Ping/Ssh using hostname through SSL VPN (NetExtender) fails
Benoit
Newbie ✭
Hi
I set up SSL VPN using https://www.sonicwall.com/support/knowledge-base/how-can-i-setup-ssl-vpn/170505609285133/ with my TZ370 and it was pretty smooth.
I can connect from home from my Win10 laptop to my SonicWall in the office. I can ping/ssh machines using their IP in the LAN. But I can't use their name. (Using the name work when I am in the office though, ie not via SSL/VPN. I can also see the names in Home|Topology)
I found this: https://www.sonicwall.com/support/knowledge-base/ping-to-a-hostname-through-netextender-connection-fails/170505925169950/
which seems to be the exact same problem, but I don't have any WINS server, so not sure to understand the solution.
Any idea what I need to do to resolve the names over SSL VPN, so that I can connect from home to my machines in the LAN at the office?
I did try to enable NetBIOS over SSLVPN in SSLVPN|Clients Setting but it does not help.
I also used "Default DNS Settings" in SSLVPN|Clients Setting and it reused the DNS of my ISP (which does not know my local machines)
THanks so much
B
Answers
Hi @Benoit,
Thank you for visiting SonicWall Community.
With Netbios enabled on the SSLVPN, we should be able to access the resources using host names. Have you tried all the steps from the below KB article meant for Netbios SSLVPN?
If yes, then please make sure you have Netbios enabled on the SSLVPN client and LAN resources that the users are trying to access.
Hope this helps.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Think about the issue. You cannot resolve names to IP addresses. What does that equate to? DNS.
If you are connecting to a network with Active Directory you should be specifying the AD domain name and DNS servers in the SSLVPN client settings. If the device you are connecting from has been joined to that AD domain than you should be all set. If not you'll likely need to use the FQDNs of the servers you are trying to connect to.
@Saravanan Thanks. I tried to create the NetBios Address object as described in the link but when I press "Save", it tells me "Invalid address object" (for 255.255.255.255) (I have version 7.x). Also forced Enable NetBIOS over TCP/IP in the settings
@TKWITS yes, it makes sense. My setup is for now very simple. There is no AD for now, just one user locally defined. I have two Linux workstations directly connected to my TZ370, each of them having their full names set in
/etc/hostnameandetc/hosts. I guess they communicate their name to the LAN, and I was happy to see that when I connect my WIN10 laptop on the LAN, I can just ssh/ping the name of these Linux workstations. However when I do that from SSLVPN, the names are not resolved.It does look like a netbios pb, but I can't create that Address object with 255.255.255.255.
What is the NetBios IP Helper supposed to do? I tried as well but without any success.
Thanks
If you are putting computer names in your linux local HOSTS files I would suggest you do the same on the Windows machine. Make it easier on yourself.
I meant each
/etc/hostsonly has its own name, not the names of others, eg on UbuntuWould love to make it work !
Thanks again for your help
Hi @Benoit,
Thanks for trying out the suggestions and confirming the same. It looks like the issue needs to be investigated over real-time troubleshooting session. May I request you to approach our support team to seek further assistance?
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @Benoit,
If you have Local DNS server, You can follow the the below KB:
If you don't the local DNS server, You must have to add the Server host static IP in your local machine host file,
For example if you are using Windows machines;
All Files (*.*)from the file type drop-down.hostsfile.192.168.1.100 DarwinsrvFor example if you are using Ubuntu machines;
Sudo vim / etc/hosts
127.0.0.1 localhost
192.168.1.100 Darwinsrv
Save & exit (wq!)