Sonicwall PRO 3060 VPN not Connecting to internet - Firewalls

This is a discussion on Sonicwall PRO 3060 VPN not Connecting to internet - Firewalls ; I have a sonicwall Pro 3060 and have setup vpn for this. I am using the sonicwall global vpn client the client connect and then will access all internal addresses on the lan but when trying to access internet websites ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Sonicwall PRO 3060 VPN not Connecting to internet

  1. Sonicwall PRO 3060 VPN not Connecting to internet

    I have a sonicwall Pro 3060 and have setup vpn for this.

    I am using the sonicwall global vpn client the client connect and then
    will access all internal addresses on the lan but when trying to
    access internet websites this fails.

    I have allowed split tunnels but this is not working either.

    has any one else had this issue / able to resolve

  2. Re: Sonicwall PRO 3060 VPN not Connecting to internet

    Am Fri, 18 Jul 2008 05:40:22 -0700 schrieb SallyBridges:

    > I have a sonicwall Pro 3060 and have setup vpn for this.


    Bad idea!

    > I am using the sonicwall global vpn client the client connect and then
    > will access all internal addresses on the lan but when trying to
    > access internet websites this fails.


    worst

    > I have allowed split tunnels but this is not working either.


    where on client side?

    > has any one else had this issue / able to resolve


    Check your dns an default gateway, check the way your packet goes either.

    cheers

  3. Re: Sonicwall PRO 3060 VPN not Connecting to internet

    The sonic wall firewall allows you to configure the sonicwall global
    vpn client from the actuall firewall

    split tunnels is therefore setup on the sonicwall firewall and this
    automatically pushes to the client

    the dns entries when connected are the same as our lan dns entries and
    these are working

    on the lan side the gateway is the main work gateway to the internet
    and works from office lan but not the vpn client

    dns resolves but when attempting to go out on to the internet then a
    tracertout our ping will time out

  4. Re: Sonicwall PRO 3060 VPN not Connecting to internet

    Am Fri, 18 Jul 2008 06:42:02 -0700 schrieb SallyBridges:

    > The sonic wall firewall allows you to configure the sonicwall global
    > vpn client from the actuall firewall


    ok, but I made the experience sonicwall is crap.

    > split tunnels is therefore setup on the sonicwall firewall and this
    > automatically pushes to the client


    Usually if the tunnel is established you get an valid spd entry and only
    those packets will be send encrypted (depends on your config)

    > the dns entries when connected are the same as our lan dns entries and
    > these are working
    > on the lan side the gateway is the main work gateway to the internet and
    > works from office lan but not the vpn client
    > dns resolves but when attempting to go out on to the internet then a
    > tracertout our ping will time out


    Sounds like your packet goes through the tunnel, check your phase2 policy.

    cheers

  5. Re: Sonicwall PRO 3060 VPN not Connecting to internet

    On 18 Jul, 15:05, Burkhard Ott wrote:
    > Am Fri, 18 Jul 2008 06:42:02 -0700 schrieb SallyBridges:
    >
    > > The sonic wall firewall allows you to configure the sonicwall global
    > > vpn client from the actuall firewall

    >
    > ok, but I made the experience sonicwall is crap.
    >
    > > split tunnels is therefore setup on the sonicwall firewall and this
    > > automatically pushes to the client

    >
    > Usually if the tunnel is established you get an valid spd entry and only
    > those packets will be send encrypted (depends on your config)
    >
    > > the dns entries when connected are the same as our lan dns entries and
    > > these are working
    > > on the lan side the gateway is the main work gateway to the internet and
    > > works from office lan but not the vpn client
    > > dns resolves but when attempting to go out on to the internet then a
    > > tracertout our ping will time out

    >
    > Sounds like your packet goes through the tunnel, check your phase2 policy..
    >
    > cheers


    SOLVED

    Right to solve this then you will need to addin an additional NAT
    translation - This then magically makes it all work

    Configure NAT Policy
    (Only Needed for WAN GroupVPN)
    Select NAT Policies
    Enter Original Source: In this example, Any
    Enter Translated Source: In this example, WAN Primary IP
    Enter Original Destination: In this example, Any
    Enter Translated Destination: In this example, Original
    Enter Original Service: In this example, Any
    Enter Translated Service: In this example, Original
    Enter Inbound Interface: In this example, X1 (note this is your WAN
    Interface)
    Enter Outbound Interface: In this example X1 14


    The Sonic wall documentation is available from here

    http://www.sonicwall.com/downloads/H...S_Enhanced.pdf




+ Reply to Thread