VPN SonicWall

I would greatly appreciate if you added the SonicWall SSL protocol. I am struggling to make the case of Blackberry towards the IT department and its consultants.
I am suggesting that Apple iOS/Google Android OS both are intrinsically flawed from a security point of view. However, VPN protocols form an important part of the overall picture, and SonicWall sees to be ahead of Juniper SSL and the others. I thought this is what Blackberry leads the industry in  - enterprise secure communications, and then Blackberry ought to have the best VPN protocols.
Are you in the process of getting the SonicWall protocol and for when?

Not sure which unit you have, but...
http://www.sonicwall.com/products/vpnglobal_features.html
"SonicWALL SSL-VPN appliances are capable of integrating seamlessly into any network topology, with virtually any third-party firewall."
I'm not certain, but are you asking about how/what to Open Portwise on the Mac, or how to forward those ports from a Router?

Similar Messages

  • Event ID: 5014, 5004 The DFS Replication Service is stopping communication with partner / Error 1726 (The remote procedure call failed.)

    I'm replicating between two servers in two sites (Server A - Server 2012 R2 STD, Server B - Server 2008 R2) over a VPN (Sonicwall Firewall).  Though the initial replication seems to be
    happening it is very slow (the folder in question is less than 3GB).  I'm seeing these in the event viewer every few minutes:
    The DFS Replication service is stopping communication with partner PPIFTC for replication group FTC due to an error. The service will retry the connection periodically.
    Additional Information:
    Error: 1726 (The remote procedure call failed.)
    and then....
    The DFS Replication service successfully established an inbound connection with partner PPIFTC for replication group FTC.
    Here are all my troubleshooting steps (keep in mind that our VPN is going through a SonicWall <--I increased the TCP timeout to 24 hours):
    -Increased TCP Timeout to 24 hours 
    -Added the following values on both sending and receiving members and rebooted server
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    Value =DisableTaskOffload
    Type = DWORD
    Data = 1
    Value =EnableTCPChimney
    Type = DWORD
    Data = 0
    Value =EnableTCPA
    Type = DWORD
    Data = 0
    Value =EnableRSS
    Type = DWORD
    Data = 0
    ---------------------------------more troubleshooting--------------------------
    -Disabled AntiVirus on both members
    -Made sure DFSR TCP ports 135 & 5722 are open
    -Installed all hotfixes for 2008 R2 (http://support.microsoft.com/kb/968429) and rebooted
    -Ran NETSTAT –ANOBP TCP and the DFS executable results are listed below:
    Sending Member:
    [DFSRs.exe]
      TCP    10.x.x.x:53            0.0.0.0:0             
    LISTENING       1692
    [DFSRs.exe]
      TCP    10.x.x.x:54669        
    10.x.x.x:5722          TIME_WAIT       0
      TCP    10.x.x.x:54673        
    10.x.x.x:5722          ESTABLISHED     1656
     [DFSRs.exe]
      TCP    10.x.x.x:64773        
    10.x.x.x:389           ESTABLISHED     1692
    [DFSRs.exe]
      TCP    10.x.x.x:64787        
    10.x.x.x:389           ESTABLISHED     1656
     [DFSRs.exe]
      TCP    10.x.x.x:64795        
    10.x.x.x:389           ESTABLISHED     2104
    Receiving Member:
    [DFSRs.exe]
      TCP    10.x.x.x:56683        
    10.x.x.x:389           ESTABLISHED     7472
     [DFSRs.exe]
      TCP    10.x.x.x:57625        
    10.x.x.x:54886         ESTABLISHED     2808
    [DFSRs.exe]
      TCP    10.x.x.x:61759        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61760        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61763        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61764        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61770        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61771        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61774        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61775        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61776        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61777        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61778        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61779        
    10.x.x.x:57625         TIME_WAIT       0
      TCP    10.x.x.x:61784        
    10.x.x.x:52757         ESTABLISHED     7472
    [DFSRs.exe]
      TCP    10.x.x.x:63661        
    10.x.x.x:63781         ESTABLISHED     4880
    ------------------------------more troubleshooting--------------------------
    -Increased Staging to 32GB
    -Opened the ADSIedit.msc console to verify the "Authenticated Users" is set with the default READ permission on the following object:
    a. The computer object of the DFS server
    b. The DFSR-LocalSettings object under the DFS server computer object
    -Ran
    ping <var>10.x.x.x</var> -f -l 1472 and got replies back from both servers
    -AD replication is successful on all partners
    -Nslookup is working so DNS is working
    -Updated NIC drivers on both servers
    - I ran the following to set the Primary Member:
    dfsradmin Membership Set /RGName:<replication group name> /RFName:<replicated folder name> /MemName:<primary member> /IsPrimary:True
    Then Dfsrdiag Pollad /Member:<member name>
    I'm seeing these errors in the dfsr logs:
    20141014 19:28:17.746 9116 SRTR   957 [WARN] SERVER_EstablishSession Failed to establish a replicated folder session. connId:{45C8C309-4EDD-459A-A0BB-4C5FACD97D44} csId:{7AC7917F-F96F-411B-A4D8-6BB303B3C813}
    Error:
    + [Error:9051(0x235b) UpstreamTransport::EstablishSession upstreamtransport.cpp:808 9116 C The content set is not ready]
    + [Error:9051(0x235b) OutConnection::EstablishSession outconnection.cpp:532 9116 C The content set is not ready]
    + [Error:9051(0x235b) OutConnection::EstablishSession outconnection.cpp:471 9116 C The content set is not ready]
    ---------------------------------------more troubleshooting-----------------------------
    I've done a lot of research on the Internet and most of it is pointing to the same stuff I've tried.  Does anyone have any other suggestions?  Maybe I need to look somewhere
    else on the server side or firewall side? 
    I tried replicating from a 2012 R2 server to another 2012 server and am getting the same events in the event log so maybe it's not a server issue. 
    Some other things I'm wondering:
    -Could it be the speed of the NICs?  Server A is a 2012 Server that has Hyper-V installed.  NIC teaming was initially setup and since Hyper-V is installed the NIC is a "vEthernet
    (Microsoft Network Adapter Multiplexor Driver Virtual Switch) running at a speed of 10.0Gbps whereas Server B is running a single NIC at 1.0Gbps
    -Could occasional ping timeout's cause the issue?  From time to time I get a timeout but it's not as often as the events I'm seeing.  I'm getting 53ms pings.  The folder
    is only 3 GB so it shouldn't take that long to replicate but it's been days.  The schedule I have set for replication is mostly all day except for our backup times which start at 11pm-5am.  Throughout the rest of the time I have it set anywhere from
    4Mbps to 64 Kbps.  Server A is on a 5mb circuit and Server B is on a 10mb circuit. 

    I'm seeing the same errors, all servers are running 2008 R2 x64. Across multiple sites, VPN is steady and reliably.
    185 events from 12:28:21 to 12:49:25
    Events are for all five servers (one per office, five total offices, no two in the same city, across three states).
    Events are not limited to one replication group. I have quite a few replication groups, so I don't know for sure but I'm running under the reasonable assumption that none are spared.
    Reminder from original post (and also, yes, same for me), the error is: Error: 1726 (The remote procedure call failed.)
    Some way to figure out what code triggers an Event ID 5014, and what code therein specifies an Error 1726, would extremely helpful. Trying random command line/registry changes on live servers is exceptionally unappealing.
    Side note, 1726 is referenced here:
    https://support.microsoft.com/kb/976442?wa=wsignin1.0
    But it says, "This RPC connection problem may be caused by an unstable WAN connection." I don't believe this is the case for my system.
    It also says...
    For most RPC connection problems, the DFS Replication service will try to obtain the files again without logging a warning or an error in the DFS Replication log. You can capture the network trace to determine whether the cause of the problem is at the network
    layer. To examine the TCP ports that the DFS Replication service is using on replication partners, run the following command in a
    Command Prompt window:
    NETSTAT –ANOBP TCP
    This returns all open TCP connections. The connections in question are "DFSRs.exe", which the command won't let you filter for.
    Instead, I used the NETSTAT command as advertised, dumping output to info.txt:
    NETSTAT -ANOBP TCP >> X:\info.txt
    Then I opened Excel and manually opened the .TXT for the open wizard. I chose fixed-width fields based on the first row for each result, and then added a column:
    =IF(A3="Can not", "Can not obtain ownership information", IF(LEFT(A3,1) = "[", A3&B3&C3, ""))
    Dragging this down through the entire file let me see that row (Row F) as the file name. Some anomalies were present but none impacted DFSrs.exe results.
    Finally, you can sort/filter (I sorted because I like being able to see everything, should I choose to) to get just the results you need, with the partial rows removed from the result set, or bumped to the end.
    My server had 125 connections open.
    That is a staggering number of connections to review, and I feel like I'm looking for a needle in a haystack.
    I'll see if I can find anything useful out, but a better solution would be most wonderful.

  • SonicWall Global VPN Client and Split tunneling

    Hello All,
    I searched Google and the forums here and can't find someone with the same problem.
    Lets start at the beginning-Just started this job a couple months ago and people brought to my attention immediately an issue while they were on the VPN they could not get to the internet.  I know about the different security risks but we have multiple field reps that need internet access while using our CRM program.  So I setup Split Tunneling on the Sonicwall. Tested and works fine on my home PC using a WRT54GS Ver 2.1 and the SonicWall Global VPN Client.
    So I was sure everything was fine until I just sent out 2 laptops to 2 different sales reps and they are both having the same issue.  They can get into the internal network but can't access the internet.  They are both on WRT54G (different Vers.).  I tested the VPN client on both laptops with tethering on my cell phone and the split tunneling works. I have tried updating firmware thinking that was the issue.  I also tried to put their home network on a different subnet.  All with no joy.  I was wondering if anyone ever ran into something like this or have any clues what to try next. 
    -Thank You in advance for your time.
    Message Edited by Chris_F on 01-11-2010 07:41 AM
    Chris F.
    CCENT, CCNA, CCNA Sec

    Of course, you do as you are told. But I hope you keep written record of what you have been told and have it signed of whoever told you to set it up. It's essential that you stay on the safe side in these matters.
    I have read of too many cases where the system/security admin did not do so and in the end was held responsible for security incidents simply because he was told to do something to jeopardize security of the network. Remember, that usually the person who tells you do to so has no idea about the full security implication of a decision.
    Thus, I highly recommend to require your road staff to connect with no split tunneling. Refuse to do otherwise unless you have it in writing and you won't be held reliable in any way if something happens because of it.
    Just think what happens if the whole customer database gets stolen because of one of the remote sales reps... There is a reason why you apply this web site blocking on your firewalls and there is absolutely no reason that would justify why your remote sale reps don't go through the very same firewall while accessing company-sensitive data in your CRM.
    So put that straight with whoever told you to do otherwise and if you they still want to continue anyway get it in writing. Once you ask for the statement in writing many decision-makers come to their senses and let you do your job at the best you can and for what you were hired... And if not, well, at least you got rid of the responsibility in that aspect.

  • Cisco ASA 5510 Site to Site VPN with Sonicwall

    I am trying to setup a VPN tunnel between a Cisco ASA 5510 (Version 8.2(2)) and Sonicwall TZ200. I got tunnel up and going and I am able to ping the Cisco ASA internal IP from the Sonicwall LAN but nothing else works. When I try to ping a host behind the Cisco ASA from the Sonicwall LAN I get the following message "Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.20.10.x/xxxx dst inside:10.20.2.x/xxxx denied due to NAT reverse path failures" on the ASA
    Googling the above error shows issues with version 8.3 and later which looked like the nat commands were changed but the ASA I am working on is still on 8.2 and the other common issue is not adding a NAT exemption. I have double-triple checked that I did add a NAT exception rule from the hosts on the cisco network to the hosts on the Sonicwall network. Seems like I have hit a road block so any help would be appreciated. Thanks
    Here are some excertps from the config file (10.20.2.0 behind the cisco and 10.20.10.0 behind the sonicwall)
    nat (inside) 0 access-list nonat
    access-list nonat extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
    access-list outside_1_cryptomap extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
    crypto map outside_map 1 match address outside_1_cryptomap
    crypto map outside_map 1 set peer x.x.x.x
    crypto map outside_map 1 set transform-set ESP-3DES-SHA
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto isakmp enable outside
    crypto isakmp policy 5
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 28800
    group-policy SiteToSitePolicy internal
    group-policy SiteToSitePolicy attributes
    vpn-idle-timeout none
    vpn-tunnel-protocol IPSec
    split-tunnel-network-list none
    tunnel-group x.x.x.x type ipsec-l2l
    tunnel-group x.x.x.x general-attributes
    default-group-policy SiteToSitePolicy
    tunnel-group x.x.x.x ipsec-attributes
    pre-shared-key *****
    Added few excerpts from config file

    Yes inspect icmp is enabled in global_policy
    The ping requests time out (The only ping that works is when I ping from the remote side to the ASA internal IP address, no other pings from either side work)
    #show crypto isakmp sa
    1   IKE Peer: x.x.x.x
        Type    : L2L             Role    : responder
        Rekey   : no              State   : MM_ACTIVE
    #show crypto ipsec sa
    interface: outside
        Crypto map tag: outside_map, seq num: 1, local addr: x.x.x.x
          access-list outside_2_cryptomap extended permit ip 10.20.2.0 255.255.255.0 10.20.10.0 255.255.255.0
          local ident (addr/mask/prot/port): (10.20.2.0/255.255.255.0/0/0)
          remote ident (addr/mask/prot/port): (10.20.10.0/255.255.255.0/0/0)
          current_peer: y.y.y.y
          #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
          #pkts decaps: 39543, #pkts decrypt: 39543, #pkts verify: 39543
          #pkts compressed: 0, #pkts decompressed: 0
          #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
          #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
          #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
          #send errors: 0, #recv errors: 0
          local crypto endpt.: x.x.x.x, remote crypto endpt.: y.y.y.y
          path mtu 1500, ipsec overhead 58, media mtu 1500
          current outbound spi: 0ED0F897
          current inbound spi : 596CCE6F
        inbound esp sas:
          spi: 0x596CCE6F (1500302959)
             transform: esp-3des esp-sha-hmac no compression
             in use settings ={L2L, Tunnel, PFS Group 2, }
             slot: 0, conn_id: 50327552, crypto-map: outside_map
             sa timing: remaining key lifetime (sec): 7440
             IV size: 8 bytes
             replay detection support: Y
             Anti replay bitmap:
              0xFFFFFFFF 0xFFFFFFFF
        outbound esp sas:
          spi: 0x0ED0F897 (248576151)
             transform: esp-3des esp-sha-hmac no compression
             in use settings ={L2L, Tunnel, PFS Group 2, }
             slot: 0, conn_id: 50327552, crypto-map: outside_map
             sa timing: remaining key lifetime (sec): 7440
             IV size: 8 bytes
             replay detection support: Y
             Anti replay bitmap:
              0x00000000 0x00000001

  • Windows 8.1 Remote Desktop Connection dies with feeble "An internal error has occurred" with SonicWALL VPN

    Back when life was simple, under Windows XP, i simply fired up my SonicWALL client, connected to the host, and then connected via RDC and all was good.
    Now I have Windows 8.1 and SonicWALL's v4.9.0.1202 64-bit client.  I can connect with the client - although it seems to drop the connection quite a bit - but when it is up, I can ping the host.  But when I try to RDC, I get the completely unhelpful
    error mentioned above.
    My version of 8.1 is up-to-date - the VPN client came right from DELL's website.  What am I doing wrong?
    Just in case you want to know, yes - I can RDC to non VPN and PPTP VPN sites no problem - and on the same LAN, my XP box can RDC with SonicWALL with no issues.
    Please, somebody - i need to get back to Planet 10!

    Did you ever find a solution to this problem. I am having the exact same problem

  • SonicWall SourceNAT VPN setup as default route for all traffic!

    Hi,OK hope someone can help with this mess.....Our customer has been taken over by a US company who have said all outgoing internet traffic must go via their data centre. They want us to create an IPSEC vpn from our SonicWALL TZ215 to them then route all traffic locally via this VPN.In principle this didn't sound too bad. Then there were some more options:Our local subnet 172.x.x.x has to be NAT'd to a single /32 address. 192.x.x.131They also require our destination network to be set as 0.0.0.0. as they wont specify the range at the datacenter.I have managed to get the VPN up but using the the NAT address as my local subnet and using the option on the SonicWALL "Use this VPN Tunnel as default route for all Internet traffic" on the remote network. Phase 1 and Phase 2 work ok. The problem i now have is i need to route all LAN traffic...
    This topic first appeared in the Spiceworks Community

    Hi Norbert,
    I am sorry to say that configuring routes in Azure Virtual network is not supported. I recommend you to submit your reuqirement on Azure Feedback and hope it would be released soon:
    http://feedback.azure.com/forums/217313-networking-dns-traffic-manager-vpn-vnet
    Best regards,
    Susie
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

  • Connecting through SonicWall VPN

    Has anyone managed to connect to a file server through a SonicWall VPN? The only vpn connection profiles are for Cisco routers.

    Yes, I'll go into the SonicWall tomorrow and see what I can finds out, or call thier tech support if I can't figure it out.
    Thanks for your help.

  • SonicWall VPN Woes

    Are the sites having problems on Comcast? I've had their crap block dhcp

    Two months ago we replaced an aging firewall with a SonicWall NSA 2600. It fulfilled several of my goals in one device: ability to expand the network, IPS, easier to manage, etc.However, VPN has never consistently worked since. I worked with our MSP on the multiple issues our remote users have been having these two months and now have no ideas how to proceed. Maybe you can help?Yesterday we spent seven hours on the phone with SonicWall support, through several engineers reinstalling software, doing registry hacks, using Powershell, etc. to no avail. At the end of the day the engineer says, "It is not a SonicWall problem." To be fair, an identical machine works here at the office (through hotspot) but not in Maine, and other identical machines have no problems in their locations.The Meat: SonicWall NSA 2600 SSL-VPN with Active...
    This topic first appeared in the Spiceworks Community

  • Sonicwall VPN DHCP

    Greetings.  Probably simple thing overlooking here.
    Recently changed TZ205 Client VPN from static IPs to DHCP over VPN.
    It's a split tunnel VPN allowing Sonicwall X0 + 2 other VLANs.  VPN used only for MGT.
    Since going DHCP I'll get occasional packet drops and RDP session hangs for 5 sec or so. If I manually assign just IP/mask to adapter no drops. 
    My desktop will just drop few packets.  My Laptop show general failure.  What of DHCP over VPN is causing these drops?
    Thanks!
    This topic first appeared in the Spiceworks Community

    PowerShell Direct – Running PowerShell inside a virtual machine from the Hyper-V hostAt Ignite we announced PowerShell Direct, and briefly demoed it’s capabilities in the “What’s New in Hyper-V” session. This is a follow up so you can get started using PowerShell Direct in your own environment.What is PowerShell Direct?It is a new way of running PowerShell commands inside a virtual machine from the host operating system easily and reliably.There are no network/firewall requirements or configurations.
    It works regardless of Remote Management configuration.
    You still need guest credentials.For people who want to try it out immediately, go ahead and (as Administrator) run either of these commands on a Windows10 Hyper-V host where VMName refers to a VM running Windows10:Enter-PSSession -VMName VMNameInvoke-Command -VMName VMName -ScriptBlock...

  • SonicWall VPN on 3G ?

    Hello,
    Do you know if it's possible to use my Iphone 3G on a SonicWall VPN ?
    I use NetExtender on my Mac OS 10.5.5.
    I think it's not possible but...who know...
    Thanks to everyone.
    Nicolas,
    France
    Message was edited by: Nico, St Malo

    I would like to add the same for the Pacific Northwest, USA. In addition, I have the iSSH app. It connects immediately to my internet connected firewall but never does on 3g.
    To add further pain I did a speed test for wi-fi and 3g. The 3g is faster than the wi-fi.
    What is causing this?

  • Sonicwall VPN

    Has anyone used Arch to connect to a sonicwall VPN?  If so, how'd you do it?  What tools do I need to install?
    Thanks,

    Depends on the sonicwall device you have.
    Some sonicwalls support both IPSec and L2TP (L2TP-over-IPsec). It just depends on which one you want to go with.
    If you google around for "sonicwall linux ipsec" or "sonicwall linux l2tp" you should find some good info.

  • Route Internet over Pix VPN to Sonicwall

    Have a working VPN from Pix501 at remote site to Sonicwall 3060 enhanced at Cental Office. Would like remote site to use the Sonicwall for Internet. Basic setup...
    LAN--Pix----Internet----Sonicwall--LAN
    Thanks

    So you basically want all traffic to pass over the tunnel, just define your nat exemption and interesting traffic acl's as being "to any". This will force all traffic over the tunnel. As far as the internet access is concerned, can't help you with the sonicwall, but it sounds like you want to do something like "public internet on a stick" or outside nat.

  • VPN to SonicWall

    Hello,
    I need to VPN to a SonicWall.
    How can I do this?
    I don't want to pay for a client,
    though OSX supporten VNP as a standard.
    Can anyone help?
    <longing for leopard :(>

    http://www.lobotomo.com/products/IPSecuritas/
    That should do the trick. It actually does everything VPN Tracker does as far as I can tell.

  • VPN and sonicwall

    I have searched through all the discussions and have become very confused. I don't understand the VPN technology well. I have a server at work that I want to access remotely. It is a sonicwalll TZ170. I tried to connect with the VPN in 10.4 no luck. I did not know if my airport express supported VPN, so I downloaded a trial version of VPN tracker. Everything worked great... for the three min. trail. Is this my only option? is there anything else ou tthere that will work. The software (VPN tracker ) is kind of pricey for me. I would probably buy it except i read on their site that you can only use it on one computer,. Each additional computer is another license. i have four computers that my wife and I use, so the costs would be prohibitive for occaisional use. Any help would be graetly appreciated.

    I also try to manage vpn access from iphone 4 to sonicwall 2040 pro.
    Firmware is some old 3.1 something
    I never used vpn till now.
    I followed the guides above, but no chance to get it work, i also tried 128 and 256 bit instad of 3DES.
    Sonicwall is behind a Linksys Gateway from my dsl Provider in DMZ.
    From Sonicwall Log:
    IKE Responder: Received Main Mode request (Phase 1)
    NAT Discovery : Local IPSec Security Gateway behind a NAT/NAPT Device
    NAT Discovery : Peer IPSec Security Gateway behind a NAT/NAPT Device
    VPN Policy: WAN GroupVPN;3DES; SHA1; DH Group 2; lifetime=3600 secs
    IKE Responder: Received Quick Mode Request (Phase 2)
    Received packet retransmission. Drop duplicate packet
    Received packet retransmission. Drop duplicate packet
    Received packet retransmission. Drop duplicate packet
    Received packet retransmission. Drop duplicate packet
    Received packet retransmission. Drop duplicate packet
    Then iPhone 4 says, vpn Server is not answering.
    Some help would be great.
    Greetings
    jvoh

  • Blackberry Z10 VPN with SonicWall

    Hi,
    I would like to setup a VPN profile on my Z10. The VPN server is a SonicWall NSA240.
    I've read some threads like this one http://blog.vpntraffic.com/buy-vpn-id-10156.html, but it didn't help.
    In this forum, KnottyRope mentioned "Barracuda, Sonicwall firewall, IP power  switch, WiFi router for eample can be accessed." So my guess is it's somehow supported.
    I've emailed Blackberry support and they said: "we don't  have any  guidelines for setting  my BES 10 VPN profile to connect to the SonicWall, Sonic wall is a tier party application."
    Anyone has run into this yet?
    Thanks
    Martin
    Martin
    @martingauvreau

    Hi - I am also trying to set up a VPN with the NSA2400.   
    I'm using the standard WAN Group VPN setup of the NSA.  
    I've matched all of the parameters  
    Phase 1
    DH Group: 2
    Encryption      AES128
    Auth: SHA1
    Phase2: 
    Protocol:  ESP
    Encryption: AES128
    Auth:       SHA1
    On the BB - I doe not see any option for Phase 2 protocol - which is the only piece I cannot confirm.   
    When connecting, I see no errors on the sonicwall log.   The BB sends a "timeout" error.  
    BB VPN log is no help - wonder if there is any way to set to a higher logging level
    [msm0] Not Connected
    [msm0] Error - timeout
    [msm0] Disconnecting
    [msm0] Connecting

Maybe you are looking for