Hi, all.

As my saga continues with my client and the remote SonicWALL TZ 170 S2S
configuration becomes more complex, I'm seeing more need for improvement
(mainly to lower my stress level).

Creating new tunnels is now fairly routine for me, though getting them
to come up the first time takes a bit of frustration and perseverance.
Often, stopvpn.ncf will hang the server, resulting in the need for a
hard reset (not very nice, particularly with other services running on
it), and I find that when the server does come back up, the
already-established tunnels must be manually renegotiated by the
SonicWALLs, either via the web interface to them or via power cycling.

Any tips for such matters? When this installation is fully built out, we
will have about 23 tunnels, and the thought of having to make the rounds
every time an outage or other server mishap occurs is rather daunting.


PS - I noticed a condition the other day while administering the server
from my side of a tunnel (I am connected through a Novell Security
Manager box via S2S to the BM 38 server) where my tunnel stopped routing
traffic every few minutes, forcing a renegotiation from my end.
Ultimately, the BM server abended, forcing an ASR (automatic server
recovery - this is a Proliant DL380 G4). When the server came back up, I
re-established my tunnel (along with the other remote sites), and my
connectivity has been constant ever since.

Lewis G Rosenthal, CNA, CLP, CLE
Rosenthal & Rosenthal, LLC
Accountants / Network Consultants
New York / Northern Virginia www.2rosenthals.com
eComStation Consultants www.ecomstation.com
Novell Users Int'l www.novell.com/openenterpriseserver
Need a managed Wi-Fi hotspot? www.hautspot.com