Questions

Answer for:

How to setup SonicWall Tele3 SP to use Windows XP VPN?

Message 9 of 13

View entire thread
+
0 Votes
gaz

Just getting back to you to tell you we've managed to experience the same 800 error. In our case, we have three NT4 Servers and one Server2003. None of them are configured for VPN Server, and in the case ofthe NT4 units, we don't want to modify those. IN the case of the Server2003, it is a protected database machine - and that presents us with a dilemma about considering it as a VPN server. Ideally, for security, we would not want to have a VPN server (software) running on the inside of a firewall in the first place. But all that aside, we went to the trouble of simulating your situation. Opening the ports according to your instructions ultimately made sence to us. The part that threw us for a while was your instruction about '...I used All for "users allows".. '. We nominated a static IP of a remote site as the only permissible user for security.

The VPN Server IP you mentioned, would need to be the IP of a Windows Server on the LAN side of your network. Of course we don't have one. So I was trying to use the TELE3 unit as the VPN server (even though we have no Global VPN Client licence installed).

Anyway it made us think about the issue more for you. My guess is the 800 error is due to the fact that either there is NO VPN server available at all (or is incorrectly configured) - OR there is no permissible route thru the TELE3 to in fact reach/see your VPN Server running on the Windows Server behind the TELE3.

One suggestion, to see if it is the last point, is to UNTICK the deny items for a breif moment, to make sure there is no mixup of permissions on the TELE3 preventing your remote windows VPN client from breaking thru the TEL3 to go in search of the Windows Server based VPN Server service laying behind the TELE3.

I beleive we were getting the 800 error simply because we had no valid VPN server software/service running at all.

Does that throw any light on your problem?

Given our NT4 issues and concerns about VPN on LAN, we're opting to buy the Global VPN client licence and going the proprietary method.

Keep in touch.

Gary
gaz@alchester.com.au