f



Sonicwall Global VPN problem with DHCP server (Win2000)

	

	     Recently, a problem with the Global VPN client started 
popping up, and I'm at a loss to try to figure out why.  A client
that could connect with no problems before is now unable to connect.

     What happens is that she fires up the GVPN client and gets
an IP using DHCP over VPN from the Windows 2000 Domain Controller
(it's got DNS and DHCP servers on it).  We checked in the log viewer
and she is actually getting an IP, because the last line in the 
connection sequence says so.  We did NOT go into a command line
prompt and do an ipconfig/all to see what the Sonicwall Virtual 
Adapter was reporting, though...I'm wishing I had done that now.

     However, when she goes to ping anything, she can't.  

     Here's the weird part, and I am sure this has something to do
with the solution in some way...

     When I Remote Desktop into the Server and open up the DHCP
server, if I delete the IP entry for her (the one she just created
by VPN) and then have her disable/enable her connection, she connects 
and then CAN ping and CAN do her work.  I did this the other day
and thought we had it fixed, but then she told me she got booted off
about an hour and a half later.

     She is runing XP Pro with Service Pack 2 (the firewall is 
disabled).  I've tried disabling DHCP over VPN on the Sonicwall (it's 
a 2040) to no avail.

      For some reason, I can use the GVPN client from my computer
fine, though.  I have a SOHO3 that I use to be connected all the time,
but I took the SOHO3 offline and ran the cable modem right into my 
computer to use the GVPN client and I had no problems.

      I've updated the firmware on the Sonicwall 2040 to the latest,
(2.2.0.1) and the Windows 2000 server is completely up to date.

      Does anyone have any ideas?

       Thanks!

      Mike

0
Mike
10/7/2004 2:48:54 AM
comp.dcom.vpn 2307 articles. 0 followers. Post Follow

6 Replies
311 Views

Similar Articles

[PageSpeed] 29

Mike, I don't mean to sound glib here, but could you simply give her your
SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
hooking it up at least temporarily might give you more insight by being able
to study the logs on the remote end.


"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
>
>
>      Recently, a problem with the Global VPN client started
> popping up, and I'm at a loss to try to figure out why.  A client
> that could connect with no problems before is now unable to connect.
>
>      What happens is that she fires up the GVPN client and gets
> an IP using DHCP over VPN from the Windows 2000 Domain Controller
> (it's got DNS and DHCP servers on it).  We checked in the log viewer
> and she is actually getting an IP, because the last line in the
> connection sequence says so.  We did NOT go into a command line
> prompt and do an ipconfig/all to see what the Sonicwall Virtual
> Adapter was reporting, though...I'm wishing I had done that now.
>
>      However, when she goes to ping anything, she can't.
>
>      Here's the weird part, and I am sure this has something to do
> with the solution in some way...
>
>      When I Remote Desktop into the Server and open up the DHCP
> server, if I delete the IP entry for her (the one she just created
> by VPN) and then have her disable/enable her connection, she connects
> and then CAN ping and CAN do her work.  I did this the other day
> and thought we had it fixed, but then she told me she got booted off
> about an hour and a half later.
>
>      She is runing XP Pro with Service Pack 2 (the firewall is
> disabled).  I've tried disabling DHCP over VPN on the Sonicwall (it's
> a 2040) to no avail.
>
>       For some reason, I can use the GVPN client from my computer
> fine, though.  I have a SOHO3 that I use to be connected all the time,
> but I took the SOHO3 offline and ran the cable modem right into my
> computer to use the GVPN client and I had no problems.
>
>       I've updated the firmware on the Sonicwall 2040 to the latest,
> (2.2.0.1) and the Windows 2000 server is completely up to date.
>
>       Does anyone have any ideas?
>
>        Thanks!
>
>       Mike
>


0
J
10/8/2004 3:03:46 PM

	Yes, I've thought of that!  :)  The only problem is that
she doesn't have broadband where she lives yet.  She's going to
order it any day now.

	In the meantime, I need to solve this issue for other users.

	Mike


On Fri, 08 Oct 2004 15:03:46 GMT, "J. McGoggin"
<johnmcgoggin@hotmail.com> wrote:

>Mike, I don't mean to sound glib here, but could you simply give her your
>SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
>hooking it up at least temporarily might give you more insight by being able
>to study the logs on the remote end.
>
>
>"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
>>
>>
>>      Recently, a problem with the Global VPN client started
>> popping up, and I'm at a loss to try to figure out why.  A client
>> that could connect with no problems before is now unable to connect.
>>
>>      What happens is that she fires up the GVPN client and gets
>> an IP using DHCP over VPN from the Windows 2000 Domain Controller
>> (it's got DNS and DHCP servers on it).  We checked in the log viewer
>> and she is actually getting an IP, because the last line in the
>> connection sequence says so.  We did NOT go into a command line
>> prompt and do an ipconfig/all to see what the Sonicwall Virtual
>> Adapter was reporting, though...I'm wishing I had done that now.
>>
>>      However, when she goes to ping anything, she can't.
>>
>>      Here's the weird part, and I am sure this has something to do
>> with the solution in some way...
>>
>>      When I Remote Desktop into the Server and open up the DHCP
>> server, if I delete the IP entry for her (the one she just created
>> by VPN) and then have her disable/enable her connection, she connects
>> and then CAN ping and CAN do her work.  I did this the other day
>> and thought we had it fixed, but then she told me she got booted off
>> about an hour and a half later.
>>
>>      She is runing XP Pro with Service Pack 2 (the firewall is
>> disabled).  I've tried disabling DHCP over VPN on the Sonicwall (it's
>> a 2040) to no avail.
>>
>>       For some reason, I can use the GVPN client from my computer
>> fine, though.  I have a SOHO3 that I use to be connected all the time,
>> but I took the SOHO3 offline and ran the cable modem right into my
>> computer to use the GVPN client and I had no problems.
>>
>>       I've updated the firmware on the Sonicwall 2040 to the latest,
>> (2.2.0.1) and the Windows 2000 server is completely up to date.
>>
>>       Does anyone have any ideas?
>>
>>        Thanks!
>>
>>       Mike
>>
>

0
Mike
10/8/2004 4:49:21 PM
I understand. My other thought was, have you tried switching to the older
v8.0 of the Sonicwall/SafeNet client? I'm not certain if it supports the
DHCP-over-VPN functionality you require, but from personal experience it's
generally a more reliable client than the new GVPN software, for unknown
reasons.

Lastly, have you tried de-selecting the 'Deterministic Network Enhancer'
that SafeNet typically attaches to your NIC? Strangely, I have found that
switching this on or off has cured problems before.

"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
news:o2hdm0tlld41rrql9rdq2cn1419dfofb2k@4ax.com...
>
>
> Yes, I've thought of that!  :)  The only problem is that
> she doesn't have broadband where she lives yet.  She's going to
> order it any day now.
>
> In the meantime, I need to solve this issue for other users.
>
> Mike
>
>
> On Fri, 08 Oct 2004 15:03:46 GMT, "J. McGoggin"
> <johnmcgoggin@hotmail.com> wrote:
>
> >Mike, I don't mean to sound glib here, but could you simply give her your
> >SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
> >hooking it up at least temporarily might give you more insight by being
able
> >to study the logs on the remote end.
> >
> >
> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
> >news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
> >>
> >>
> >>      Recently, a problem with the Global VPN client started
> >> popping up, and I'm at a loss to try to figure out why.  A client
> >> that could connect with no problems before is now unable to connect.
> >>
> >>      What happens is that she fires up the GVPN client and gets
> >> an IP using DHCP over VPN from the Windows 2000 Domain Controller
> >> (it's got DNS and DHCP servers on it).  We checked in the log viewer
> >> and she is actually getting an IP, because the last line in the
> >> connection sequence says so.  We did NOT go into a command line
> >> prompt and do an ipconfig/all to see what the Sonicwall Virtual
> >> Adapter was reporting, though...I'm wishing I had done that now.
> >>
> >>      However, when she goes to ping anything, she can't.
> >>
> >>      Here's the weird part, and I am sure this has something to do
> >> with the solution in some way...
> >>
> >>      When I Remote Desktop into the Server and open up the DHCP
> >> server, if I delete the IP entry for her (the one she just created
> >> by VPN) and then have her disable/enable her connection, she connects
> >> and then CAN ping and CAN do her work.  I did this the other day
> >> and thought we had it fixed, but then she told me she got booted off
> >> about an hour and a half later.
> >>
> >>      She is runing XP Pro with Service Pack 2 (the firewall is
> >> disabled).  I've tried disabling DHCP over VPN on the Sonicwall (it's
> >> a 2040) to no avail.
> >>
> >>       For some reason, I can use the GVPN client from my computer
> >> fine, though.  I have a SOHO3 that I use to be connected all the time,
> >> but I took the SOHO3 offline and ran the cable modem right into my
> >> computer to use the GVPN client and I had no problems.
> >>
> >>       I've updated the firmware on the Sonicwall 2040 to the latest,
> >> (2.2.0.1) and the Windows 2000 server is completely up to date.
> >>
> >>       Does anyone have any ideas?
> >>
> >>        Thanks!
> >>
> >>       Mike
> >>
> >
>


0
J
10/9/2004 4:21:57 AM

If you don't mind me cutting and pasting, I'm going to post what 
an associate and I did that seems to have corrected the problem.
I have only been able to test this fix with one person that could
not previously login, but her symptoms matched exactly all others
with the same problem.

	BTW, no I haven't tried v8.0 Safenet client.  I've only ever
used the GVPN client, but I'll look into that in the future.

	Also, I did deselect the Deterministic Network Enhancer on
my machine, (which never had a problem connecting) and it caused
my connection to fail.

	Anyway, here's my response in another newsgroup.

--------------------------------------------------------------------------------------------


	Well, I think I may have fixed it. The client that was having
trouble hasn't been able to test it, but another person who could
not get in using the VPN client was able to connect after these
changes were made:

We changed the lease time of the scope to 8 days,  changed the server
to assign addresses to both BOOTP and DHCP requests, and  clicked the
radio button for �always update DNS� and the checkbox for �Enable
updates for DNS clients that do not support dynamic update.� 

	Here's a portion of the log from the client...

===============================
Starting ISAKMP phase 2 negotiation with
10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP.

Starting quick mode phase 2 exchange.

The SA lifetime for phase 2 is 28800 seconds.

Phase 2 with 10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP has completed.

Renewing IP address for the virtual interface (XX-XX-XX-XX-XX-XX).

The IP address for the virtual interface has changed to 10.0.0.102.

The system ARP cache has been flushed.
================================

	Got any ideas as to why this could have fixed it?

	Thanks John!

          Mike


On Sat, 09 Oct 2004 04:21:57 GMT, "J. McGoggin"
<johnmcgoggin@hotmail.com> wrote:

>I understand. My other thought was, have you tried switching to the older
>v8.0 of the Sonicwall/SafeNet client? I'm not certain if it supports the
>DHCP-over-VPN functionality you require, but from personal experience it's
>generally a more reliable client than the new GVPN software, for unknown
>reasons.
>
>Lastly, have you tried de-selecting the 'Deterministic Network Enhancer'
>that SafeNet typically attaches to your NIC? Strangely, I have found that
>switching this on or off has cured problems before.
>
>"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>news:o2hdm0tlld41rrql9rdq2cn1419dfofb2k@4ax.com...
>>
>>
>> Yes, I've thought of that!  :)  The only problem is that
>> she doesn't have broadband where she lives yet.  She's going to
>> order it any day now.
>>
>> In the meantime, I need to solve this issue for other users.
>>
>> Mike
>>
>>
>> On Fri, 08 Oct 2004 15:03:46 GMT, "J. McGoggin"
>> <johnmcgoggin@hotmail.com> wrote:
>>
>> >Mike, I don't mean to sound glib here, but could you simply give her your
>> >SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
>> >hooking it up at least temporarily might give you more insight by being
>able
>> >to study the logs on the remote end.
>> >
>> >
>> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>> >news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
>> >>
>> >>
>> >>      Recently, a problem with the Global VPN client started
>> >> popping up, and I'm at a loss to try to figure out why.  A client
>> >> that could connect with no problems before is now unable to connect.
>> >>
>> >>      What happens is that she fires up the GVPN client and gets
>> >> an IP using DHCP over VPN from the Windows 2000 Domain Controller
>> >> (it's got DNS and DHCP servers on it).  We checked in the log viewer
>> >> and she is actually getting an IP, because the last line in the
>> >> connection sequence says so.  We did NOT go into a command line
>> >> prompt and do an ipconfig/all to see what the Sonicwall Virtual
>> >> Adapter was reporting, though...I'm wishing I had done that now.
>> >>
>> >>      However, when she goes to ping anything, she can't.
>> >>
>> >>      Here's the weird part, and I am sure this has something to do
>> >> with the solution in some way...
>> >>
>> >>      When I Remote Desktop into the Server and open up the DHCP
>> >> server, if I delete the IP entry for her (the one she just created
>> >> by VPN) and then have her disable/enable her connection, she connects
>> >> and then CAN ping and CAN do her work.  I did this the other day
>> >> and thought we had it fixed, but then she told me she got booted off
>> >> about an hour and a half later.
>> >>
>> >>      She is runing XP Pro with Service Pack 2 (the firewall is
>> >> disabled).  I've tried disabling DHCP over VPN on the Sonicwall (it's
>> >> a 2040) to no avail.
>> >>
>> >>       For some reason, I can use the GVPN client from my computer
>> >> fine, though.  I have a SOHO3 that I use to be connected all the time,
>> >> but I took the SOHO3 offline and ran the cable modem right into my
>> >> computer to use the GVPN client and I had no problems.
>> >>
>> >>       I've updated the firmware on the Sonicwall 2040 to the latest,
>> >> (2.2.0.1) and the Windows 2000 server is completely up to date.
>> >>
>> >>       Does anyone have any ideas?
>> >>
>> >>        Thanks!
>> >>
>> >>       Mike
>> >>
>> >
>>
>

0
Mike
10/9/2004 8:42:33 PM
Thanks for the update, Mike. I'm glad you found a solution.

Looks like issuing those extra commands somehow blew out the cobwebs; why
BOOTP would need to be summoned for a WinXP PC is beyond me. I've seen these
VPN clients hopelessly stump people much, much smarter and more experienced
than me.

Congratulations and good luck!

"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
news:tvigm093eq2q37lg9vlsdba1sfaag32g45@4ax.com...
>
>
> If you don't mind me cutting and pasting, I'm going to post what
> an associate and I did that seems to have corrected the problem.
> I have only been able to test this fix with one person that could
> not previously login, but her symptoms matched exactly all others
> with the same problem.
>
> BTW, no I haven't tried v8.0 Safenet client.  I've only ever
> used the GVPN client, but I'll look into that in the future.
>
> Also, I did deselect the Deterministic Network Enhancer on
> my machine, (which never had a problem connecting) and it caused
> my connection to fail.
>
> Anyway, here's my response in another newsgroup.
>
> --------------------------------------------------------------------------
------------------
>
>
> Well, I think I may have fixed it. The client that was having
> trouble hasn't been able to test it, but another person who could
> not get in using the VPN client was able to connect after these
> changes were made:
>
> We changed the lease time of the scope to 8 days,  changed the server
> to assign addresses to both BOOTP and DHCP requests, and  clicked the
> radio button for "always update DNS" and the checkbox for "Enable
> updates for DNS clients that do not support dynamic update."
>
> Here's a portion of the log from the client...
>
> ===============================
> Starting ISAKMP phase 2 negotiation with
> 10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP.
>
> Starting quick mode phase 2 exchange.
>
> The SA lifetime for phase 2 is 28800 seconds.
>
> Phase 2 with 10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP has completed.
>
> Renewing IP address for the virtual interface (XX-XX-XX-XX-XX-XX).
>
> The IP address for the virtual interface has changed to 10.0.0.102.
>
> The system ARP cache has been flushed.
> ================================
>
> Got any ideas as to why this could have fixed it?
>
> Thanks John!
>
>           Mike
>
>
> On Sat, 09 Oct 2004 04:21:57 GMT, "J. McGoggin"
> <johnmcgoggin@hotmail.com> wrote:
>
> >I understand. My other thought was, have you tried switching to the older
> >v8.0 of the Sonicwall/SafeNet client? I'm not certain if it supports the
> >DHCP-over-VPN functionality you require, but from personal experience
it's
> >generally a more reliable client than the new GVPN software, for unknown
> >reasons.
> >
> >Lastly, have you tried de-selecting the 'Deterministic Network Enhancer'
> >that SafeNet typically attaches to your NIC? Strangely, I have found that
> >switching this on or off has cured problems before.
> >
> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
> >news:o2hdm0tlld41rrql9rdq2cn1419dfofb2k@4ax.com...
> >>
> >>
> >> Yes, I've thought of that!  :)  The only problem is that
> >> she doesn't have broadband where she lives yet.  She's going to
> >> order it any day now.
> >>
> >> In the meantime, I need to solve this issue for other users.
> >>
> >> Mike
> >>
> >>
> >> On Fri, 08 Oct 2004 15:03:46 GMT, "J. McGoggin"
> >> <johnmcgoggin@hotmail.com> wrote:
> >>
> >> >Mike, I don't mean to sound glib here, but could you simply give her
your
> >> >SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
> >> >hooking it up at least temporarily might give you more insight by
being
> >able
> >> >to study the logs on the remote end.
> >> >
> >> >
> >> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
> >> >news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
> >> >>
> >> >>
> >> >>      Recently, a problem with the Global VPN client started
> >> >> popping up, and I'm at a loss to try to figure out why.  A client
> >> >> that could connect with no problems before is now unable to connect.
> >> >>
> >> >>      What happens is that she fires up the GVPN client and gets
> >> >> an IP using DHCP over VPN from the Windows 2000 Domain Controller
> >> >> (it's got DNS and DHCP servers on it).  We checked in the log viewer
> >> >> and she is actually getting an IP, because the last line in the
> >> >> connection sequence says so.  We did NOT go into a command line
> >> >> prompt and do an ipconfig/all to see what the Sonicwall Virtual
> >> >> Adapter was reporting, though...I'm wishing I had done that now.
> >> >>
> >> >>      However, when she goes to ping anything, she can't.
> >> >>
> >> >>      Here's the weird part, and I am sure this has something to do
> >> >> with the solution in some way...
> >> >>
> >> >>      When I Remote Desktop into the Server and open up the DHCP
> >> >> server, if I delete the IP entry for her (the one she just created
> >> >> by VPN) and then have her disable/enable her connection, she
connects
> >> >> and then CAN ping and CAN do her work.  I did this the other day
> >> >> and thought we had it fixed, but then she told me she got booted off
> >> >> about an hour and a half later.
> >> >>
> >> >>      She is runing XP Pro with Service Pack 2 (the firewall is
> >> >> disabled).  I've tried disabling DHCP over VPN on the Sonicwall
(it's
> >> >> a 2040) to no avail.
> >> >>
> >> >>       For some reason, I can use the GVPN client from my computer
> >> >> fine, though.  I have a SOHO3 that I use to be connected all the
time,
> >> >> but I took the SOHO3 offline and ran the cable modem right into my
> >> >> computer to use the GVPN client and I had no problems.
> >> >>
> >> >>       I've updated the firmware on the Sonicwall 2040 to the latest,
> >> >> (2.2.0.1) and the Windows 2000 server is completely up to date.
> >> >>
> >> >>       Does anyone have any ideas?
> >> >>
> >> >>        Thanks!
> >> >>
> >> >>       Mike
> >> >>
> >> >
> >>
> >
>


0
J
10/11/2004 3:26:55 PM

	Thanks again for your help, John.  :)

	Mike



On Mon, 11 Oct 2004 15:26:55 GMT, "J. McGoggin"
<johnmcgoggin@hotmail.com> wrote:

>Thanks for the update, Mike. I'm glad you found a solution.
>
>Looks like issuing those extra commands somehow blew out the cobwebs; why
>BOOTP would need to be summoned for a WinXP PC is beyond me. I've seen these
>VPN clients hopelessly stump people much, much smarter and more experienced
>than me.
>
>Congratulations and good luck!
>
>"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>news:tvigm093eq2q37lg9vlsdba1sfaag32g45@4ax.com...
>>
>>
>> If you don't mind me cutting and pasting, I'm going to post what
>> an associate and I did that seems to have corrected the problem.
>> I have only been able to test this fix with one person that could
>> not previously login, but her symptoms matched exactly all others
>> with the same problem.
>>
>> BTW, no I haven't tried v8.0 Safenet client.  I've only ever
>> used the GVPN client, but I'll look into that in the future.
>>
>> Also, I did deselect the Deterministic Network Enhancer on
>> my machine, (which never had a problem connecting) and it caused
>> my connection to fail.
>>
>> Anyway, here's my response in another newsgroup.
>>
>> --------------------------------------------------------------------------
>------------------
>>
>>
>> Well, I think I may have fixed it. The client that was having
>> trouble hasn't been able to test it, but another person who could
>> not get in using the VPN client was able to connect after these
>> changes were made:
>>
>> We changed the lease time of the scope to 8 days,  changed the server
>> to assign addresses to both BOOTP and DHCP requests, and  clicked the
>> radio button for "always update DNS" and the checkbox for "Enable
>> updates for DNS clients that do not support dynamic update."
>>
>> Here's a portion of the log from the client...
>>
>> ===============================
>> Starting ISAKMP phase 2 negotiation with
>> 10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP.
>>
>> Starting quick mode phase 2 exchange.
>>
>> The SA lifetime for phase 2 is 28800 seconds.
>>
>> Phase 2 with 10.0.0.0/255.255.255.0:BOOTPC:BOOTPS:UDP has completed.
>>
>> Renewing IP address for the virtual interface (XX-XX-XX-XX-XX-XX).
>>
>> The IP address for the virtual interface has changed to 10.0.0.102.
>>
>> The system ARP cache has been flushed.
>> ================================
>>
>> Got any ideas as to why this could have fixed it?
>>
>> Thanks John!
>>
>>           Mike
>>
>>
>> On Sat, 09 Oct 2004 04:21:57 GMT, "J. McGoggin"
>> <johnmcgoggin@hotmail.com> wrote:
>>
>> >I understand. My other thought was, have you tried switching to the older
>> >v8.0 of the Sonicwall/SafeNet client? I'm not certain if it supports the
>> >DHCP-over-VPN functionality you require, but from personal experience
>it's
>> >generally a more reliable client than the new GVPN software, for unknown
>> >reasons.
>> >
>> >Lastly, have you tried de-selecting the 'Deterministic Network Enhancer'
>> >that SafeNet typically attaches to your NIC? Strangely, I have found that
>> >switching this on or off has cured problems before.
>> >
>> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>> >news:o2hdm0tlld41rrql9rdq2cn1419dfofb2k@4ax.com...
>> >>
>> >>
>> >> Yes, I've thought of that!  :)  The only problem is that
>> >> she doesn't have broadband where she lives yet.  She's going to
>> >> order it any day now.
>> >>
>> >> In the meantime, I need to solve this issue for other users.
>> >>
>> >> Mike
>> >>
>> >>
>> >> On Fri, 08 Oct 2004 15:03:46 GMT, "J. McGoggin"
>> >> <johnmcgoggin@hotmail.com> wrote:
>> >>
>> >> >Mike, I don't mean to sound glib here, but could you simply give her
>your
>> >> >SOHO3 to use? Maybe a box of her own is cost-prohibitive, but perhaps
>> >> >hooking it up at least temporarily might give you more insight by
>being
>> >able
>> >> >to study the logs on the remote end.
>> >> >
>> >> >
>> >> >"Mike Barry" <FangaTanogoat@egreess.com> wrote in message
>> >> >news:8ib9m09lrd1no4kg62cf5srgt5asb6n5k0@4ax.com...
>> >> >>
>> >> >>
>> >> >>      Recently, a problem with the Global VPN client started
>> >> >> popping up, and I'm at a loss to try to figure out why.  A client
>> >> >> that could connect with no problems before is now unable to connect.
>> >> >>
>> >> >>      What happens is that she fires up the GVPN client and gets
>> >> >> an IP using DHCP over VPN from the Windows 2000 Domain Controller
>> >> >> (it's got DNS and DHCP servers on it).  We checked in the log viewer
>> >> >> and she is actually getting an IP, because the last line in the
>> >> >> connection sequence says so.  We did NOT go into a command line
>> >> >> prompt and do an ipconfig/all to see what the Sonicwall Virtual
>> >> >> Adapter was reporting, though...I'm wishing I had done that now.
>> >> >>
>> >> >>      However, when she goes to ping anything, she can't.
>> >> >>
>> >> >>      Here's the weird part, and I am sure this has something to do
>> >> >> with the solution in some way...
>> >> >>
>> >> >>      When I Remote Desktop into the Server and open up the DHCP
>> >> >> server, if I delete the IP entry for her (the one she just created
>> >> >> by VPN) and then have her disable/enable her connection, she
>connects
>> >> >> and then CAN ping and CAN do her work.  I did this the other day
>> >> >> and thought we had it fixed, but then she told me she got booted off
>> >> >> about an hour and a half later.
>> >> >>
>> >> >>      She is runing XP Pro with Service Pack 2 (the firewall is
>> >> >> disabled).  I've tried disabling DHCP over VPN on the Sonicwall
>(it's
>> >> >> a 2040) to no avail.
>> >> >>
>> >> >>       For some reason, I can use the GVPN client from my computer
>> >> >> fine, though.  I have a SOHO3 that I use to be connected all the
>time,
>> >> >> but I took the SOHO3 offline and ran the cable modem right into my
>> >> >> computer to use the GVPN client and I had no problems.
>> >> >>
>> >> >>       I've updated the firmware on the Sonicwall 2040 to the latest,
>> >> >> (2.2.0.1) and the Windows 2000 server is completely up to date.
>> >> >>
>> >> >>       Does anyone have any ideas?
>> >> >>
>> >> >>        Thanks!
>> >> >>
>> >> >>       Mike
>> >> >>
>> >> >
>> >>
>> >
>>
>

0
Mike
10/11/2004 11:51:39 PM
Reply:

Similar Artilces:

PIX VPN S-2-S and VPN server
I have 2 pix firewalls i have VPN site to site and it works i had VPN server (cisco VPN client) after i put VPN Site-2-SIte VPN server does not work this is my config for a Office and remote site Office PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 access-list outside_access_in permit icmp any any log access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 access-list 101 permit ip 192.168.1.0 255.255.255.0 80.80.80.112 255.255.255.240 ip address outside 90.90.90.18 255.25...

VPN through VPN
I apologize if this question has been asked before. I have searched and the results did not lend what I was looking for, I have connected to my office VPN, the office is connected to the colo vpn. Is it possible to connect to our colo vpn from my current connection at home? I would think it is... perhaps I need some fancy routing/firewall rules? Anyone willing to field this one? Background info: Home to Office is 3des ike preshared key Office to Colo is aes ike preshared key Home & Office are different types of hardware Office & Colo are the same type of hardware All VPN access is being performed by network devices and not software on a PC/Server. Thanks in advance for your assistance, -james Does this Help ? Spoke to Client VPN: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml In article <1146930840.782412.189990@v46g2000cwv.googlegroups.com>, <james.p.carter@gmail.com> wrote: >I apologize if this question has been asked before. I have searched and >the results did not lend what I was looking for, I have connected to my >office VPN, the office is connected to the colo vpn. Is it possible to >connect to our colo vpn from my current connection at home? I would >think it is... perhaps I need some fancy routing/firewall rules? Anyone >willing to field this one? It depends on the hardware and on the network topology, and on how it is all configured. For example, the Cisco P...

External DHCP for Easy Vpn Server 1712 VPN Client
Hi Do You konow how to configure Easy VPN Server onto 1712 to give the Vpn client NOT pool ip address but taken from outsouce - another DHCP Windows server? Thansk P.S. ...

VPN in a VPN
hi man can build a different one VPN tunnel in a VPN tunnel via Cisco's. gru� joe In article <c7hthp$ljm$06$1@news.t-online.com>, joe <joe.sa@t-online.de> wrote: :man can build a different one VPN tunnel in a VPN tunnel via Cisco's. Not using a Cisco PIX. With IOS, you might be able to do it using a loopback interface. For both IOS and PIX, all crypto map policies applied to the same interface send out the IPSec packets directly to the peer, even if the peer is within an address range matched by the ACL for a different crypto map policy. I do not know what would h...

Any VPN client for RH linux to connect to office VPN server (Sonicwall)
Guys: We are using Sonicwall VPN server at office, I have VPN client installed on Windows PC, no problem to login to office machines, But I need to access remotely from RH Linux PC, any VPN client available which can connect to Sonic wall VPN server (I need to install that VPN client on Linux PC)?. This way I can check-out my code into Linux machine, which I can compile locally than always telnet/ssh from windows machine which is very slow. Thanks in advance. GS Am Wed, 28 Mar 2007 13:54:54 -0700 schrieb GS: > Guys: > > We are using Sonicwall VPN server at office, I have VPN client > installed on Windows PC, no problem to login to office machines, But I > need to access remotely from RH Linux PC, any VPN client available > which can connect to Sonic wall VPN server (I need to install that VPN > client on Linux PC)?. This way I can check-out my code into Linux > machine, which I can compile locally than always telnet/ssh from > windows machine which is very slow. Thanks in advance. > > GS Hi, which model do you have? We're using 5060 and 4100 and it works with openswan (debian) with dynamic IP. -- E-Mail burkhard.ott@evolver.de Web www.evolver.de We are using 3060, let me know whether it supports, I am using RH Linux, if RH not supports, I will switch to Debian. Thanks. ...

VPN MICROSOFT VS VPN SONICWALL
Hi i am planing to configure my network for a vpn connection. i am gona need help, i do not know wiche one should i use, a microsoft VPN connection or my firewall ( sonicwall ) VPN application? any one knows wich one is more secure, and faster? thanks in advanced On 27 Apr 2004 13:26:49 -0700, shadi spoketh >Hi i am planing to configure my network for a vpn connection. i am >gona need help, i do not know wiche one should i use, a microsoft VPN >connection or my firewall ( sonicwall ) VPN application? >any one knows wich one is more secure, and faster? >thanks in advanced Those are the wrong questions to ask. They are both secure (meaning, they use good encryption algorithms and authentication protocols), and speed is a layer 1 (physical) issue, not a layer 7 (application) issue. Most likely, the bottle neck with regard to speed will be your internet connection and not the VPN client software. Lars M. Hansen http://www.hansenonline.net (replace 'badnews' with 'news' in e-mail address) Thanks a lot for ur help, sorry if i post the worng question. I would like to know wiche one would u recomande me to use? Lars M. Hansen <badnews@hansenonline.net> wrote in message news:<biht80praoerb2aol5kq4s8mp6cpcrsijq@4ax.com>... > On 27 Apr 2004 13:26:49 -0700, shadi spoketh > > >Hi i am planing to configure my network for a vpn connection. i am > >gona need help, i do not know wiche one should i use, a microsoft VPN > &...

Sonicwall VPN problem
I'm having a pretty tough time getting a particular feature to work with a Sonicwall VPN tunnel. I currently have a normal tunnel working. Sonicwall has a feature where you can "Apply NAT and firewall rules" to a tunnel so we can limit specific ports on once side of the VPN so the other side can only access those services and not the entire network. Everytime I do the Sonicwall recommendations, the tunnel drops and I can't get it to work. The document that explains how to handle this is here: http://www.jonesconsulting.net/advancedvpn.pdf I currently have an open ticket with Sonicwall and thier piece of trash support system. Their technicians there don't have a clue and if you'd like to see the thread so far as to what has transpired, go here: http://www.jonesconsulting.net/techsupport.txt as it is far too much info for this post. Now, I have been able to bring the tunnel up by following what the documentation states in cases where you have muliple IPs. Sonicwall states that this shouldn't matter and you should be able to use the external address of the firewall and a subnet mask of 255.255.255.255 for the destination network on the remote SA. Despite the tunnel being up, I was unable to pass any data even with rules that allowed all protocols to pass to all IPs on the opposite network. Anyone have any ideas? I know this may be beyond confusing by now, but it's only that way because Sonicwall support has no clue. I know the probl...

Sonicwall VPN: Phase 2 failures Anyone know of a good resource for Sonicwall VPN support?
Hello, Since upgrading my Sonicwall's firmware to 6.5.0.4 I have been unable to establish a VPN into the Sonicwall using the Client software ver 8.x My sonicwall Support agreement is long expired, and I am being wiped out in the Phase2 negotiations for the VPN with the old favourite: "No Proposal Chosen" error. Can anyone suggest other things to check when dealing with IKE phase 2 in addition to: - Encapsulation/ Authentication variants (I feel I've tried every combination at both end) - The IP settings for each end of the tunnel (again I've tried every combination) Or failing that direct me to a good resource for Sonicwall info e.g. a user forum. The Sonicwall VPN client doco is out of date and useless, their site equally as useless thank you Nick Not sure if this will help... If using Group VPN, have you tried re-Exporting the SA, then bringing into the client? Chris "ngunity" <ngunity@yahoo.com.au> wrote in message news:DtyDb.5558$xm.172975@nasal.pacific.net.au... > Hello, > > Since upgrading my Sonicwall's firmware to 6.5.0.4 I have been unable to > establish a VPN into the Sonicwall using the Client software ver 8.x > > My sonicwall Support agreement is long expired, and I am being wiped out in > the Phase2 negotiations for the VPN with the old favourite: "No Proposal > Chosen" error. > > Can anyone suggest other things to check when dealing with IKE phase 2 in > addition to: ...

LINUX VPN client to Microsoft VPN Server
I've searched far and wide and have been hitting dead ends with PPTP PPPD PPP OPENVPN OOP PPTPConfig and KVpnc We have a Windows 2003 server hosting (with AD) VPN and I'm on Suse10 linux. Every one of those methods gives me the same error where my network card is sending a ConfReq until it times out. No replies or anything. Of course windows computers can VPN easily. Firewall Ports open LINUX: 1723, GRE, 1194 (A few others that don't pertain to this problem I believe) Here's a log: pptpconfig: debug information dump begins WARNING: security sensitive information follows pptpconfig 1.8 2006/04/06 06:22:26 # pppd --version pppd version 2.4.3 # uname -a Linux server 2.6.16.13-4-default #1 Wed May 3 04:53:23 UTC 2006 i686 i686 i386 GNU/Linux # modinfo ppp_mppe || modinfo ppp_mppe_mppc filename: /lib/modules/2.6.16.13-4-default/kernel/drivers/net/ppp_mppe.ko author: Frank Cusack <fcusack@fcusack.com> description: Point-to-Point Protocol Microsoft Point-to-Point Encryption support license: Dual BSD/GPL alias: ppp-compress-18 version: 1.0.2 vermagic: 2.6.16.13-4-default 586 REGPARM gcc-4.1 supported: yes depends: ppp_generic srcversion: 6B88E623CA7C4D7FE2F11FA # grep mppe /proc/modules Array ( [name] => Storage again [server] => *.*.*.* [domain] => (hidden by pptpconfig) [username] => vcorp [password] => (hidden by pptpconfig) [pppd-options] => [ppt...

Site-to-Site VPN & VPN Server
We currently have a site-to-site VPN. We would like to also setup our own VPN so our agents can work from home. When I use the SDM to setup the VPN server, it takes down the site-to-site. Questions are: 1) Is this possible, if so, then thats great :-) 2) If it is possible, is SDM the best in setting up this? Can I have the same IP Sec Policy for both vpns? I haven't had any luck using SDM. Best to go on to CCO and look for some sample configs to help you with this. If you cannot find any, then post your config, and take out the IP"s and passwords so we are not tempted t...

Windows VPN Server Problems.
Hi All I have set up a VPN server on an XP machine, and have ticked the option that allows the guest to access the local resources. I can connect to the server from an XP machine via the net, and all looks fine, except I can't actually access any thing. IE I can connect ok, but can't see any of the machines on the remote network, and can't ping any to them either. Any hints folks?? Mark Update:- I have change the IP of the remote machine and it can now connect to the server ok, and access the network facilities of the server. It can also see the other workgroup PC's...

VPN Throug VPN
I Use at my university a VPN Wlan Connection and i'll connect through this connection to another VPN (Company) Is it possible and how to do this?? BRGDS and Thanks, J ...

1841 VPN server without the AIM VPN module
I am searching for a Cisco router that supports VPN for about maximum 10 concurrent VPN connections for roaming users and also a firewall for the company. I think the 1841 with VPN features is affordable, but I would like to have your advice whethere the AIM VPN module is necessary or not. Without that module, is it too slow for VPN ? This router will not provide T1 connection at all, but it does need firewall features. Any advice is greatly appreciated. DT ...

VPN Client - SSH -SSHd
I have been using sshd on a Linux firewall/router/gateway and Putty on Windows based clients for quite some time now. It gives me a very good feeling to make that encrypted, keyed and pass-phrase secured connection to tunnel everything from POP3 to Terminal Services. As much as a VPN connection offers, using Microsoft's pptp makes very nervous. All somebody needs to hack in is the correct address, username and password (or some other hole) and they have full VPN access to the network and server. I know there are more secure methods for VPN however, they all require ...

Windows VPN Server Problems.
Hi All I have set up a VPN server on an XP machine, and have ticked the option that allows the guest to access the local resources. I can connect to the server from an XP machine via the net, and all looks fine, except I can't actually access any thing. IE I can connect ok, but can't see any of the machines on the remote network, and can't ping any to them either. Any hints folks?? Mark Update:- I have change the IP of the remote machine and it can now connect to the server ok, and access the network facilities of the server. It can also see the other workgroup PC's...

VPN from Cisco to VPN
Does anyone know how to create a VPN (ANy type) from a Cisco 1601 to a Netscreen 100? Or where to get the information. I have emailed you a stepthrough Dave Sinclair NCSA NetScreen Certified Security Associate NCSI NetScreen Certified Security Instructor Equip Technology.com NetScreen Authrorised Training Centre in the UK ...

VPN Client & Soho 91 VPN Problems
Hi, i've problems building up an vpn tunnel from a notebook to my soho 91. I'm newbee, sorry for that, but here i post my config and it will be fine, if someone can check it. Thanks Chris ------------------------ cisco(config)#do sh conf Using 2639 out of 131072 bytes ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname cisco ! boot-start-marker boot-end-marker ! enable secret 5 XXX ! username XXX password 0 XXX username CRWS_Giri privilege 15 password 0 XXX aaa new-model ! ! aaa authoriz...

PIX 501 VPN servers and VPN site to site
Hello I have 2 cisco PIX firewalls. Ihave VPN servers on both of PIX. How can i make VPN site to site this is mu config Office PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname fwl1 names object-group service tcp_19 tcp description tcp ports for server on address 80.80.80.19 port-object eq www port-object eq https access-list outside_access_in permit icmp any any log access-list outside_access_in permit tcp any host 80.80.80.19 object-group tcp_19 access-list 101 permit ip 192.168.1.0 255.2...

VPN - Cisco IOS <-> VPN Client
Hello everybody, I have tried to set up a VPN connection from Cisco VPN Client to Cisco Router 2621 (64MB RAM/ 16MB Flash) - with enterprise IOS 12.2. When I map a crypto map to the interface ( crypto map CRYPTOMAP to serial 0/0.1 ) - the nat stopped working and I havn't got a remonte connection to my router and other services behind the router. When I got to the LAN I was able to connect to router via ssh. I don't know what is wrong. I have studied Cisco materials and some other configs without any ideas. Would You be so kind and help me with this configuration ? Than...

Windows VPN domain login through non-windows VPN server?
The clients are all roadrunner win2k. The LAN is Windows2000 Active Directory with NT4 domain compatibility. The VPN firewall is being considered and BSD, Linux and windows2000 are on the table. The preferred solution is an OpenBSD firewall letting through ipsec clients which will then login to the internal NT Domain. Is this possible? If thats possible, two other issues immediately arise. Can the firewall use the internal DHCP server to assign the IP address, and can it allow kerberos or x509 logons authenticated against another server? I'm hoping for replies of reports of t...

Sonocwall VPN on a Sonicwall Pro230
Hi, The VPN clients connect to the LAN, and the connection is stable. But, the VPN clients cannot browse the Internet? The VPN clients gets a IP address from our DHCP server on the LAN, there are no problems reaching all resources on the LAN, but the Internet is nor reachable, not even ping. A trace route tells me that it all stops on the central router (192.168.0.1). The central router is using the Sonicwall to reach the Internet I have attached a picture of the setup, hope that it makes it more clear :-) If you have any suggestions, please let med know. Thanks and best...

SonicWall VPN DNS refresh problems
Hi, First please do not reply to this email address as it no longer exists, just post back to the newsgroup. I have a problem with this VPN configuration: - We have a SonicWall 230 Pro - We use the SonicWall Global VPN Client on our home Windows XP computers - When connected the SonicWall network adapter does show up as being properly configured; meaning it has a valid IP and its DNS server entries are also properly configured. I am also able to ping the DNS servers from the VPN connection. The problem is the following: when we connect to the VPN to access our office network the DNS cached entries are never refreshed when we connect. So when ever a computer ends its IP lease from our DHCP the home computer will not know about it. So trying to access a computer X which had the IP 192.168.1.100 but with its new lease got the IP 192.168.1.110 will not work, pinging the computer X will comeback as unreachable from IP 192.168.1.100 when in fact its IP changed. Now if I do a "ipconfig /flushdns" and "ipconfig /registerdns" all the DNS entries from our DNS server are refresh and I can now access X, but asking all my users to do the same is a bit of a problem. Any ideas how to resolve this?? Thanks Patrick Moreau On 20 Apr 2004 09:55:38 -0700, Patrick Moreau spoketh >Hi, > >First please do not reply to this email address as it no longer >exists, just post back to the newsgroup. > >I have a problem with this VPN configuration: >- We ha...

SonicWall Global VPN Client Issue
Hi, Currently we use a SonicWall firewall and the Global VPN Client for users to connect remotely. Oddly, the following problem seems to occur randomly with the client. As the system admin, when a user requests a laptop, I setup the VPN client for them and their profile. After setup and entering the pre-shared key, the connection status makes its way to "Connected." Although I understand that the VPN does not work properly when within our network's "walls," when the user takes the laptop home, sometimes, when opening the client, they get a message stating "there was no connection named..." It's almost as if the connection that I had setup "disappears" when they take it home and connect from an alternate network. I am completely stumped why this is happening. Currently, the only method of resolution is to walk them through the process to re-create the connection and providing them with the pre-shared key, which is somewhat of a security issue. If anyone has any ideas, please let me know. Thanks. Anyone have any suggestions? Thanks. Am Sun, 20 May 2007 10:53:43 -0700 schrieb Foodbank: > Anyone have any suggestions? > > Thanks. I have since 2 weeks various security related issues with sonicwall but it is another story. Which version of GVC do you use? Did you setup the connection via useraccount or administrator? regards I have the latest version from SonicWall's website. Regarding user setup, I'...

Sonicwall TZ 170
I'm unable to successfully terminate VPN connections with the "Global VPN Client". I've configured a local user on unit and as far as I can tell setup a working VPN configuration. I can connect to the TZ 170 and there are no errors in the log, but I can't send traffic to anything on the inside. No DHCP adress is issued ethier, but i've tried using a static IP/mask on the Sonicwall adapter. Any help would be apreciated. CH ...

Web resources about - Sonicwall Global VPN problem with DHCP server (Win2000) - comp.dcom.vpn

SonicWall - Wikipedia, the free encyclopedia
SonicWall (styled SonicWALL ), originally a private company headquartered in San Jose, California , and now owned by Dell , sells a range of ...

SonicWALL Mobile Connect on the App Store on iTunes
Get SonicWALL Mobile Connect on the App Store. See screenshots and ratings, and read customer reviews.

Dell beefs up security offering with SonicWALL TZ Series Firewalls
Dell has bolstered its security offering with the release of the new SonicWALL TZ Series firewalls.

Dell to buy SonicWALL for security
Dell to buy SonicWALL for security

Dell to Acquire SonicWall for Undisclosed Amount
Hardware giant Dell said it will acquire SonicWall , a privately held maker of network security gear, for an undisclosed sum. SonicWall had been ...

Dell Buys Firewall Firm SonicWall
... ) are up 9 cents, or half a point at $17.05 in early trading after the company this morning said it intends to acquire privately held SonicWall ...

Dell's evolution continues with acquisition of firewall company SonicWall
Dell announced on Tuesday that it will be acquiring firewall and network security management company SonicWall Inc. for an undisclosed sum. Analysts ...

Dell Completes Acquisition of IT Security Leader SonicWALL
Dell Inc. (NASDAQ: DELL) today announced it has finalized its acquisition of SonicWALL, Inc., a leader in advanced network security, secure remote ...

Dell acquires security vendor SonicWall
Dell announced on Tuesday that it is planning to acquire SonicWall, a security vendor that specialises in firewalls, network security and antispam ...

Dell Security Chief: SonicWall Trounces Cisco On Price, Performance And Ease ...
Dell Security Chief: SonicWall Trounces Cisco On Price, Performance And Ease ... CRN The new head of Dell Security Solutions isn't pulling ...

Resources last updated: 3/20/2016 5:33:51 PM