Access internal URL/IP via Sonicwall VPN
Hi,
We have a NSA 2600 Sonicwall firewall and we are making use of the VPN (Global VPN Client) to connect to the VPN and can then access internal resources such as SQL and a Jumpbox.
I have set up Address objects/groups and a service group and created a firewall rule from VPN to LAN as per below;
From Zone: VPN
To Zone: LAN
Source: GVC VPN Clients
Destination: IP Address of web service I'm trying to reach
Service: ICMP, HTTP and HTTPS, Traceroute
Action: Allow
Users Included: Trusted users
Users Excluded: External Users
When using the Ping tool under System -> Diagnostics, I can ping the IP address in my "Destination" so it is accessible and can communicate both ways.
When I try to ping the internal IP from my PC, it times out.
When I try to access to URL from my PC while on the VPN, it fails to resolve.
Error message: ERR_NAME_NOT_RESOLVED
I am able to access this URL within our network.
I have a similar rule configured on the firewall for SQL access, and I can ping the IP address that is configured in the destination of that rule and can connect to SQL via SSMS from my PC via the VPN.
We have a static route on the server where the Website is hosted which allows it to talk back to the VPN network.
When running a Wireshark on the server hosting the website, we do not observe any traffic when accessing the URL via the VPN, however, we do observe traffic within Wireshark when accessing the site from another server so this leads me to believe that the traffic is not passing through the SonicWall onto the Server.
What am I missing?
Kind Regards,
Coenie
Answers
"We have a static route on the server where the Website is hosted which allows it to talk back to the VPN network."
Is the web server located on the LAN interface of the Sonicwall? Why does the web server need a route to the VPN network?