Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

VPN Site to Site Problem

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    prestonpreston All-Knowing Sage ✭✭✭✭
    Answer ✓

    Not sure why the rules weren't auto created, just check that in Zones/VPN the below are enabled you may need to reboot the firewall after for the rule to be created,

    also if they already are check the existing firewall access rule and under optional settings that Allow management traffic is ticked

Answers

  • prestonpreston All-Knowing Sage ✭✭✭✭

    Hi @alijan125 , you need to enable this on each of the site to site VPN policies in the Advanced tab as below

  • alijan125alijan125 Newbie ✭

    Do you mean the said step shoudl I configure on Branch B's Site to Site VPN Policy's Advance Tab?

  • alijan125alijan125 Newbie ✭

    I checked https already selected in the advanced tab of Branch B's VPN Site to Site policy but I am unable to access 172.16.26.1 Management from Head Office I checked this from Branch B's Network LAN

  • alijan125alijan125 Newbie ✭

    In Branch B we have installed SOHO250 model of Sonic. I may be the model issue where auto rules are not created I think. Secondly Sir you have shown one rule and highlighted the allow Managemnet Traffic would you kindly tell me in which branch's sonic rule I have to check??? as your screenshot belongs to sonic OS7 while in my both branches I am using lesser version as per model

  • prestonpreston All-Knowing Sage ✭✭✭✭

    it was the Branch B to check the rule and Zone settings, even though I'm on Gen7 the same rules and options are available on gen6 appliances they may just be in a different tab

  • alijan125alijan125 Newbie ✭
    Ok Sir let me check ✔️ can you please tell me in SOHO 250 when we configure site to site VPN do you think this model doesn't create auto rules in VPN to LAN zone
  • prestonpreston All-Knowing Sage ✭✭✭✭
    edited August 29

    Hi Alijan125, it should auto create the rules as long as the settings haven't been changed from the default in the Zone or if someone selected suppress automatic firewall rule creation when the VPN was set up, the quickest thing to do would be to screen shot the settings from the VPN on site B and then delete the VPN policy and then re-create it, it should then re-create all the default rules needed

  • alijan125alijan125 Newbie ✭

    Thanks a lot Sir. I am now able to ping 172.16.26.1 Management of Branch B from Head Office. I followed you I edited the rule and in the last there was option Enable Management which was not selected I checked and now I am accessing from Head Office. Once Again thanks Sir God bless you

  • alijan125alijan125 Newbie ✭

    Sir Now I am able to ping 172.16.26.1 but when I browse the same in my browser from Head Office LAN PC username & password page displayed after entering the credentials I am getting the error as shown below:

    Please Sir further guide me

  • alijan125alijan125 Newbie ✭

    I checked in Opera the error occured after entering username and password shown below

  • prestonpreston All-Knowing Sage ✭✭✭✭
    edited August 29

    you would be best to re-create the VPN policy on Site B and also delete the custom access rule, make sure when re-creating the VPN you enable Allow Management using this SA for HTTPS, this will re-create all the automatic rules needed for the VPN and the management

  • alijan125alijan125 Newbie ✭

    ok Sir thank you

Sign In or Register to comment.