If you don’t already have one, you should create an account on mysonicwall.com. Gives you access to support ticketing and let’s you see if you have support on that device.
Dell Sonicwall support can be hit and miss. I have had some great turnaround on some tickets. Currently, I am working on an issue that has been going on for 3 weeks with a router. CPU randomly hits 100%, kernel panics and reboots. They wanted me to upgrade the firmware again. Which we had previously did when we first started the ticket.
This should all be irrelevant as you’re not concerned with enabling RDP/Terminal Services access from the WAN. You need to be looking at Access Rules for SSL VPN (SSLVPN to LAN, and LAN to SSLVPN).
I would also ensure that the SSL VPN is handing out proper DNS settings. You want to make sure its DHCP config has your LAN’s DNS servers specified (assuming DNS is hosted on servers).
FYI:I it is somewhat common for Sonicwall vpn/firewall combos to have issues with RDP working as expected … it has something to do with the TCP implementation that multiple models and versions of theirs use. I can’t say for sure if your model is affected, but I wouldn’t rule it out.
I’m pretty sure this is because you are 192 at work and home.
Can you disable “split tunneling” on the sonicwall? Basically, split tunneling makes it so regular internet traffic goes over their connection and VPN stuff is routed accordingly.
If you can route ALL traffic via VPN, this will most certainly fix it!
Looking at the thread notes, I think part of the problem might be that your remote SSL VPN client is getting a mask of 255.255.255.255. On the routes tab of the netextender client, look for 192.168.168.0 255.255.255.0. If it is something else, then you need to fix the route as suggested by another poster.
I have seen Sonicwalls purchased w/out warranty before. Your TZ105 model cost about $250 base appliance. For around $70, you can get 1yr 24/7 warranty from Sonicguard.com. I’d just spring for the warranty so you can get support. Sonicwall support is superb. Be careful how you explain your problem, since they do not claim to allow support calls for device configuration.
Good: I’m calling to get help with SSL VPN. Clients cannot communicate with LAN after connecting. (mention you suspect bad hardware if they give pushback)
Not So Good: I’m calling to get help with SSL VPN. I need someone to configure this for me.
If you don’t have a lot of firewall rules configured, you might try factory resetting the device and starting over. Re-register it with MySonicwall first thing after the factory reset.
I got help from sonicwall support (after ante-ing up for a year), they changed my subnet from the overly used 192.168.1.1 which most routers default to, to a different subnet and that fixed the problem.
Having a different problem now related to my business partner running Windows Vista, he can connect to VPN, he can ping the server IP address that is behind the firewall, but when he tries to RDP into that same IP he gets this error message:
“Because of an error in data encryption, this session will end. Please try connecting to the remote computer again.”
I’d check access rules, just go over them one by one, and check and see if 3389 (RDP port) is allowed for SSLVPN->LAN, and vice versa. Also, what access is his user allowed in local users in the SW? Make sure he has firewalled subnets in there, and is a trusted user (can’t remember exactly how it’s worded in the SW, but it’s under local user properties…)
So you are trying to RDP/ping a w7 device? No matter.
What is your IP config info on the remote network? Is the subnet range being served by the SW reachable from your host machine?
Is your Sonicwall dishing out IP’s to your VPN clients, or are you passing that job on to your internal network? Seems like you have a subnetting problem. What IP address / subnet is the VPN client getting?
Can you rdp into the server from the local network? I would suggest that the firewall is preventing you from accessing the machine via RDP but generally enabling RDP through the gui automatically adds a firewall rule allow rule for you on the windows firewall.
