TZ370 cannot join external VPN (IKEv2) from VLAN behind Firewall
Wolf
Newbie ✭
Hello everyone,
I have created some VLAN inside X0. The PC connected to the VLAN although they can surf the internet cannot join external VPN. The Windows error code is 809 VPN: The network connection between your computer and the VPN server could not be established because the remote server is not responding ... obviously the vpn server works perfectly!
What did I forget? What did I do wrong? Thanks.
Category: Entry Level Firewalls
0
Answers
If I understand the VPN server you refer to is "out on the internet, external to your environment"
Have you implemented Firewall rules that permit the VPN through the firewall?
I'll make the assumption is an IPSEC VPN
Here is the MS article
Troubleshoot Always On VPN | Microsoft Docs
specifically 809 points to UDP 500 and UDP 4500 used when establishing an IPSEC VPN from behind a NAT device.
Hello Mark,
yes, I have. I also checked VPN server and is working perfectly. Behind firewall I created some VLAN and they work fine except for connecting to external VPNs. On VPN server seems that only packets on udp port 500 are being transmitted but 4500.
Thanks
@Wolf
you should check access rules Vlan zone to Wan and Wan to Vlan zone. especially you should disable sonicwall ipsec vpn service and try again.
Hello @MitatOnge
I solved, the problem is with the modem or the internet line or both. I used the internet data backup line and everything works.
The weird thing is that everything works except vpn connections.
Thanks you all
hi @Wolf
maybe, Master ISP line was working vpn service when you want to access external vpn server.