SOURCE: Sonicwall Pro 300 DMZ Problem
If you're within a network and try connecting to computers on it with the WAN public IP, it simply won't work - you must use the network IP. On an external Internet connection, it should connect fine to the public IP. If you have access to an external machine (remote desktop), or if you know of an FTP proxy, you can try it that way. I also believe http://www.webftp.co.uk/ a web based FTP client would act as somewhat of a proxy, you could try that with the public IP and see how you go.
SOURCE: How to connect my MSSQL server through VPN by using PPTP
192.168.1.X is a local ip address ,, i trust that thhe vpn is in seperate places and is done with the wan ip over an internet connection?????
OK maybe the problem isnt on your side but the main office building,, when connecting , have someone looked for repeated attemps to connect by observing the fire wall,, if it appears to be blocked byu the firewall simply diasable any and try it out.. If it works then all you need to do is set the firewall correctly..
I was reading the ip address in your original post and those are local address,s are you certin the VPN is correct ???? did you use the correct STATIC IP ADDRESS ASSIGNED BY YOUR ISP??
SOURCE: pix 515 E allow few websites only.
Do the nslookup for the three websites and write an access list to permit the traffic only to the said website ip addresses
Eg.
1. go to dos prompt
2. type "nslookup"
3. type "www.rediff.com
Note : You will get the ip address of the websites
4. Create an object group for these websites
5. Add ip addresses of the websites
6. create an access-control list element to permit the traffic from your circle office to this object group for port tcp 80 and 443
You are done
SOURCE: SIte to site vpn/remote desktop
Open up the vpn client any any of the working machine, and then
click on
file>>save Prfoile>>give a name
Take a copy of that and paste it in your machine.
On your machine install the vpn client (Straight Forward Installation). Then
Click on Import Profile , Identify the location where you have pasted the profile (Which is copied from other machine).
You are done with that.
SOURCE: Ploblems with dmz-outside (webpage). pix
Remove this line:
static (DMZ,INSIDE) 10.10.0.0 10.10.0.0 netmask 255.255.255.0
You don't need a translation going from a lower security level to a higher one. You will also need a nat line for the dmz so that pc's on the dmz will be translated outbound. The only connection that will work on the dmz is the webserver when he's sending traffic outbound with a source port of 80. Something like:
nat (DMZ) 101 10.10.0.0 255.255.255.0
Other than that, it looks like it should be working. You've got permission, a route, and a translation. Maybe "clear local-host 10.10.0.2" to get rid of any bad xlates and try again. Check debg level syslogs, run packet captures, "clear asp drop" then "show asp drop" after an attempt?
59 views
Usually answered in minutes!
×