SonicWall TZ170 VPN HELP

Discussion in 'OT Technology' started by chuggs, Nov 30, 2004.

  1. chuggs

    chuggs Guest

    Im trying to setup a client-to-site VPN tunnel for my company. Im fairly new to VPN's as well, but I followed the online PDF right down to the bone. The VPN is setup and too tell u the truth, it actually works on our LAN. I can use the sonicwall VPN client and actually connect to the SonicWALL VPN server.

    However, when I remote desktop to my home, and setup the same connection with the same client I cannot connect. I cant even ping the firewall, which I guess is normal. Im trying to connect to the firewall external IP. (WAN). Thats correct right?

    I ran the packet trace diag tool as well, but it seems as though my packets arnt even reaching the firewall.

    We have an outside cisco router, but it doesnt block any packets at all, so the router isnt the issue.

    Im lost, any ideas?!
     
  2. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    where does the trace drop off? Does it get to the cisco router?

    The first step is to get traffic to the VPN server before you try to diagnoise VPN problems.
     
  3. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,624
    Likes Received:
    40
    Location:
    Atlanta, GA
    Iit sounds like the sonicwall server is listening on the internal IP (since you can connect from inside your company network), but not on the outside (you said no packets were getting through from home).

    I have never used their products, but there is probably some configuration settings you have to change to allow VPN connetions to come in on the external IP.
     
  4. chuggs

    chuggs Guest

    well, the access lists are already defined to allow incoming traffic from the WAN. So its open and ready for a connection. Im almost 99% sure the config is already correct.

    Jolly: to answer ur question, I dunno if the packets are reaching the cisco router. I wouldnt know how to check or what command to run. Im new to cisco routers.
     
  5. chuggs

    chuggs Guest

    Heres a shot of the main screen
     
  6. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,624
    Likes Received:
    40
    Location:
    Atlanta, GA
    Do a tracert from your home machine to the sonicwall and see how far the data gets.
     
  7. chuggs

    chuggs Guest

    Ive done that, it times out after GRID 4, which is our T1... theres like 12 hops that are timeouts
     
  8. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,624
    Likes Received:
    40
    Location:
    Atlanta, GA
    You might not want to post that screenshot as it has your activation and registration codes on it. :o
     
  9. chuggs

    chuggs Guest

    oops, dumbass. Thanks
     
  10. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    if it's not getting through your T1, then something is wrong with a router there. Either on their side, or your side. I would bet that cisco router you mentioned is for your T1 connection? If so, that's likely the cause. check your ACL again.
     
  11. chuggs

    chuggs Guest

    Your right, our cisco router does provide the T1 connection. It cant be the ACL. Here is a screenshot
    http://personal.cmich.edu/~billi1jm/test1/cisco1.jpg

    our network guy who setup up our network and router told me that everything should pass through our router fine, and without problems...
     

Share This Page