Comments

• If you are pinging continuously something across a tunnel and the Out counters are not incrementing, then the problem is at your end.

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• I just noticed the NAT column is valued in your packet capture. Are you intentionally NATing across this tunnel?

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• SA counters are on Active Tunnels tab, then you have to click on the rectangle-with-horizontal-lines icon to get the stats. This is only any use as a diagnostic if there is no other on the tunnel than the traffic you're interested in, which can be tricky to achieve!

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• You need to get them to do the same as you - do they see your packets in a packet capture at their end? Do the byte counters increment on the SA when you're pinging?

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• Yes. If you enable further advanced options in the capture I think you will be able to see the post-encrypted packets.

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• ICMP is it's own IP Type, it will not be matched by TCP or UDP.

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• IME pinging from the firewall itself is not always reliable. I suggest you start a continuous ping from a client device and look out for that in the capture. You can also check the Connection Monitor for a flow for the same,

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• Packet capture. Do the ping packets arrive at the other side?

  in Cannot ping through VPN tunnel Comment by Arkwright November 2023
• If there is an HRSP "community" that represents 172.16.10.6 then why do you think you need to use four Sonicwall interfaces for this one network? Forget about X13. Set gateway to 172.16.10.6 on X12. Whichever of FW-A or FW-B is active will route traffic to it. Whichever of 200M router or 10G router is active will handle…

  in Help to configure redundancy Comment by Arkwright November 2023
• Maybe someone else knows better, but like I said, I don't think it's possible. You will probably find it easier to change the interface IP of the firewall than to work around this.

  in Site to Site VPN on specific WAN IP Comment by Arkwright November 2023
• NSM [or GMS which I think is EOL now] are the Sonicwall tools for mass-management of firewalls.

  in New to Sonicwall - need pointers Comment by Arkwright November 2023
• You don't mention the IKE ID, this defaults to the IP of the interface it's on. Try manually setting it? But I suspect that what you're asking for isn't possible. If you explain why you're trying to do this, we might be able to suggest a better approach.

  in Site to Site VPN on specific WAN IP Comment by Arkwright November 2023
• I think I need to add tunnels from each building to every other building. I was just asking if this is the best way to achieve what I am looking for OR if I should be able to get to every building through the main building (right now I can't do this). If you mesh everything together [tunnel from every site to every site]…

  in New to Sonicwall - need pointers Comment by Arkwright November 2023
• I wish to connect to one location and have access to all locations for management If you mean managing remote firewalls, the VPN policy will need to have management enabled on it as well.

  in New to Sonicwall - need pointers Comment by Arkwright November 2023
• Well.....it would have taken me a long time to find that because it seems like it would be completely unrelated. But on the other hand I don't work for Sonicwall support!

  in DHCP IP HELPER over SDWAN VPN Comment by Arkwright November 2023
More Comments