-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Firewall management not working over VPN, packet capture shows a Packet Dropped - Policy Drop
10/23/2024 
22 People found this article helpful
468,739 Views
Description
In deployments spread across multiple sites, VPNs are created for the secure transfer of traffic from one site to another. In some cases, Firewall Admins might have to log in to remote side firewalls and SonicWall allows us an option to do that as long as the remote side firewall has HTTPS management enabled on VPN.
For detailed instructions on Firewall management over VPN please refer to the following KB: Remotely manage the SonicWall through a vpn tunnel
When the HTTPS option is enabled on a VPN, the firewall creates an Access Rule from VPN to LAN with service HTTPS management and sets the action as Allow.
Example:
In some cases, the Firewall drops this management traffic as Packet Dropped - Policy Drop. Firewall Admins will be able to verify it if they capture the traffic flow using the Packet Monitor feature of the Firewall.
Example: In the below screenshot it can be noticed that the traffic from the VPN for Port 443 TCP is being Dropped as Packet Dropped - Policy Drop.
Cause
The reason for this issue is that the Access Rule created for management is not getting triggered. This can be verified from the statistics on the Access Rule. The statistics on the Access Rule will show a "0" under all sections
Resolution
- On the Access Rule, Click Configure.
- A Checkbox labeled as Enable Management can be seen at the bottom of the Popup screen.
- This option will be Set to a Checked/ Enabled state or Unchecked/disabled state. This behavior is firmware-specific. Try toggling the state of this checkbox (If it is "Checked/Enabled", try "Unchecking/Disabling" and Vice-Versa) and see if the issue is fixed.
- If the issue is still not fixed, please reach out to Technical Support for further troubleshooting.
There are two ways to contact technical support:1. Online: Visit mysonicwall.com. Once logged in select Resources & Support | Support | Create Case.
2. By phone: please use our toll-free number at 1-888-793-2830. Please have your SonicWall serial number available to create a new support case.
If you do not have a mysonicwall.com account create one for free!
Related Articles
- How to configure numbered VPN tunnel
- Cysurance Partner FAQ
- How can I enable Enhanced Audit Logging Support?
Categories
- Firewalls > NSa Series > Firewall Management
- Firewalls > NSsp Series > Firewall Management
- Firewalls > SonicWall NSA Series > Firewall Management UI
- Firewalls > SonicWall SuperMassive 9000 Series > Firewall Management UI
- Firewalls > TZ Series > Firewall Management UI
YES
NO