Nicholas

SonicWall Employee
Default Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Nicholas SonicWall Employee

About

Username
Nicholas
Joined
Visits
15
Last Active
Roles
Member
Points
22
Badges
2

Badges (2)

First AnswerFirst Comment

Comments

  • You must turn on verbose logging level and each realm must have accounting records enabled. The actual message in the log will vary depending on what kind of authentication server you are using, for active directory failed auth attempts i made on a lab box they looked like this. you can see my random keystroke names i…
  • Secure network detection simply disables the tunnel when you are locally on a network the client is getting in a route. So any network you allow in access control rules would be a "Secure network" its meant to allow local access to resources while your on the network you would normally access remotely
  • The MSI is specifically for silent installs from a 3rd party, the SMA's preferred distribution is the web portal for intial install. You will not be able to use the auto update feature with the MSI. The exe can be used in silent installs with standard switches just like any other execetuable installed with a 3rd party…
  • You may have it being misrouted or possibly a software firewall block. If its a required functionality for your setup I would ask you open a support ticket for us to investigate further.
  • In order to ping from client to client, you need to have a netextender client route set up for the subnet you are assigning vpn client ips in.
  • It appears your single packet captured is a reset packet. We should be seeing an initial syn packet from the sma internal ip. You most likely have the unit deployed incorrectly in a dual arm configuration (we only support single arm single gateway) or configured a static route on the SMA that is not needed.
  • The server licensemanager.sonicwall.com will accept 443 only and not pings. There are no recent reports of the service going unavailable, you may be blocking 443 outbound or you currently have an older firmware with license sync issues. Please make sure you are a on recent release of firmware and attempt to sync again.