How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask Route Ranger Your Own Question

Route Ranger
Route Ranger, Internetworking Consultant
Category: Networking
Satisfied Customers: 192
Experience:  MCSE MCP+I A+ CCDP CCNP CCNA CCDA (1999-2005) 17 Years in Network Engineering And Security
23336863
Type Your Networking Question Here...
Route Ranger is online now
A new question is answered every 9 seconds

I have a new DGN2200. I am trying to connect to a VPN using

Customer Question

I have a new DGN2200. I am trying to connect to a VPN using SonicWall Global VPN Client V3.1.0.556 through the router. This worked with the old modem/router that I had. How do I configure the DGN2200 to not block this connection?
Submitted: 6 years ago.
Category: Networking
Expert:  Route Ranger replied 6 years ago.
Hmm, there shouldn't be anything you need to do an OUTBOUND VPN from your Sonic Wall VPN client. The router you installed is sitting on your network.

It is not filtering traffic to the Sonicwall Appliance therefore your session is OUTBOUND and is not filtered (Unless you created a rule to restrict outbound IPSEC traffic)

What exactly is happening when you try to connect?
Customer: replied 6 years ago.
the client says connecting indefinitly, status indicates that the IPsec packets are being sent but no replies received, MS Network Monitor shows the packets going out but no replies. VPN worked with the modem/router that the DGN2200 replaced and still works when I use a network connection that doesn't go through the DGN2200
Expert:  Route Ranger replied 6 years ago.
Ok, well if you're advanced enough to run a Network Protocol Analyzer and examine data packets, then you know that outbound VPN sessions aren't blocked by default on SOHO routers, so this problem must have to do with the IP range. Its possible that the IP range you're using on the new router conflicts with the opposite end of the VPN session.

So I'd look at what IPs you get handed from the Sonicwall when you CAN connect, and compare those to the IP's your new router is handing out on the local subnet. If they conflict, there's your issue.

However from your description, it sounds more like the tunnel's not setting up.

So its possible that you may have had your previous IP allocated on the Sonicwall. (Your IANA address). The new router with a new MAC would most likely have pulled a new IP for your WAN side , thus the new IP may need to be permitted on the Sonicwall.

That's my best guess based on the data you've provided.

One way to figure out for sure whether the packets are coming back or being dropped by your router, is to put your sniffer on the OUTSIDE of the WAN port. To do that you'll need a Layer 1 device like a little Netgear Hub (the old ones, not the switch, which they sometimes now call hubs). Then plug the WAN port into the Hub and grab the traffic coming back from the SONICWALL. If you see the packets on the OUTSIDE, but NOT on the INSIDE, then you know the Netgear is filtering the traffic for some reason in which case you'd want to reset the Netgear to default to wipe out whatever setting you may have inadvertantly entered that is causing the packets to be filtered.

That's my best advice.

Let me know if you have any other questions.

Edited by Route Ranger on 8/28/2010 at 11:04 PM EST