I'd love to know what misconfiguration allows me to get at 172.16.x.x 255.255.0.0 for all internal servers and IP's in every range except one single address. Even removing all restricting rules and enabling * for source and destination and setting everything to enabled by default still leaves me with this one address totally unreachable, even though the sonicwall itself can ping it when I hit the management page through the VPN.
Deleted all rules and set default allow for everything in every direction, and that one is still unreachable. Reloaded firmware, went forward and backward in firmware versions, rebooted sonicwall, nothing I do seems to address this problem. Changed network cards on the server in question just to see - swapped it with one of the servers that *was* visible and reachable through VPN, and the problem stuck with the IP address, not the card or MAC address... Recreated the VPN policy, etc. No matter what, the other 30 servers on the 172.16.1.x private internal network are accessible except for 172.16.1.4... Considering how many issues I've had with this particular Pro-VX lately, I'm more inclined to think it's not misconfiguration, but something with the sonicwall. My random rebooting problem still happens, and I've gone 12 days now without getting an answer at all from Sonicwall, and this after purchasing the extended support... It seems that no matter what firmware version I try to use, I have something that's flakey. Various firmware versions seem to fix one problem, but introduce another... Gets rather frustrating. I don't have a single public server in my DMZ, all are outside of my firewall, because I can't trust the firewall to be running, and I had too much down time of my servers because of these issues of the unreliability of the sonicwall. So about the only real use I've gotten from this Pro-VX so far is that I can limit the outbound users as far as content and sites... But I could've done that more reliably using my old Windows 2000 NAT server if I would have tossed ISA server on it. I know many people who use various flavors of Sonicwall products, and every single one I personally know has issues and problems, that usually only are resolved when someone at Sonicwall actually wakes up, checks email, and replaces a faulty unit. Even in the lists here, I hear more negative than positive... I like the unit, even with it's limitations as far as configuration goes compared to a PIX or something, but no matter how much something appeals to you, if it doesn't work and you can't get someone from the company to do something to try to help, about all you can do is make sure that you and all of your customers avoid that problem vendor... Anyone here want to chime in with how great their luck has been so far with Sonicwall? I'd really like to hear that someone has them and has had no issues. Would be nice to know that *somewhere* out there are boxes that don't fail even the most basic setups. John -----Original Message----- From: James ( in Texas ) [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 28, 2002 12:25 PM To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- help!! One rule isn't working John, The problem that you describe is more of a mis-configuration or hardware limitation then a problem with the sonicwall. Things to check are the gateway and the subnet mask. James At 11:12 AM 5/28/2002 -0500, you wrote: >Do you have more public IP's available to you that aren't in use? >Easiest way to see if it's the firewall or the ISP blocking something is to >put a notebook or something on the WAN link with a public IP, and then try >to telnet to the one in question. Since you'll be in the same subnet as the >sonicwall, you shouldn't be getting routed anywhere (like through the ISP) >so if it works, then you know it may very well be something with the ISP - >but if it fails, then you know you're dealing with a sonicwall only issue. > >I've had flakey things happen on mine as well - I can VPN into my sonicwall >but there's one IP address that I cannot get to no matter what, thus one >server I can never reach through sonicwall VPN. I can get to the one that's >one address before, and one address after, but that single IP is totally >untouchable through the sonicwall VPN. No rules block it, nada. But if I >VPN in through my Windows 2K machine, I get to it fine. > >Don't ya just love sonicwalls sometimes? :) > >Good luck > >John > > >-----Original Message----- >From: Jason Alba [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, May 28, 2002 10:57 AM >To: [EMAIL PROTECTED] >Subject: RE: [SonicWALL]- help!! One rule isn't working > >Tried both, neither fixed the problem. Keep the ideas coming, but could >it be that our ISP is blocking telnet somehow (could this be done on >their router?)? > >Jason Alba >IT Manager >tel: 208.232.8599 x323 >fax: 208.232.6068 >http://www.varsitycontractors.com > > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On >Behalf Of [EMAIL PROTECTED] >Sent: Tuesday, May 28, 2002 9:45 AM >To: [EMAIL PROTECTED] >Subject: Re: [SonicWALL]- help!! One rule isn't working > > > > I'd just delete the rule then re-add it again. If that doesn't work >reboot the firewall. > >Cavell McDermott >Domino Admin >APW Ltd. - Texas Campus >214-343-1400 - Main >214-355-2022 - Direct >214-341-9950 - Fax >http://www.apw.com > > > > > "Jason Alba" > > <jalba@varsitycontra To: ><[EMAIL PROTECTED]> > ctors.com> cc: > > Sent by: Subject: >[SonicWALL]- help!! One rule isn't working > sonicwall-owner@peak > > e.com > > > > > > 05/28/2002 10:26 AM > > Please respond to > > sonicwall > > > > > > > > > >Come into work today and many remote users can't get into one of my >servers. Nothing has changed on the sonicwall, and I'm looking for a >silver bullet to fix this problem. > >The rule that is failing is telnet, over TCP/IP (23,6). You can ping >the box, but you can't telnet into it from outside. > >I can telnet into it from inside, so I *know* that telnet is up and >running on the box. Other rules are working for other servers... > >Anyone else experience something like this? >Does the SonicWall need to be rebooted? >What troubleshooting steps would you follow? > >Is this Monday or what? > >Jason Alba >IT Manager >tel: 208.232.8599 x323 >fax: 208.232.6068 >http://www.varsitycontractors.com > > >--- >[This E-mail scanned for viruses by Declude/F-Prot AV] > >======================================================================== >=========================== >To unsubscribe, send email to [EMAIL PROTECTED] In the body of the >email put the following: unsubscribe sonicwall your_name The archive of >this list is at http://www.mail-archive.com/sonicwall%40peake.com/ > > > > > > >--- >[This E-mail scanned for viruses by Declude/F-Prot AV] > >======================================================================== >=========================== >To unsubscribe, send email to [EMAIL PROTECTED] In the body of the >email put the following: unsubscribe sonicwall your_name The archive of >this list is at http://www.mail-archive.com/sonicwall%40peake.com/ > > > >--- >[This E-mail scanned for viruses by Declude/F-Prot AV] > >=========================================================================== = >======================= >To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email >put the following: unsubscribe sonicwall your_name >The archive of this list is at >http://www.mail-archive.com/sonicwall%40peake.com/ > >--- >[This E-mail scanned for viruses by Declude/F-Prot AV] > >=========================================================================== ======================== >To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email >put the following: unsubscribe sonicwall your_name >The archive of this list is at >http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] =================================================================================================== To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/
