD5                            
    Key-In:
    Key-Out:
    Auto Policy Parameters
    SA-Lifetime:
    3600
                                 Seconds                             KBytes                            
    Encryption Algorithm:
                                 3DES                             None                             DES                             AES-128                             AES-192                             AES-256                             AES-CCM                             AES-GCM                                                       
    Integrity Algorithm:
                                 SHA-1                             SHA2-256                             SHA2-384                             SHA2-512                             MD5                            
    PFS Key Group:
    Enable
                                 DH-Group 1 (768 bit)                             DH-Group 2 (1024 bit)                             DH-Group 5 (1536 bit)                            
    Select IKE Policy:
                                                              krafty001vpn                                                                                     
    Quick VPN Setip
    User Profile: homevpn
    User Name krafty001vpn
    Password: xxxxx
    Server Address:  krafty001.dyndns.org
    Port for QuickVPN:   Auto
    Any help in identifying what setup component I have configured incorrectly would be appreciated
    Thanks

    I am not sure this will help but make sure the following is set correctly:
    Currently VPN is somewhat broken on all versions of firmware of the RV220W including beta where VPN will ONLY negotiate on 443. If you are port forwarding 443 to a server or something else it will fail. You must allow the VPN to authenticate on 443. The router SHOULD be able to connect on 60443 as indicated on the QUICKVPN software however it doesn't this has been confirmed by a CISCO engineeer I have been speaking with regarding my VPN woes. Currently there is NO ETA on this fix.
    But since you didn't mention if your 443 ports were being routed elsewhere I figured i would lay out that information here incase you where. Also I strongly recommend contacting Cisco Support for the beta firmware it makes the RV220W much better.
    Also the reason for the update to the beta firmware it resolves the hair pinning problem which could also lead to VPN issues.

  • Adobe freezes when connected to Sonicwall

    Adobe reader XI hangs when I am connected to a sonicwall VPN connection. Note that I am not opening the reader on the remote desktop. I am doing it on my Home PC. However, if I disable my sonicwall connection, then the adobe reader opens instantly. Else, the tools tab on the right side hangs and I am not able to open the pdf. Please help immediately

    Adobe Reader is trying to Access Acrobat.com service and trying to connect other online services. So once you are behind the firewall it takes time and might crashing because of the similar reasons.
    How did you install Reader XI, How many machines you are facing issue with.
    Regards,
    Ajlan Huda.

  • IOS 4.2.1 Broke VPN

    Any reason 4.2.1 would break our VPN connection?
    Currently connecting to a SonicWall VPN using L2TP. Everything worked great on 3.2.2, but broke on 4.2.1. I have even downgraded and it works fine, but no go on 4.2.1

    Yes it does get to the firewall:
    IKE Responder: ESP encryption algorithm does not match
    RECEIVED<<< ISAKMP OAK QM (InitCookie:0x259ef61e052e2f4d RespCookie:0x141170aedc8317ca, MsgID: 0xFDB1207D) *(HASH, SA, NON, ID, ID, NAT_OA, NAT_OA)
    IKE Responder: ESP encryption algorithm does not match
    IKE Responder: IPSec proposal does not match (Phase 2)

Maybe you are looking for