Global VPN Client Can't Acquire IP Address

vpn firewall sonicwall
26,520

Solution 1

In your description it is a bit confusing, where you say: "If I turn off the virtual IP address I am able to connect just fine. I need the vpn clients to be able to reach other machines in the domain though, so I need the virtual ip."

What does that really mean - is it that you turned off DHCP, is that what you mean by "turn off the virtual IP address"?

Even though you already know how to set up the Sonicwall, since there is a problem it could be prudent for you to review the process for setting up. Here is a site that may be a different description and so may provide an alternate viewpoint:
http://howto.techworld.com/security/448/setting-up-a-user-to-network-vpn/

Solution 2

With the Virtual adapter set to "none", one of the keys is to have "NAT Traversal = enabled" - Sonicwall / VPN / Advanced

The other main consideration is to give the user access to the office Lan. My Office LAN network is defined as the "Lan Subnet" in the sonicwall. Under Local Users (in the case of no AD integration), make sure the User is allowed access to "Lan Subnets" in my case.

Share:
26,520

Related videos on Youtube

Quisse
Author by

Quisse

Updated on September 17, 2022

Comments

  • Quisse
    Quisse over 1 year

    We have a Sonicwall Pro 2040 and are having issues with our VPN clients. None are able to connect as they all stop at the point of acquiring an ip address.

    I have tried all the ideas that I have come across including turning nat traversal on and off. Have tried using the sonicwall dhcp server and the network dhcp server. Have created a new policy, and no change. If I turn off the virtual IP address I am able to connect just fine. I need the vpn clients to be able to reach other machines in the domain though, so I need the virtual ip. I am completely at a loss at this point and it is looking like this is going to eat up my weekend.

    Anyone have any experience with this or any possible ideas?

  • Quisse
    Quisse over 13 years
    Sorry that it was confusing. In the link you sent you'll see there is a check box that says Use DHCP to assign a Virtual IP. If I un check that box I can get a stable VPN connection but I am not able to connect to anything behind the firewall. I need to be able to communicate with devices behind the firewall and therefore I need DHCP to work,but it seems it won't.
  • Beel
    Beel over 13 years
    OK, so that confirms what I thought you meant.What address does the VPN client have when DHCP is not used?
  • Beel
    Beel over 13 years
    Oops - not finished. I;m thinking that when you get an address from DHCP, the SOnicwall has a routing rule that allows the traffic to find its way from the client to a target and back. And when DHCP is not used then whatever address the client uses, is not properly routed. Perhaps you could try manually assigning one of the DHCP addresses.
  • Quisse
    Quisse over 13 years
    @Beel Manually assigning does work, but that is easy for me for my end users not so much. I have new information though. I got wireshark up and going on the DHCP server and I see that the firewall is successfully sending the DHCP request and the DHCP server assigns an ip. I put wireshark on the client and they never receive a dhcp assignment so it seems the firewall is not passing the DHCP request back to the VPN client. I also checked my rules and I have Lan->VPN Allow Any
  • Beel
    Beel over 13 years
    Yes, josh, I agree that manually setting addresses is not the actual solution. The thought was to just see if that address range worked.<br /><br />What OS version is the Sonicwall? Can you not allow the Sonicwall to be the DHCP server, instead of an external DHCP server? And, can you log the outgoing traffic from the Sonicwall so as to see if DHCP is leaving it, as opposed to not being received by the client?
  • Beel
    Beel over 13 years
    Here is a pertinent thought copied from Kevin Kuphal in: serverfault.com/questions/38069/… Do you have each of the subnets in question defined as VPN subnets in the Sonicwall network object configuration? If you have them classified as LAN or WAN, then your "LAN to VPN" rules won't apply
  • Deer Hunter
    Deer Hunter about 9 years
    Prayers' results are very much user-dependent.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Can you run a VPN connection over HTTP?
UFW or IPTables on Ubuntu for OpenVPN?
Can't connect to PPTP VPN with ufw enabled on Ubuntu 14.04 with kernel 3.18
UFW for OpenVPN
WireGuard VPN and Uncomplicated Firewall
How to configure ufw-firewall for OpenVPN
How to access google/github respository behind VPN?
How to connect to Windows 7 via VPN?
Best way to secure RDP connections WITHOUT VPN?
VPN Setup: Mac OS X and SonicWall