Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

how to configure site to site vpn through isp as 5g router which not support bridge mode or dmz..

how to configure site to site vpn through isp as 5g router which not support bridge mode or dmz.. plz help
Category: Entry Level Firewalls
Reply

Answers

  • SaravananSaravanan Moderator

    Hi @AFSAL,

    Thank you for visiting SonicWall Community.

    Could you please let us know if there is a public IP address or private IP address configured on the SonicWall's WAN interface? If there is a private IP address configured on the SonicWall, please confirm if the ISP provided public IP address is configured on the ISP router?

    Also, let us know if you have a public IP address configured on the peer end device to where we are trying to build the VPN tunnel?

    We should be able to answer your original question with you providing answers to the above questions.

    Regards

    Saravanan V

    Technical Support Advisor - Premier Services

    Professional Services

  • afsalafsal Newbie ✭
    5g router only sharing private ip to sonicwall wan port. isp router are providing dynamic public ip and there is no dynamic dns option in the isp router

    peer end device configured as public ip address on sonicwall wan port. its working well
  • AjishlalAjishlal Cybersecurity Overlord ✭✭✭

    Hi @afsal

    Please follow the below step to achieve your goal;

    Firewall WAN Interface must be configured with 5G router private IP subnet.


    1. Open your 5G router and navigate to the settings (configuration steps will be change depends on the router models) -->Select DMZ --> Enable and enter the Host address field enter the Firewall WAN interface IP.

    Or you can enable the Port forwarding rule to the Firewall WAN interface & enable the below listed ports accordingly;

    Protocol: UDP, port 500 (for IKE, to manage encryption keys)

    Protocol: UDP, port 4500 (for IPSEC NAT-Traversal mode)

    Protocol:TCP, value 50 (for IPSEC)

    Once you done above steps, navigate to the Firewall -->VPN -->Settings-->Configurations->Adavnced--> VPN Policy bound to: Choose Zone WAN (Default), If you have multiple WAN interface choose the proper interface.


    NB: If you are facing drops in VPN tunnel, "Disable the NAT Traversal" in the VPN Advanced settings. (Required only where you have 5G router behind the Firewall)


    Please let me know if this resolve your issue.

Sign In or Register to comment.