Blog Archives

Howto: Sonicwall SSL-VPN (NetExtender) on Windows 8.1

Those familiar with the Sonicwall SSL-VPN 2000 appliance and Windows are used to connect to the SSLVPN using the NetExtender software. Older versions of the NetExtender appliance will still offer this software when connected using the browser.There are various forums actually providing instructions on how-to install this old software on Windows 8.1. Most include instructions like disabling the WHQL (windows driver signing) check leaving your system vulnerable. Once the software is installed you will prob run in to various issues including: RRAS isn’t addressed properly, Unable to connect even though authentication is working fine, no routes are being added after a successful connection is established.

Not many people seem to know that Sonicwall mobile vpn provider is a build-in option in windows 8.1. It is -obviously- also the preferred method to connect. Naturally because all the Windows security mechanisms are kept in place using the readily available Sonicwall mobile provider. The instructions below will guide you through the steps required to configure an VPN profile for the SSLVPN appliance and offers an alternative to the older NetExtender software. Additionally consider the maintenance options you have implementing these using domain policies 😉 

  1. Type: Windows key + S;
  2. In the search field type: VPN;
  3. Select the ‘manage virtual private networks’ option;
  4. Select ‘Add a VPN Connection’;
  5. In the ‘VPN provider’ select the ‘Sonicwall Mobile Connect’ option;
  6. Type a descriptive name in the ‘Connection name’ field;
    (this name will be visible throughout windows)
  7. In the ‘Server name or Address’ field type the webadress without the protocol portion. example:
    NetExtender: https://vpn.company.com
    Adress field: vpn.company.com
  8. Select save;
  9. Close all the windows;
  10. Type: Windows key + S;
  11. In the search field type: VPN;
  12. Now select ‘Connect to a network’;
  13. Select your created profile;
  14. In the username field use the following:
    domain\username (remember the domain portion is case sensitive!)
  15. Type your password;
  16. Connect.

If all is correct the connection should come up without any problems. If this is not the case, then please review the advanced settings. These settings are available in the ‘manage virtual private networks’ by selecting the ‘edit’ option on the created profile. (steps 1/3).

You can simply review the routes as follows:

  1. Type: Windows key + R;
  2. In the run field type: powershell;
  3. Run the command: route print | Out-GridView;

Hope this helps.

p.s.
If you have already disabled driver signing in a previous attempt, then please re-enable it.
Driver root kits are fairly common and a real risk!

Fixing the monitoring hosts > hosts view in centreon 2.1.4

When opening the Monitoring > Hosts > Hosts view to view all the available and configured hosts in Centreon 2.1.4 you will get a blank result. This happens because there is a coding error in the following file.

/usr/local/centreon/www/include/monitoring/status/Hosts/xml/hostXML.php on line 249

To correct it you need to add a else statement to the if, elseif validation that happens there. So open the file listed above using your fav. editor (vim in my case)

vim /usr/local/centreon/www/include/monitoring/status/Hosts/xml/hostXML.php

Version 2.1.4

Skip to line 249 typing ” :249 ” followed by an enter stroke.
On that line there should be something like;

if (($ndo["last_hard_state_change"] > 0) && ($ndo["last_hard_state_change"] >= $ndo["last_state_change"]))
                        $hard_duration = Duration::toString(time() - $ndo["last_hard_state_change"]);
                else if ($ndo["last_hard_state_change"] > 0)
                        $hard_duration = " N/A ";

Change it to this by adding the part starting from “else”.

if (($ndo["last_hard_state_change"] > 0) && ($ndo["last_hard_state_change"] >= $ndo["last_state_change"]))
                        $hard_duration = Duration::toString(time() - $ndo["last_hard_state_change"]);
                else if ($ndo["last_hard_state_change"] > 0)
                        $hard_duration = " N/A ";
                else
                        $hard_duration = " unknown ";

Version 2.1.8

Goto rule 272 in the same file and locate this piece of code:

if (($ndo["last_hard_state_change"] > 0) && ($ndo["last_hard_state_change"] >= $ndo["last_state_change"]))
                        $hard_duration = Duration::toString(time() - $ndo["last_hard_state_change"]);
                else if ($ndo["last_hard_state_change"] > 0)
                        $hard_duration = " N/A ";

Add the following to make it work.

if (($ndo["last_hard_state_change"] > 0) && ($ndo["last_hard_state_change"] >= $ndo["last_state_change"]))
                        $hard_duration = Duration::toString(time() - $ndo["last_hard_state_change"]);
                else if ($ndo["last_hard_state_change"] > 0)
                        $hard_duration = " N/A ";
                else
                        $hard_duration = "N/A";

This same rule is responsible for the following errors in your apache error_log.

PHP Notice: Undefined variable: hard_duration in /usr/local/centreon/www/include/monitoring/status/Hosts/xml/hostXML.php on line 271, referer: http://centreon.amis.nl/centreon/main.php?p=20102&o=h

This change should fix it for ya.

Grtz, Chris.