Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sonicwall VPN issue 1

Status
Not open for further replies.
M8KWR

M8KWR

Programmer
Aug 18, 2004
864
GB
I have a user set up at home, via a sonicwall vpn link, which was working fine, until they connected a BT Voyager 2110 wireless router and now the link will not work correctly.

I am assuming i need to change settings within the router in order for the to work, but could anyone give me any suggestions i would be most grateful and thanks in advance.

 
Sort by date Sort by votes
Hi M8kwr welcome back to the SonicWALL Forum,

Here are some solutions:

1. One of the changes you wil have to make is to disable NAT T on the VPN Client. .

2. Enable the IPSEC pass through feature in the BT Voyager. (it might be disabled by default)

I have written a FAQ on that and other solutions for you. Check there.

Good Luck,

Roger White CISSP, CISA, CISM, GSEC
Certified SonicWALL Instructor
Network Security Team
Invenio Technology
(212)244-4994 ext. 715
(917)326-0386
Need Help call anytime.
 
Upvote 0 Downvote
Many thanks for these suggestions, i will try them out and get back to you if i am still having issues.

M8KWR
 
Upvote 0 Downvote
I am unsure what you mean by the NAT T on the vpn client?? could you explain please

I am trying to sort this out as the guy who set it up originally has left...

The IPSEC feature on the BT Voyager, is this the Secondary IP address feature. If so what would this need changing to, would it be the Ip address as what i am trying to connect to through the sonicwall client?

Many thanks again for all your help
 
Upvote 0 Downvote
Assuming you have the IKE service open in your firewall rules, you should confirm that in the IKE rule you have "allow fragmented packets" checked. If you don't, a device using a NAT address will not be able to exchange keys.

If I remember correctly.
 
Upvote 0 Downvote
The allow fragmented packets is checked.

One thing i did notice is that within the VPN Policies in the advanced tab that there is an option for "Apply NAT and Firewall Rules " should this be checked???

Many thanks again for everyones help in this matter.
 
Upvote 0 Downvote
I think you want to work out where the problems lays.
First thing is to look at your log viewer.
In the client View > Log Viewer and see where all the Red boxes are.
If they are in around phase one, i would say the BT Voyager thing does not allow IPSEC passthrough, as the dude above said.
Also, 9.7 times out of 10, with the newest Sw GVPN Client, automatic NAT traveral will work.
How far does your client get on the connection before failure?
Have you other users that work fine?
Can you paste their erros logs in to see what's going on?

 
Upvote 0 Downvote
Good Troubleshooting tips Stoppel and Mixpd thanks for making this Forum kick Butt.

Now M8KWR, has any of the solutions work?? Please respond back and let people know. It's only fair

Roger White CISSP, CISA, CISM, GSEC
Certified SonicWALL Instructor
Certified Security Architect and Auditor
Network Security Team
Invenio Technology
(212)244-4994 ext. 715
(917)326-0386
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
349
Shmid
Shmid
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
280
intel233
intel233
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
84
Russtoleum
Russtoleum
Maakus
  • Locked
  • Question
SonicWall
Replies
4
Views
102
Maakus
Maakus
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
76
ISDPCMAN
ISDPCMAN

Part and Inventory Search

Sponsor

Back
Top