I screwed up My GVC VPN connection.. UGGG
Rage
Newbie ✭
GVC Connection works but cant get out to web
I am using the GVC client, with a old TZ100 that has a GVC licence on it.
I need to have all traffic pass through the NAS to allow the client to use the WAN ip.
** So no split tunnels...
1. The client does connect.
2. The client gets an IP and gateway (And they look correct)
3. I can navigate the LAN no problem.
The issue I am having is:
4. No WAN/Web.
What did I miss, I "assumed" since the Client PC got the correct gateway it would use it to surf the web etc.
** I know it should work it did in the past on the same hardware, just not sure what to look for.
Cheers
Best Answers
-
CORRECT ANSWER
KaranM
Administrator
Hello @Rage ,
I hope you are doing good!
From the description, I understood that you are trying to use the Route All Traffic feature of WAN Group VPN wherein the remote computers(client) will route all the internet traffic through its VPN to the UTM network. And it works for the part where the client machine can access the local network at the UTM site but it (client machine) is not able to access the internet. Can you please follow the below:
- Make sure the configuration is according to https://www.sonicwall.com/support/knowledge-base/how-can-i-configure-a-route-all-traffic-wan-groupvpn-policy/170912174125571/.
- Then run the ping test on the client machine, try pinging 8.8.4.4 and google.com. If the ping for 8.8.4.4 is successful and the ping for google.com fails then it can be an issue related to DNS, please check DNS settings.
- If both the ping test fails, then please run a packet capture, this will help us to understand what is happening with the traffic flow when you try to access the internet.
- Please click on monitor default and then set the packet monitor as per the screenshot below:
- Click on START capture and simultaneously run the ping to 8.8.4.4 from the client machine, please make sure no other device in the network is trying to ping 8.8.4.4.
- Now export the capture in Libpcap and HTML, you can check the flow in Wireshark or on the device(UTM) itself under captured packets see if the packet flow is wrong or if there are any dropped packets with the reason for the drop.
Thank You
Knowledge Management Senior Analyst at SonicWall.
6 -
CORRECT ANSWER
Jayan_Gowda1993
SonicWall Employee
Hi Rage,
Hope you are doing good and safe.
As i understood based on your notes, user was able to get connected through GVC but was still unable to access the internet.
Please add WAN remote access as VPN access for the user and also Create a NAT policy
Original Source: Any
Translated Source: Internet providing interface IP(ex:default X1 ip)
Original Destination: Any
Translated Destination:Original
Original Service: Any
Translated Service: Original
Inbound Interface: Internet providing interface(ex:default X1)
Outbound Interface: Internet providing interface(ex:default X1)
and also Create a access rule from VPN-WAN.
Thanks & Regards,
Jayan Gowda
6 -
CORRECT ANSWER
Nevyaditha
Moderator
Hi,
I dont see the NAT policy in the second screenshot that would forward the traffic to the Internet from the VPN clients,
Please create below NAT policy :
Original Source: Any
Translated Source: X1 IP
Original Destination: Any
Translated Destination:Original
Original Service: Any
Translated Service: Original
Inbound Interface: X1
Outbound Interface: X1
Please try to disable the connection and then reconnect again after the NAT is configured.
Thank You !!
Nevyaditha P
Technical Support Advisor, Premier Services
1 -
CORRECT ANSWERNevyaditha
Moderator
@Rage ,
The sonicwall uses the IP address binded to the the interface of X1 for the processing of the traffic. So whatever IP is shown on X1, firewall will forward the traffic to the gateway mentioned on the X1 Interface.
I believe this should take care of the issue, do let us know if you have any other concerns or queries when using GVC Clinet.
Nevyaditha P
Technical Support Advisor, Premier Services
5
Answers
Still having the issue
At this point I can Global VPN in via client, and can ping LAN addresses.
I can not ping 8.8.8.8 (Default DNS)
So (I assume) my issue is not DNS
I tried to ping google and it showed me and odd address likely IP6.
I was able to cut and paste that address into chrome and I did get to the site, but not to any ip4 addresses.
Hi @Rage ,
What is the error message on web or the ping repsonse you get when trying to access any IPv4 address ?
Can you do a capture on SonicWALL only for ICMP traffic and generate the traffic from clients for Ipv4 address (ping 8.8.8.8 or 8.8.4.4) and let know what is packet status for that traffic hitting sonicwall.
Please check the logs on sonicwall, probably you can filter based on the IP address and get some hint from event logs as well.
--Nevyaditha
Nevyaditha P
Technical Support Advisor, Premier Services
Unsure what to set for log category or level so I winged it...
I'm seeing Code 0 and Handshake violation
I could ping 10.34.253.41 (LAN Address) but not 8.8.4.4
The VPN Client was assigned 10.34.253.190 (Tie Fighter)
I logged in as Rage
184.105.97.80 is the sonicwall static external ip
Filter Dest 8.8.4.4
-------------------
05/05/2020 22:48:25.640 Info Network Access ICMP packet allowed 10.34.253.190, 1, X1 (Rage) 8.8.4.4, 8, X1, dns.google ICMP Echo, Code: 0
05/05/2020 22:31:19.080 Info Network Access ICMP packet allowed 184.105.97.80, 3, X1 8.8.4.4, 3, X1, dns.google ICMP Destination Unreachable, Code: 3
----------
Filter Source 10.34.253.190
----------------
05/05/2020 22:50:19.128 Info DHCP Relay DHCP RELEASE received from remote device 10.34.253.190, 68, X1 10.34.253.100, 67, X0 IP=10.34.253.190, HostName: Tie-Fighter
2 05/05/2020 22:50:07.016 Notice Network Access TCP handshake violation detected; TCP connection dropped 10.34.253.190, 60988, X1 (Rage) 35.174.210.7, 443, X1, ec2-35-174-210-7.compute-1.amazonaws.com Handshake Timeout
3 05/05/2020 22:49:43.576 Info Network Access ICMP packet allowed 10.34.253.190, 1, X1 (Rage) 10.34.253.41, 8, X0 ICMP Echo, Code: 0
4 05/05/2020 22:49:20.448 Notice Network Access Web management request allowed 10.34.253.190, 60989, X1 (Rage) 10.34.253.100, 443, X0 TCP HTTPS
5 05/05/2020 22:49:01.672 Notice Network Access TCP handshake violation detected; TCP connection dropped 10.34.253.190, 60962, X1 (Rage) 54.85.240.191, 443, X1, ec2-54-85-240-191.compute-1.amazonaws.com Handshake Timeout
6 05/05/2020 22:48:25.640 Info Network Access ICMP packet allowed 10.34.253.190, 1, X1 (Rage) 8.8.4.4, 8, X1, dns.google ICMP Echo, Code: 0
7 05/05/2020 22:48:15.848 Notice Network Access Web management request allowed 10.34.253.190, 60960, X1 (Rage) 10.34.253.100, 443, X0 TCP HTTPS
8 05/05/2020 22:31:35.592 Notice Network Access TCP handshake violation detected; TCP connection dropped 10.34.253.190, 59797, X1 35.174.210.7, 443, X1, ec2-35-174-210-7.compute-1.amazonaws.com Handshake Timeout
9 05/05/2020 22:31:33.496 Info DHCP Relay DHCP RELEASE received from remote device 10.34.253.190, 68, X1 10.34.253.100, 67, X0 IP=10.34.253.190, HostName: Tie-Fighter
10 05/05/2020 22:30:45.336 Notice Network Access Web management request allowed 10.34.253.190, 59787, X1 (Rage) 10.34.253.100, 443, X0 TCP HTTPS
Hi @Rage,
I think we may be missing out the access rule in SonicWall for Internet access for VPN users. Could you please check for the access rule from VPN to WAN? If you don't see a rule in this VPN to WAN section, please feel free to add one after taking a configuration backup once. For instance, the rule can be of Any, Any, Any, Allow format.
In case if the access rule is already in place, I think the best way to determine the reason for not being able to ping 8.8.4.4 or access Internet would be to capture packets at the firewall level. We will use built-in packet tracing tool in the SonicWall called 'Packet Monitor' in this situation.
Please follow below steps,
Please check for dropped packets or packets not getting NATTED. This will helps us to isolate the issue and figure out the solution. I hope this helps out.
Please post here for any further questions or clarifications.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @Rage ,
We see the log as 05/05/2020 22:31:19.080 Info Network Access ICMP packet allowed 184.105.97.80, 3, X1 8.8.4.4, 3, X1, dns.google ICMP Destination Unreachable, Code: 3
Can you please check if the WAN Remote access network is included for the user and also for Trusted User group under VPN access list ( OR the group that is selected under WAN group VPN ).
It is strange that IPv6 is working and not IPv4 taffic. So can you please check if there is an access rule available for both Ipv6 and Ipv4 taffic.
At the client side ty to do a traceroute for the 8.8.8.8 and check at what hop the connection is failing ?
Thank You!!
Nevyaditha P
Technical Support Advisor, Premier Services
I see VPN to WAN rules:
And user does have Wan Remote Access..
FYI not familiar with packet monitoring.
I will give it a try, but I don't see Investigate tab etc...
hmm non Dropped
--File Index : 1.--
--19 packets captured.--
-----Statistics------------
Number Of Bytes Failed To Report: 0
Number Of Packets Forwarded : 14
Number Of Packets Generated : 1
Number Of Packets Consumed : 4
Number Of Packets DROPPED : 0
Number Of Packets Status Unknown: 0
*Packet number: 1*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.736):
in:X0*(interface), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[44:d9:e7:b2:46:4d], Dst=[00:17:c5:73:2d:8c]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.163], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 23500
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8c44d9 e7b2464d 08004500 00540000 40004001 *...s-.D...FM..E..T..@.@.*
26d80a22 fda30808 04040800 5bcc5a06 0f5b4419 df412029 *&.."........[.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 2*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.768):
in:--, out:X0*, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:73:2d:8c], Dst=[44:d9:e7:b2:46:4d]
IP Packet Header
IP Type: ICMP(0x1), Src=[8.8.4.4], Dst=[10.34.253.163]
ICMP Packet Header
ICMP Type = 0(ECHO_REPLY), ICMP Code = 0(), ICMP Checksum = 25548
Value:[0]
Hex and ASCII dump of the packet:
44d9e7b2 464d0017 c5732d8c 08004500 00540000 00003601 *D...FM...s-...E..T....6.*
70d80808 04040a22 fda30000 63cc5a06 0f5b4419 df412029 *p......"....c.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 3*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.784):
in:X0*(interface), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[44:d9:e7:b2:46:4d], Dst=[00:17:c5:73:2d:8c]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.163], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 23500
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8c44d9 e7b2464d 08004500 00540000 40004001 *...s-.D...FM..E..T..@.@.*
26d80a22 fda30808 04040800 5bcc5a06 0f5b4419 df412029 *&.."........[.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 4*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.800):
in:--, out:X0*, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:73:2d:8c], Dst=[44:d9:e7:b2:46:4d]
IP Packet Header
IP Type: ICMP(0x1), Src=[8.8.4.4], Dst=[10.34.253.163]
ICMP Packet Header
ICMP Type = 0(ECHO_REPLY), ICMP Code = 0(), ICMP Checksum = 25548
Value:[0]
Hex and ASCII dump of the packet:
44d9e7b2 464d0017 c5732d8c 08004500 00540000 00003601 *D...FM...s-...E..T....6.*
70d80808 04040a22 fda30000 63cc5a06 0f5b4419 df412029 *p......"....c.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 5*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.816):
in:X0*(interface), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[44:d9:e7:b2:46:4d], Dst=[00:17:c5:73:2d:8c]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.163], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 23500
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8c44d9 e7b2464d 08004500 00540000 40004001 *...s-.D...FM..E..T..@.@.*
26d80a22 fda30808 04040800 5bcc5a06 0f5b4419 df412029 *&.."........[.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 6*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.832):
in:--, out:X0*, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:73:2d:8c], Dst=[44:d9:e7:b2:46:4d]
IP Packet Header
IP Type: ICMP(0x1), Src=[8.8.4.4], Dst=[10.34.253.163]
ICMP Packet Header
ICMP Type = 0(ECHO_REPLY), ICMP Code = 0(), ICMP Checksum = 25548
Value:[0]
Hex and ASCII dump of the packet:
44d9e7b2 464d0017 c5732d8c 08004500 00540000 00003601 *D...FM...s-...E..T....6.*
70d80808 04040a22 fda30000 63cc5a06 0f5b4419 df412029 *p......"....c.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 7*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.848):
in:X0*(interface), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[44:d9:e7:b2:46:4d], Dst=[00:17:c5:73:2d:8c]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.163], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 23500
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8c44d9 e7b2464d 08004500 00540000 40004001 *...s-.D...FM..E..T..@.@.*
26d80a22 fda30808 04040800 5bcc5a06 0f5b4419 df412029 *&.."........[.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 8*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.864):
in:--, out:X0*, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:73:2d:8c], Dst=[44:d9:e7:b2:46:4d]
IP Packet Header
IP Type: ICMP(0x1), Src=[8.8.4.4], Dst=[10.34.253.163]
ICMP Packet Header
ICMP Type = 0(ECHO_REPLY), ICMP Code = 0(), ICMP Checksum = 25548
Value:[0]
Hex and ASCII dump of the packet:
44d9e7b2 464d0017 c5732d8c 08004500 00540000 00003601 *D...FM...s-...E..T....6.*
70d80808 04040a22 fda30000 63cc5a06 0f5b4419 df412029 *p......"....c.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 9*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.880):
in:X0*(interface), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[44:d9:e7:b2:46:4d], Dst=[00:17:c5:73:2d:8c]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.163], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 23500
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8c44d9 e7b2464d 08004500 00540000 40004001 *...s-.D...FM..E..T..@.@.*
26d80a22 fda30808 04040800 5bcc5a06 0f5b4419 df412029 *&.."........[.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 10*
Header Values:
Bytes captured: 98, Actual Bytes on the wire: 98
Packet Info(Time:05/06/2020 09:35:38.912):
in:--, out:X0*, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:17:c5:73:2d:8c], Dst=[44:d9:e7:b2:46:4d]
IP Packet Header
IP Type: ICMP(0x1), Src=[8.8.4.4], Dst=[10.34.253.163]
ICMP Packet Header
ICMP Type = 0(ECHO_REPLY), ICMP Code = 0(), ICMP Checksum = 25548
Value:[0]
Hex and ASCII dump of the packet:
44d9e7b2 464d0017 c5732d8c 08004500 00540000 00003601 *D...FM...s-...E..T....6.*
70d80808 04040a22 fda30000 63cc5a06 0f5b4419 df412029 *p......"....c.Z..[D..A )*
f0426b00 000000b0 bd400010 00000000 0000a005 f0421000 *.Bk......@...........B..*
f0424419 df410000 02000474 0b000000 00002029 f0421000 *.BD..A.....t...... ).B..*
f042 *.B *
*Packet number: 11*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:40.528):
in:X1*(interface), out:--, Consumed, Module Id:21, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17943
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acb 00008001 *...s-.tM(."...E..<......*
1c0c0a22 fdbc0808 04040800 46170001 07446162 63646566 *..."........F....Dabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 12*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:40.528):
in:X1*(hw-crypto), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17943
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acb 00008001 *...s-.tM(."...E..<......*
1c0c0a22 fdbc0808 04040800 46170001 07446162 63646566 *..."........F....Dabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 13*
Header Values:
Bytes captured: 126, Actual Bytes on the wire: 126
Packet Info(Time:05/06/2020 09:35:41.192):
in:X1*(system-stack), out:X1, Generated (Sent Out), 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[00:00:00:00:00:00], Dst=[00:00:00:00:00:00]
IP Packet Header
IP Type: ICMP(0x1), Src=[184.105.97.80], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 3(DESTINATION_UNREACHABLE), ICMP Code = 3(PORT_UNREACHABLE), ICMP Checksum = 14564
Inner IP Packet Decode:
IP Packet Header
IP Type: UDP(0x11), Src=[8.8.4.4], Dst=[184.105.97.80]
UDP Packet Header
Src=[53], Dst=[4137], Checksum=0x0, Message Length=109 bytes
Application Header
DNS:
Value:[0]
Hex and ASCII dump of the packet:
00000000 00000000 00000000 08004500 007064c9 00004001 *..............E..pd...@.*
effeb869 61500808 04040303 38e40000 00004500 0081a42b *...iaP......8.....E....+*
00007811 787b0808 0404b869 61500035 1029006d 00002746 *..x.x{.....iaP.5.).m..'F*
81830001 00000001 00000331 32340231 32023539 03313338 *...........124.12.59.138*
07494e2d 41444452 04415250 4100000c 0001c010 00060001 *.IN-ADDR.ARPA...........*
00000257 002d *...W.- *
*Packet number: 14*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:45.192):
in:X1*(interface), out:--, Consumed, Module Id:21, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17942
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acc 00008001 *...s-.tM(."...E..<......*
1c0b0a22 fdbc0808 04040800 46160001 07456162 63646566 *..."........F....Eabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 15*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:45.192):
in:X1*(hw-crypto), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17942
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acc 00008001 *...s-.tM(."...E..<......*
1c0b0a22 fdbc0808 04040800 46160001 07456162 63646566 *..."........F....Eabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 16*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:50.192):
in:X1*(interface), out:--, Consumed, Module Id:21, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17941
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acd 00008001 *...s-.tM(."...E..<......*
1c0a0a22 fdbc0808 04040800 46150001 07466162 63646566 *..."........F....Fabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 17*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:50.192):
in:X1*(hw-crypto), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17941
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0acd 00008001 *...s-.tM(."...E..<......*
1c0a0a22 fdbc0808 04040800 46150001 07466162 63646566 *..."........F....Fabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 18*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:56.032):
in:X1*(interface), out:--, Consumed, Module Id:21, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17940
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0ace 00008001 *...s-.tM(."...E..<......*
1c090a22 fdbc0808 04040800 46140001 07476162 63646566 *..."........F....Gabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
*Packet number: 19*
Header Values:
Bytes captured: 74, Actual Bytes on the wire: 74
Packet Info(Time:05/06/2020 09:35:56.032):
in:X1*(hw-crypto), out:X1, Forwarded, 0:0)
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[8.8.4.4]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17940
Value:[0]
Hex and ASCII dump of the packet:
0017c573 2d8d744d 289522f9 08004500 003c0ace 00008001 *...s-.tM(."...E..<......*
1c090a22 fdbc0808 04040800 46140001 07476162 63646566 *..."........F....Gabcdef*
6768696a 6b6c6d6e 6f707172 73747576 77616263 64656667 *ghijklmnopqrstuvwabcdefg*
6869 *hi *
hmm Text is not posting.
Will Try again
FYI The global Client was at 10.34.253.188
Hi @Rage,
Thanks for checking the suggestions and sharing the screenshots. We'll go ahead and perform packet capture on the SonicWall.
Please follow below steps,
Please check for dropped packets or packets not getting NATTED. Please share the screenshots here.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Looks like it posted 3 times, My bad. (Sorry)
Do you see anything in that capture that could help me?
Maybe I need to do a capture with a different configuration?
Hi @Rage ,
The capture that you have pasted shows both the Echo Request and Echo Reply packets from 10.34.253.163 to 8.8.4.4 and vice-versa.
I would request you to open a support ticket with us so we can guide you over the remote session and perform real-time troubleshooting.
Thanks,
Nevyaditha P
Nevyaditha P
Technical Support Advisor, Premier Services
Here is an attempt to ping google from within the Global VPN connection
Odd That it appears to reply with the 2607:f8b0.... but not the ip 4 172.217.5.78..
I monitored 172.217.5.78 instead of 8.8.4.4
Ethernet Header
Ether Type: IP(0x800), Src=[74:4d:28:95:22:f9], Dst=[00:17:c5:73:2d:8d]
IP Packet Header
IP Type: ICMP(0x1), Src=[10.34.253.188], Dst=[172.217.5.78]
ICMP Packet Header
ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0(), ICMP Checksum = 17476
Value:[0]
Forwarded 0:0)
Also if I try to web browse it get cashed pages but no new page data.
Maybe I need to change the packet monitoring settings.
I am open to suggestion. (Worst case I learn something..)
Hello @Rage,
Based on the packet capture, it looks like the packets are being forwarded but there is no response. The NAT policy that you added specific to this traffic, do you see any statistics on it? Does it show any usage count or tx,rx bytes?
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Thanks for the reply.
"The NAT policy that you added specific to this traffic, do you see any statistics on it? Does it show any usage count or tx,rx bytes?"
Which NAT policy should I be checking I don't see anything labeled VPN etc...
I assume this will be in custom...
Some of these are no longer in use..
So I am going to go down the list and disable all with no traffic and see what happens.
I was too slow to edit the previous post...
I disabled or removed all nat policies with no traffic to clean it up...
I agree with @Nevyaditha. This NAT was suggested at the beginning of this post. I assumed you still had it.
Could you please add it again and then test the connection?
Thanks
Shipra Sahu
Technical Support Advisor, Premier Services
I have created the NAT policy with no improvement.
I do have a question about Source IP (X1 IP), I assume I am correct to use the IP of the PPPOE connection.
I used the IP of the PPPOE provided to the Sonicwall i.e. 10.70.2.15 (X1 Default Gateway)
Should I be using the Public IP instead?
I changed the X1 IP from My PPPOE connection IP to my public IP and it seems to be working. :)
I need to test more but it looks good at this point..
Thank you all for your time.
I will post again if there is an issue.
Yes, it should be X1 IP. Although, it's PPPoE and might change, SonicWall should use that for NATting outbound traffic. You can see rule number 8 doing the same for your LAN traffic.
Please monitor and see how it goes.
Shipra Sahu
Technical Support Advisor, Premier Services