Subscriber Discussion

Sonicwall Appliance Issues

Undisclosed End User #1

•Nov 29, 2013

Our DVR appliances provides some tools for offsite review and management, but recently we wished to access internal network cameras from offsite, with a VPN through our SonicWALL TZ190 firewall.

It turns out that simply downloading and installing any of the posted SonicWALL Global VPN Clients (GVC) has been preventing our HP laptop machines from accessing ANY network, via either the RealTek LAN card or the Atheros WIFI card.

We've Googled references to similar experiences with those attempting to run SonicWALL GVC on some tablet PCs. We'd be delighted to use SonicWALL support, but they won't allow us to purchase a maintenance contract because the TZ 190 appliance is past end of life, and they won't provide support without a maintenance contract.

Never mind that the issue for us is non-appliance-specific -- simply installing their GVC kills all network access for that PC until GVC is uninstalled. Once it's uninstalled, everything works fine, just like before the installation.

Has anyone had any experience with remote VPN to a LAN with GVC, and any suggestions with this problem?

P.S. I understand and am very comfortable with an out-of-scope-for-our-site removal. Mostly this is a Hail Mary pass.

Thanks!

Ethan Ace

•Nov 30, 2013

We actually use a SonicWall firewall for remote access, and I haven't had this problem. I've had issues with the client crashing or simply not connecting at times, but not consistently.

I know a couple of people who have used SonicWall extensively and I'll see if I can get input from them on this.

Sean Patton

•Dec 02, 2013

I have heard of that happening, and it is one of the warnings in the installation documentation of Genetec, but I havent seen it personally myself.

Maybe you found these already, but here are a few troubleshooting steps to confirm...

• If any software firewalls or security suites are enabled on the computer running GVC, ensure they are
configured to permit execution of Global VPN Client and that IPSec (Protocol 50), IKE (UDP 500) and
UDP 4500 traffic is allowed inbound. As a short term test, try disabling such software and attempt the
GVC connection. If it works, the issue can be isolated to the additional security software. (What are your Windows Firewall settings?)
• The issue may actually involve an inability of Global VPN Client to obtain an IP address using DHCP
over VPN. See the Virtual IP Issues technical note for details.
• Verify your ISP is not blocking IPSec. It may be possible to establish the IKE (UDP 500) connection,
yet the actual IPSec traffic may still be blocked. Check with your ISP to make sure IPSec (IP Protocol
50) or IPSec Encapsulation (UDP 4500) are supported. Some ISPs block IPSec for residential class
service.

Undisclosed End User #1

•Dec 04, 2013

Thanks for the suggestions. I may not have been clear about the issue, because we haven't actually tried to use the global vpn client. We've just installed it, but before we've even tried to run it, and without attempting to do anything vpn-ish, we're just trying to do normal network stuff without a firewall. The network is accessible once we uninstall the GVC, and is inaccessible with GVC installed but (supposedly) not yet launched and running.

Based on this fundamental flaw and an inability to resolve the issue, I think we're probably giving up on Sonicwall and maybe transitioning to Cisco. The only way to get Sonicwall support is to buy a new appliance, and call us silly, but we're asking why we should throw good money after bad, particularly since there's no assurance that this issue (which is unrelated to any particular appliance) will be resolvable.

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions