SonicFirewall, VPN and DNS
SonicFirewall, VPN and DNS
am 14.09.2006 16:36:00 von irtheman
Hello!
I just got vpn working on my company's SonicFirewall PRO 2040 Standard
and it is doing great. The user runs the SonicWall Global VPN Client
and connects to the firewall. Then they can remote desktop to their
office computer. Here is the snag: They must remote desktop to their
office computer's static ip address because the setup won't resolve any
computer names. No one can map network drives over vpn either. This
is my first time messing with a firewall and, with exception to this
one bug, I believe I have done a good job setting this thing up. Can
anyone suggest a possible solution?
Here is a brief description of how things are set up if it helps:
Our firewall is at the internal ip address of 192.168.0.1. The DNS
server is a computer called DNS1 at 192.168.0.2 and it handles our
local dns needs while forwarding to our internet provider for our
internet dns needs. Our DHCP server is a machine named Server1 at
192.168.0.3.
I have one VPN Policy named GroupVPN with with no gateway, no
destinations, and a Crypto Suite of ESP 3DES HMAC SHA1 (IKE). I
basically just used the defaults where possible.
So what do you think?
Thanks!
Matthew Hanna
Re: SonicFirewall, VPN and DNS
am 14.09.2006 16:50:38 von unknown
Post removed (X-No-Archive: yes)
Re: SonicFirewall, VPN and DNS
am 14.09.2006 17:13:15 von irtheman
Leythos wrote:
>
> Your local subnet is the same as most home users subnets and sooner or
> later this will cause you problems. I would suggest, next time you
> change things, that you change your local company subnet to
> 192.168.8.0/24 or something not using 192.168.0.0/24 and not using
> 192.168.1.0/24 and not using 10.0.0.0/24 either.
>
> We normally create different VPN groups, so that we can limit users to
> specific ports/IP's in the company:
>
> GRP_IT_SUPPORT all ports/all IP
> GRP_ACCOUNTING Remote Desktop (3389) only to the Accounting IP's.
> GRP_.... and you get the idea.
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me
I will make a note of your suggestion concerning our local subnet so I,
or someone else who has the opportunity, can make the adjustment.
Thanks! Altogether however, you are suggesting that the home network
might be trying to resolve the computer name instead of the company
dns? Maybe, but would that also explain why traveling employees who
use dialup and no other network connection can't use the office
computer names?
Thanks!
Matthew Hanna
Re: SonicFirewall, VPN and DNS
am 14.09.2006 17:22:22 von unknown
Post removed (X-No-Archive: yes)
Re: SonicFirewall, VPN and DNS
am 15.09.2006 01:43:25 von Cliff
"irtheman" wrote in message
news:1158244560.443933.154740@p79g2000cwp.googlegroups.com.. .
> Hello!
> I just got vpn working on my company's SonicFirewall PRO 2040 Standard
> and it is doing great. The user runs the SonicWall Global VPN Client
> and connects to the firewall. Then they can remote desktop to their
> office computer. Here is the snag: They must remote desktop to their
> office computer's static ip address because the setup won't resolve any
> computer names. No one can map network drives over vpn either. This
> is my first time messing with a firewall and, with exception to this
> one bug, I believe I have done a good job setting this thing up. Can
> anyone suggest a possible solution?
>
> Here is a brief description of how things are set up if it helps:
> Our firewall is at the internal ip address of 192.168.0.1. The DNS
> server is a computer called DNS1 at 192.168.0.2 and it handles our
> local dns needs while forwarding to our internet provider for our
> internet dns needs. Our DHCP server is a machine named Server1 at
> 192.168.0.3.
>
> I have one VPN Policy named GroupVPN with with no gateway, no
> destinations, and a Crypto Suite of ESP 3DES HMAC SHA1 (IKE). I
> basically just used the defaults where possible.
>
> So what do you think?
>
> Thanks!
> Matthew Hanna
>
Make sure you have "Enable Windows Networking (NetBIOS) Broadcast" checked
in your VPN connection advanced settings for the connection and make sure
that in the general VPN advanced settings "Disable all VPN Windows
Networking (NetBIOS) Broadcasts" is not checked.
Re: SonicFirewall, VPN and DNS
am 15.09.2006 15:38:21 von irtheman
Cliff wrote:
> Make sure you have "Enable Windows Networking (NetBIOS) Broadcast" checked
> in your VPN connection advanced settings for the connection and make sure
> that in the general VPN advanced settings "Disable all VPN Windows
> Networking (NetBIOS) Broadcasts" is not checked.
Thanks! I am going to give this a try from home tonight and see how it
works.
Matthew Hanna
Re: SonicFirewall, VPN and DNS
am 18.09.2006 09:53:22 von Phil
Add the dns information into the local pc's lmhost file. I have had teh
same issue at this end when connecting to servers and this sorted it
out.
irtheman wrote:
> Cliff wrote:
> > Make sure you have "Enable Windows Networking (NetBIOS) Broadcast" checked
> > in your VPN connection advanced settings for the connection and make sure
> > that in the general VPN advanced settings "Disable all VPN Windows
> > Networking (NetBIOS) Broadcasts" is not checked.
>
> Thanks! I am going to give this a try from home tonight and see how it
> works.
>
> Matthew Hanna