IP address pool exhausted
I have a TZ400 setup with 27 SSL VPN licenses and maybe 19 users using it total. Up until recently, there were no issues but maybe in the last two weeks, users attempting to connect we’re receiving an “IP addresses exhausted” error within NetExtender.
When I logged into the Sonicwall, I saw a few users has 4x or 5x sessions with varying session times so I manually killed the ones that were the most stale thinking that would resolve it as maybe they don’t fully disconnect the NetExtender at the end of the day but again today I have the same thing happening and there are plenty of addresses available in the SSL VPN IP Pool and the DHCP server running on Windows Server has 60% free so I’m not sure what’s causing this all of a sudden?
The firmware is SonicOS Enhanced 6.5.4.8-89n
Answers
FYI SSL VPN bookmark works for users as a workaround.
Over the weekend we're going to update the firmware to the newest build, and I've created a new SSL VPN IP Pool on it's own subnet to see if that helps.
What I can say is that it's a known issue on 6.5.4.8. Depends on your needs, you can open a support ticket or upgrade to 6.5.4.9.
@PaulS83 have had this in 2018 as something was change in the firmware :
_______
I set up a TZ600 with 7 SSLVPN license / users for another customer. As (before) always I set up an SSLVPN IP pool. This is in the local network area. Now the customer encountered significant errors "ip pool exhausted" and other strange access problems via the tunnel. Just had contact with a supporter under case # 42863433 who explained to me that in the new firmware the IP circle must NOT be the same as the network in the LAN. So a completely new one, so that the routing works. And you now have more filter options, etc.
--------
this helped me till now...
--Thomas
This morning I did the firmware upgrade and changed the SSL VPN IP Pool to it's own virtual subnet so that should clear things up.
@PaulS83 fyi see other posts here.
--Thomas