John, -Do you get both phase1 and phase2 completed in the PROVX logfile, if not you still have a problem ?
-Are you absolutely sure that your local LAN IP does not overlap your PROVX LAN IP, if not, change your local lan ip subnet to something else. ? -If not, i've had success in opening the policy editor, choosing "options", "Global policy settings", "allow to specify internal address" and the on "My Identity" specifying "virtual adapter" as enabled, and internal ip network address ad something on a subnet NEXT to your PROVX LAN IP subnet. -Last, i have 5 PROVX'es running 6.3.1.0 (all upgraded from various versions), no problemo. You must have a general error in setup, because i've never had that many problems with the VPN client(s). /jesper -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 2. maj 2002 17:42 To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- VPN revisited Thanks for that confirmation, Jeff. I had thought the same, based on my other products VPN experience.... But alas, no, I get absolutely nothing. I can't ping any internal address, get to any internal resource, nada. Can't telnet to anything, ping anything, browse anything via http:, ftp, nothing. I have the connection manager open on the client, and see the connection. I open the log viewer and I can see the connection established, then the keepalive messages start as well. On the log file on the Pro-VX, I see the responders and negotiations come up, and everything shows successful / complete. Yet I get absolutely no response from the network once I'm VPN'd in. This is driving me absolutely batty. I've done this with CISCO products, and their client software works like a champ. Never any issues. But this Sonicwall one just seems determined to be the death of me, or at least my sanity. Maybe I just need a nice big sledgehammer, then go to the CFO and say the firewall is broken, I need a new PIX box. :> Thanks J -----Original Message----- From: Jeff Vogt [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 10:29 AM To: '[EMAIL PROTECTED]' Subject: RE: [SonicWALL]- VPN revisited John, once you have negotiated the vpn connection wan to lan rules should not have any impact on your vpn connection. Do you see the key icon with the green light in your taskbar? that is a go. can you connect to your sonicwall's internal ip address via the browser? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 8:21 AM To: [EMAIL PROTECTED] Subject: [SonicWALL]- VPN revisited OK, tried the 8.0 vpn client that's supposed to work with XP for the first time this morning. Now, I've tried the last version with 98, and 2000, with no luck whatsoever. My Pro-VX with the 50 VPN client upgrade has NEVER been connected to via VPN client. I have always been totally frustrated with it. Now, the new client, for the first time I actually see a connection in the connection manager, showing the key and "my connection" (the default name) under connection name. Shows the correct IP info, protocols show "all". The logfile on the sonicwall shows the IKE responders, beginning the phase 1 and phase 2, shows both phases done, and that it accepted the IPSec proposal. So it looks as if I have a connection established. Now, having dealt with mostly Microsoft VPN thus far, I'm accustomed to once the VPN tunnel is established, it's as if you're physically on that local subnet. I can ping, hit a web server, whatever. Yet I can do nothing here, no ping, nada. But since I have my rules defaulted to block anything from the WAN to the LAN other than the things that I have set up for 1-1 nat, is that the issue? Will I have to modify rules to allow something for VPN to be able to do more than connect? I've gotten farther than ever before this time... would be nice to actually have this work just once even... BTW, firmware on the pro-VX is 6.2.0.0. do i need to upgrade to 6.3.1.0 for this to work with this version of the VPN client? I've gone through the PDF files on their site, etc, and as with so many other people on both sonicwall lists I'm part of, I just can never seem to master this puzzle, and none of the documentation helps for squat. Thanks for any assistance. John --- [This E-mail scanned for viruses by Declude/F-Prot Virus] ======================================================================== ==== ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot Virus] ======================================================================== ==== ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot Virus] ======================================================================== =========================== To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot Virus] ==================================================================================================To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/
