Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Super Massive 9200. New IPSEC VPN tunnel not usable until unit is restarted.

ShareOneIncShareOneInc Newbie ✭
edited December 2021 in High End Firewalls

My company uses VPN tunnels to connect with many of our customers and some third-party vendors. The VPN connections work fine except that when we create a new one it will show as up but the Sonicwall does not route traffic to it until after a reboot. From that point on, it will work as expected. In a similar vein, if a tunnel is down when the unit reboots, we have to reboot again after the tunnel is back up. I've looked at logs and everything else I can think of and cannot see what is going wrong. Any direction or advice would be appreciated.


Super Massive 9200 HA Pair running SonicOS Enhanced 6.5.4.9-92n

Category: High End Firewalls
Reply
Tagged:

Answers

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    Hi @ShareOneInc,

    This behavior started after the SonicOS Enhanced 6.5.4.9-92n upgrade or it was there with previous firmware versions?

  • It has been an issue for at least the last five years. We've finally reached the point whre no one on staff has any more ideas. At first we thought it was an OSPF related problem because the new VPN routes were not advertised without a reboot but as more subnets were directly connected to this Sonicwall pair, we realized that those subnets also could not route traffic through the tunnels without a reboot. Sonicwall support has logged in to these units a couple of times and could not see anything misconfigured. At this point, I'm looking for any suggestions.


    Thanks!

  • AjishlalAjishlal All-Knowing Sage ✭✭✭✭

    did you consult with Sonicwall support?

  • Hi Ajishlal,

    Sorry for delayed response; things got busy.

    Yes, support has done a couple of remote access sessions and cannot find anything wrong. I'm probably going to have them look again because, in the past, they were concentrating on the OSPF configuration and now I don't think that the problem is there.

    I was hoping someone in the community would see this and recognize the issue. Thank you for responding.

  • MitatOngeMitatOnge Cybersecurity Overlord ✭✭✭

    Hi @ShareOneInc ,


    did you check reboot cause into the TSR report?

    search "whatcdog" or "restart" words.

    last thing are you using HA cluster?

Sign In or Register to comment.