TZ 370 Netextender server not reachable
MartinMP
Newbie ✭
Hi
For some reason I am not able to connect with my Netextender, it just give me a error "Netextender server not reachable"
SSL VPN is activated and use standard port 4433 I am still not able to brows the site https://my-wan-ip:4433/#/
This is the first time I am experiencing this error, have previously set up several sonicwalls with netextender without any issues.
Has also looked in this guide, just to see if I am missing something
Any suggestions?
kind regards
Martin
Category: Entry Level Firewalls
0
Answers
Hello @MartinMP,
Welcome to the SonicWall community.
Have you tested this with multiple users or just from one location? On the firewall, is the public IP directly configured on the WAN interface, or you have it on DHCP?
Please take a look at the following KB.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi Shipra
Have testet with multiple users and locations also, WAN ip is static. Even if try to open the lan ip of firewall http://192.168.2.1:4433/ site can't be shown
Hi @MartinMP
Check SSLVPN Access enabled in WAN Zone settings.
Hi @Ajishlal
Thanks for your suggetion, but it was already enabled. I think it must be a bug or something, as I have a another TZ 270 running with same firmware as my TZ 370 but where it works on TZ 270.
@MartinMP,
While testing from LAN, please make sure that the toggle switch is enabled for the LAN zone too. If this is occurring for multiple users, I would suggest doing a packet capture on the firewall and checking if TCP 4433 traffic is reaching the firewall or not.
Otherwise, you can try to use 444 as the SSLVPN port and check if that solves the problem. Sometimes, these custom ports are blocked by ISP.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi @MartinMP
Check your ISP modem/router to enable the port forwarding to the SSLVPN port.
If your modem is not in bridge mode (or at very least have the firewall disabled) than you will not be able to get to services offered by your Sonicwall.
Hi all
Thank for all of your suggestions, if I swap my TZ 370 with my old TZ 500 it just running fine with Netextender which have a lot more complex setup than my TZ 370, on the same internet connection.
I will try to do a factory reset, and see what happens.
I was able to get Netextender to work as expected, after a factory reset.
Netextender is running fine on my Windows 10 Pro laptop, and my work iPhone 11.
But on my own Samsung Galaxy S10+, it is not working at all due to Compression Control Protocol (CCP). In my case I am able to connect with Mobile Connect and browse LAN devices but not able to get internet access on my device.
I have collected debug log from my Galaxy S10+ and error ->
2020-05-11 21:06:11.712396 NxPlugin[32184] Using Encryption Cipher: ECDHE-RSA-AES256-GCM-SHA384
2020-05-11 21:06:11.712774 NxPlugin[32184] SSL VPN: Negotiating...
2020-05-11 21:06:12.289831 NxPlugin[32184] ccp is not supported, reply PROTREJ
2020-05-11 21:06:12.474316 NxPlugin[32184] SSL VPN: Connected
If I do the same on my iPhone, both Lan browsing and internet access is working as it should.
Unable To Access Local Resources When Connected Using Mobile Connect On Android And Chromebook
And another link.
As suggested in the posts you provided, you will likely need to contact support for a hotfix (if available for Gen7) to resolve the Android CCP issue.
Yes, I am just waiting their response and hopefully they have a fix.
😲
i followed this to try if this working
... when i goto zone ... the webpage crash and the l;ogin page appear .. i try many time
sonicos 7.01-r1456 ... many of them
so the first time we update firmware and reboot ...
i redo the same thing now here ... i just need customer autorisation for reboot it
i put firmware 7.0.1-5023-r1826
i will update my succes on this one after succes .. but ... i go network and zone ... and bang crash .. login again ...
so i just booted with the new firmware and all is working now
and the zone setting is working now
if you want mot details and you want to =see the backlog of the rooter contact me sonicwall ... im lauserco.com your reseller of montreal
i will give you the id of ths problematic unit in production
ty
dlacroix@lauserco.com