TKWITS Community Legend ✭✭✭✭✭
Reactions
Comments
-
You do have to consider the impact Tunnel-All mode makes on the traffic traversing the SSLVPN tunnel...
-
You failed to say that the firewall was not upgrading through NSM in your original post. Is your NSM license still valid? As Enzino mentioned, try a local upgrade.
-
While Ajishlal's screenshots are helpful, we do not know what your current configuration is as you did not provide its details. Think about the flow of both the inbound and outbound traffic. Inbound from the requester will hit Site A WAN, translate to the site B DVR address, and send that traffic over the existing tunnel…
-
No, but good to know. Have you tried using the MSI file rather than the EXE? What firmware version are you running?
-
The only other option is using printer redirection over RDP. But if your company does not have you RDP-ing into something than this is moot.
-
Each VLAN should have its own Zone, otherwise whats the point of having a zone-based firewall? 'Guest' networks should have a Guest zone with security type public (it's an untrusted network). 'Voice' networks should have a Voice zone with security type trusted. I think your missing the Security Type concept.
-
For additional clarification for future readers. As mentioned in the 'answer' the Sonicwall doesn't share the entire SSLVPN subnet/range, it shares each INDIVIDUAL route. That means routes will only show up when clients connect.
-
You're welcome.
-
You failed to mention that you were redistributing to Ciscos in your original post. Getting OSPF to share the SSLVPN client route CONSISTENTLY with the Cisco ended up being the nail in the coffin. We ended up just doing static routes. I couldn't determine the rhyme or reason why some SSLVPN client routes would get shared…
-
This is possible. I've done it with Gen6, but its been a while. No need to go into the shell, I believe you just have to redistribute static routes using the 'standard' ABR. Some background here is how SSL VPN client addresses get added to the Sonicwalls routing table (static routes, not in the ARS table). This is…
-
Support suggested you seek professional services? That's not very professional. Support can't even support their own products. @EnaBev @MasterRoshi
-
You'd have to open a ticket with support for additional information. At this point with Gen 7 its usually best to run the latest available as prior versions have been unstable.
-
Are you doing anything with Bandwidth Management? If so try disabling it. Some other things to try: Try using a different interface (X3) for the CLARO ISP connection and test. Try using X1 for CLARO ISP and X2 for MOVISTAR and test. Factory default the unit and set it up with the bare minimum required for connectivity on…
-
This doesnt make any logical sense. In a standard setup with NAT, any traffic going out of a WAN interface will have the interface IP address as the source. That means any reply traffic will be destined to the same WAN interface. This is how IP works. While there is Asymmetric Routing, I don't think it'll accomplish what…