Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Global VPN Routing Issue

DMoody007DMoody007 Newbie ✭
in VPN Client

Need an assist with Global VPN. We moved a server to a DMZ subnet at another facility. I modified the client settings to include the new subnet.

I can connect to the Global VPN. The client shows all the IP ranges are available. I can ping all the subnets except the new DMZ.

Twist. One other user using Global VPN and same client settings is able to do the same but can also ping and connect to resources that I am not able to .

Ran a TraceRt to an IP in the subnet I can ping to. TraceRt does single hop to the IP.

Ran TraceRt to an IP in the subnet I can not ping. TraceRt shows first hop as IP of local gateway and fails.

User that can ping/connect does TraceRt to IP that I can not and gets single hop to IP.

So, thinking my PC is somehow the culprit. Local network does not have same subnet. Laptop has no static routes that can conflict with the specific range. A route print before connecting to Global VPN shows no 10.5 network.

Route Print after connection to Global VPN shows:

10.5.0.0 255.255.255.0 On-Link {assigned IP} 2 (metric)

Sonicwall Interface list shows Sonicwall Virtual NIC as 65

I have uninstalled, removed saved settings and re-installed the client without success.

Wondering why my laptop will not recognize the 10.5 and routes through local instead of Global VPN client.

Any ideas how to proceed?

Douglas

Category: VPN Client
Reply

Best Answer

  • CORRECT ANSWER
    DMoody007DMoody007 Newbie ✭
    Answer ✓

    I found the route cause of the issue: ESET.

    So this is what I found. ESET had a known networks setting for IDS. The IP range was missing. ESET was not alerting that IDS was stopping the traffic. The second computer that was able to work, had a corruption in ESET that was not reporting backing to the server.

    I just disabled ESET just to try because I was running out of ideas and it allowed traffic to flow. Normally wouldn't do that if ESET doesn't show blocked traffic in their logs.

    From there, I determined the other computer needed repair. I added the network to ESET known networks and now both are working correctly.

    Looks like I need to talk with ESET about not reporting blocking and the software failure on the second PC.

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Id try a clean uninstall of GVPN, reset winsock and the IP stack on the laptop, and then reinstall latest version of GVPN.

  • DMoody007DMoody007 Newbie ✭

    TKWITS,

    I tried your suggestion. Sorry to say it did not work.

    As another experiment, we tried the user credentials from the other user that worked on my laptop and same issue. So, we ruled out user rights/policy and returned to specific PC issue.

    Douglas

Sign In or Register to comment.