Newbie ✭
Default Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Tippers Newbie ✭

Badges (4)

1 Year Anniversary2 Year AnniversaryFirst AnswerFirst Comment


  • I'd start with a packet capture on the TZ, filter the IP address of one of the IP handsets or the provider that they're connecting to. Export the capture and open in Wireshark to analyse. In Wireshark use the Telephony menu and SIP Flows to hopefully see a bit more clearly what each session is trying to do and where it…
  • I can't tell you why they do this, but I see the same in the DHCP current leases there are VLAN IP addresses given to the SonicWave devices but not the SonicPoint. They don't appear in the Access Point > Station Status view.
  • I'm not sure if the same applies to GVC, but with Netextender you can specify the IP of the firewall from other interfaces (such as X0) and connect from inside that network.
  • So you have your remote VPN network/range object setup and included in the SSL-VPN Client Profile and then also included on the VPN Access tab for your local user? If so, what happens if you run a packet capture filtering on the source or destination IP and trying to access the IP in your VPN network from the SSL-VPN.
  • You could run a packet capture on the Sonicwall but you'll probably need to know the IP addresses used by LE to filter the HTTP/HTTPS traffic. You'd be able to see the content of the HTTP traffic and whether anything is dropped. If there are no active services on the Sonicwall, it's unlikely to have changed recently due to…
  • Can you ping from SSLVPN connected PC to LAN? But not from SSLVPN connected PC to IP address at spoke VPN destination? Is it just ping traffic that doesn't pass to spoke VPN destination or can you test HTTP traffic for example?
  • A couple of things to check, firstly is Management traffic allowed on your firewall rules from SSLVPN to VPN? I can't remember if these are created by default and the option is automatically enabled but worthwhile checking. How are your users created? Are they local on the UTM or from LDAP? From my experience even though…
  • There was a similar post recently: https://community.sonicwall.com/technology-and-support/discussion/3110/sonicwall-and-expiring-let-s-encrypt-certificates Having upgraded from GEN6 to GEN7 recently, I think this only affects GEN6 devices.
  • Yes I have the same issue, upgraded from 2600 to 2700 but had to go straight back as SIP doesn't work despite the configuration being migrated using the online tool. Support have recently produced a HF firmware but that didn't work either. Haven't tried the latest release yet though as I'm waiting for support to update my…