Unable to access the local resources when connected to the UTM appliance via SSL-VPN client and the

Description

Unable to access the local resources when connected to the UTM appliance via SSL-VPN client and the packets are being dropped as 'Packet Dropped - HA not allowed'

Resolution

Problem Definition:

When connected to  SonicWall Security Appliance via SSL-VPN client (Net Extender/ Mobile Connect), users will be able to retrieve an IP address, but will not able to access the resources behind the SonicWall Security Appliance. With the packet monitoring enabled on the appliance, we get to see the packets being dropped with the drop code as 'Packet Dropped - HA not allowed'.
 


Resolution:

- The reason why we get to see the packet being dropped is because the SSL-VPN IP pool (or the IP address retrieved by the SSL-VPN client) over laps with the IP addresses assigned for High Availability Monitoring.


Image
Image

- Either change the SSL-VPN IP Pool range or the High Availability Monitoring IP addresses (Primary/ Secondary) in order to get access to the local resources behind the  SonicWall Security Appliance.
 

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community