Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

WG FB 1000 - replacing Sonicwall

Status
Not open for further replies.
rudolphjk

rudolphjk

MIS
Aug 23, 2001
18
US
We have a Sonicwall 100 that we are trying to replace with a WG FB1000. We have a pretty standard network, with 3 subnets with DHCP served from windows 2000 servers (dual-homed), and routing between subnets done by the win2k servers as well. I've done my best, with the help of a watchguard specialist, to configure both devices the same, including routing etc. When I try to replace the device, I power down all equipment (DSL router, firewall) and power up fresh, and replace the Sonicwall with WG FB1000. The VPN tunnels come up fine (Branch Office is set up with another WG FB1000 device in another location), and we've intended to set up both devices exactly the same. It seems that connectivity is 100% from MOST machines on the network, but some are having problem connecting to our CRM website salesforce.com, and a handful of other websites (express-inc.com is another)....the web browser just hangs (the standard "The page connot be diplayed" does not even come up). I can ping the website from the PC's that can't resolve, so they appear visible to the PC based on IP address. I've reviewed the internal LAN, and looked at DNS resolution, and all machines are using the same DNS server internally for resolution. But thinking back on this approach, it wouldn't make sense that if there was a DNS problem on the LAN when using the Sonicwall device, all websites resolve properly.

So, I'm pointed to maybe a difference in the devices, maybe the Watchguard device does something that the Sonicwall doesn't (or vice versa)??

I've looked at the MTU setting for the WG FB1000 device (this was a necessary tweak for the Sonicwall device to operate properly when set up over 3 years ago), and I set them identically (with help from WG specialist). This is an unsupported code tweak in the config file. No success.

Any help on resolving this situation would be most appreciated!!
 
Sort by date Sort by votes
rudolphjk,

If you think the MTU can be an issue you can try to change it on 1 machene out of all which are not able to browse the internet. DRTCP is utility that you can use to reduce or increase the MTU.

What logs do you see in the traffic monitor when this happens?

Pankaj



 
Upvote 0 Downvote
Thanks for the response. It ended up being a configuration error on our Cisco router. The MTU was set to 1450, when it should have been set to 1492.
Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
982
Shmid
Shmid
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
219
Russtoleum
Russtoleum
Maakus
  • Locked
  • Question
SonicWall
Replies
4
Views
337
Maakus
Maakus
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
239
ISDPCMAN
ISDPCMAN
malibu1979
  • Locked
  • Question
SonicWall GVC
Replies
1
Views
255
jcarmichael1203
jcarmichael1203

Part and Inventory Search

Sponsor

Back
Top