VPN connection issues. Data being sent, but received

echoesofeleven

Yesterday I was working on a client's laptop. The laptop was an Asus with a Win 10 os. The VPN connection is done by a Dell Sonicwall TZ 250.
The configuration was already set up by a previous technician. All I did when I arrived was re-enabled the connection because it was disabled. I then noticed something the status was stuck on connecting. I poked around more and realized that data was being sent out, but not being received. I have looked around online, butI can't find any good remedies to solve this issue. I also tried Dell's support line, but I was on hold close to an hr.
Could this be a credential issue? Prior from me working on it the user said that she hasn't used the VPN for quite a while.

vanillagorilla3

Ask the client some additional questions. Has it ever worked for them? When did it stop working? Are others having the same issue? What wireless network are the connected to? (If it's their corporate wifi, it won't connect) Can they try it when connected to a different wireless network?

dhay13

Do they use a token or smartcard to connect? Did the certificate expire?

Mooseboost

Two questions: Do you have access to the Sonicwall? And are you using the SSL or IPsec VPN?

Kreken

Are you being authenticated? Can you get to the pre-configured fw IP?

echoesofeleven

This is my first time dealing with this issue. There are only three users can that uses the VPN connection. The user I spoke with last Friday is the only one that's having issues. The setup and configurations were already done by a previous tech, but it was not documented at all. I can't contact that tech because he was fired. My boss can't be reached since he's always busy. The company laptop is connected through their wifi. I'm able to browse around just fine. When I tried enabling the connection it, the status said connecting. So I believe it's authenticating. As for the SonicWALL, I do have access to it. Should I hard reset the SonicWALL?

Kreken

I am not that familiar with Sonicwalls to give step by step instructions.. but I would open up a log, filter by the IP address of the misbehaving laptop and see what error messages are being produced. If you don't see any messages than most likely, the traffic from the laptop isn't reaching your firewall.

vanillagorilla3

From what you said, they're connected to their company's wifi, correct? The VPN won't connect...it'll look like it's trying to connect, but never will. Have them go home or to a Starbuck's and try it.

Mooseboost

What is the purpose of the VPN? I ask because you noted that you are doing this from the company's own wifi. Does the user primarily use this inside the network or are you doing that to test the VPN? If it is the latter, then your test of the connectivity is most likely being filtered by the Sonicwall as VPN from an non-allowed zone (LAN/WLAN) - if you are using the SSLVPN services, you can enable the LAN/WLAN zone under SSLVPN -> Server.

If the user is accessing outside of the network and still getting stuck on the connection there are a few things to look at. I would recommend live troubleshooting with them over the phone if possible. If they are using the SSLVPN, are you using local users or is the Sonicwall integrated with LDAP? If local, does the user have the SSLVPN services in their permissions? Reset the users credentials and make sure the account is setup correctly and is not disabled. Most other issues here will give you some kind of error message including: out of SSL licenses, exhausted SSLVPN IP pool, etc.

If they are using the IPSec (Global VPN client), on the Sonicwall side do you have simple client provisioning enabled? If not, try enabling it.

Have the user attempt to connect and watch the logs. I recommend having them go to IP Chicken or similar and setup a packet capture to watch incoming traffic as well as watching the logs.

Since I don't know what client you are using (NetExtender, Global, or Mobile Connect), I would suggest completely removing the client and installing it again if you have not done so already. Windows 10 and OS X seem to have problems with NetExtender - I recommend for most of our customers to use the Dell Sonicwall Mobile Connect client from the app store for these OS.

UnixGuy

take a packet capture on the firewall and see what's happening..

TheNewITGuy

Check your VPN to LAN access lists and Vice Versa - the sonicwall doesnt do the no-nat like a cisco does, so when your configure the remote access vpn there is usually an exception added automatically. If the user authenticates, can send data but isnt receiving any; check the ACL's

BradleyHU

echoesofeleven wrote: »

This is my first time dealing with this issue. There are only three users can that uses the VPN connection. The user I spoke with last Friday is the only one that's having issues. The setup and configurations were already done by a previous tech, but it was not documented at all. I can't contact that tech because he was fired. My boss can't be reached since he's always busy. The company laptop is connected through their wifi. I'm able to browse around just fine. When I tried enabling the connection it, the status said connecting. So I believe it's authenticating. As for the SonicWALL, I do have access to it. Should I hard reset the SonicWALL?

Maybe their wifi is blocking VPN. I've seen it before...