Title: regular Stationery
reply in the body of the message
-----Original Message-----
From: Lance Loudan @ Benedict [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 12, 2002 4:16 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [SonicWALL]- 2 Problems

To elaborate, I have 13 locations, each one of them have a sonicwall connected to the internet and a private IP address and a Nortel contivity at each location connected to the internet and a private IP address.  I have a route table in the sonicwalls that redirects LAN traffic out the Nortel boxes based on IP addresses.  >From the LAN, everything works fine.  But:
When I put the Nortel in the DMZ and setup a rule to allow all traffic (every port number) I could ping the sites but SAP would not go through.  I could get to the login screen at the remote site but from there nothing.  That is why I think it is the encryption.
[Arnold, Paul] What do your logs say? Does the SonicWALL connect directly to the internet? or is there a border router?
Why are you putting it in the DMZ rather than NATing it? Is there a reason? I ask because the VPN traffic is typically terminated at the LAN and if you are routing LAN1--->remote LAN2--->remote DMZ2, then there might be a problem. Is there a reason anyone other than people on the LAN are accessing this Nortel box? If so, you might still be able to accomplish the task using NAT rather than the DMZ.
 
Also, I have the sonicwall VPN client that I use to connect to the firewalls from the internet.  If I try and go to the IP addresses set up in the route table on each of the sonicwall it goes nowhere.  I can not even ping the IPs.  I am not sure what else I should try.
[Arnold, Paul]  Be sure you have the checkbox "Forward Packets to Remote VPNs" enabled on each VPN connection on each box. That should at least straighten out the ping issue.
 
-----Original Message-----
From: Arnold, Paul [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 12, 2002 2:33 PM
To: [EMAIL PROTECTED]
Subject: RE: [SonicWALL]- 2 Problems

Could you elaborate a bit?
You have 2 SonicWALLs and 2 Nortel boxes? 2 sites? or is it the VPN software client?
 
 
-----Original Message-----
From: Lance Loudan @ Benedict [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 12, 2002 2:43 PM
To: SonicWall User Forum (E-mail)
Subject: [SonicWALL]- 2 Problems

I have a weird case that I have to come up with an answer for.  We are using Sonicwalls at all of our locations for security.  We also have Nortel contivity boxes for the transfer of financial information via SAP.  The problem is two fold. 
1. The Nortel box is not behind the firewall because I have not been able to get the encrypted traffic to pass through the sonicwall.  We set up rules on the contivity boxes to only accept traffic from set IP addresses.  This helps a little but it is not foolproof.
2.  The sonicwall VPN client is not allowing the accountants to connect to SAP away from the lab.  My problem is that the sonicwall is not routing the traffic to the Nortel box or the Nortel box is not understanding the NATed address on the LAN side. I am looking for any help as to what direction I should go.
 
Lance L 

LEGAL NOTICE:
Unless expressly stated otherwise, this message is confidential and may be privileged. It is intended for the addressee(s) only. Access to this e-mail by anyone else is unauthorized. If you are not an addressee, any disclosure or copying of the contents or any action taken (or not taken) in reliance on it is unauthorized and may be unlawful. If you are not an addressee, please inform the sender immediately.

LEGAL NOTICE:
Unless expressly stated otherwise, this message is confidential and may be privileged. It is intended for the addressee(s) only. Access to this e-mail by anyone else is unauthorized. If you are not an addressee, any disclosure or copying of the contents or any action taken (or not taken) in reliance on it is unauthorized and may be unlawful. If you are not an addressee, please inform the sender immediately.

Reply via email to