TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
Did this start after a recent firmware upgrade? Or is this a new install? Your screenshot 'sd-wan-mulfunctin3' shows total usage on core 0 at ~63%, do you have Control Plane flood protection on? Have you opened a support case? You have a tough one.
-
To answer the subject line, yes it is. OS 7.x has some very terrible warning and error messages, as you can see are often incomplete. Start with firmware: if you aren't on the latest version, do an upgrade and try again.
-
Think about what you are trying to accomplish and what obstacles may be in the way. Read up on Zones on Sonicwalls and look through your access rules. Run a packet capture.
-
Yes, the 'Local Networks' setting on the S2S VPN config. Does 'firewalled subnets' include the SSLVPN Client IP address range? I'm going to guess no.
-
Personally I wouldn't bother, managing the Sonicwall switches through the firewall UI is limited. But, what firewall firmware are running? Have you tried factory defaulting the problem switch and starting over?
-
You're throwing words around and it's very confusing. How is the WAN configured on the Sonicwall (static IP)? Do you control the other end of the VPN tunnel? What is your end goal? It sounds like you want to apply NAT to VPN tunnel traffic, but again your post is very confusing.
-
Is your VPN tunnel site to site or tunnel interface? Is your SSLVPN client subnet included in the site to site / route through tunnel? Have you run a packet capture to determine where the packets are getting dropped?
-
Run a packet capture on both ends to see where the traffic is dropping.
-
Open a ticket.
-
Read up on round-robin DNS A records for SSLVPN connections. Site to site connections, the other IPSec gateway needs to know about your secondary WAN IP address.
-
This would be complicated to implement. How many VPN providers are out there? Lots and more keep popping up. So are you proposing a selection based filter like GEOIP so you can block connections from select known providers? Do the known providers publish their exit node addresses? And next month a new one is created, and…
-
This has been asked and answered many times. Add the remote subnet to the SSLVPN Client Settings \ Client Routes (this will add the route to the end user machine once connected via NetExtender). Add the remote subnet, or IP in the remote subnet, to the users VPN access in Local Users \ %USER% \ VPN access (this will grant…
-
How is your Sonicwall configured? Are both the 192.x.x.x and 10.x.x.x subnets controlled by the Sonicwall? You haven't provided us much information.
-
Check your subnet masks is what MITATONGE is getting at. If you put a laptop on the connection the Sonicwall is using (with the same IP x.x.x.62) do you still have the same issue?
-
I did not have this experience with Gen 7 FWIW.