Routing between VPNs at multiple sites

vpnsrus

I have a TZ400 at the main office, and we have 2 satelite offices connected over IPSec VPNs.

I want to be able to reach Satelite A from Satelite B going through the main office router, but cannot seem to figure out the correct settings on the TZ400. SonicOS 6.5.

PCs at A cannot see devices at B and vice versa. I have tried creating static routes but cannot figure out if this is adnaved networking, NAT, routing policy, etc.

Here are the networks:

Main - 192.68.202.0/24

Site A: 192.168.203.0/24

Site B: 172.18.0.0/16 (not sonciwall)

Thanks for any help

MasterRoshi

Are you using policy or tunnel based VPN's?

Either way it should work but the requirements differ a bit. My immediate guess is that you don't have a VPN -> VPN rule at the Main site.

shiprasahu93

Hello @vpnsrus,

This implementation is called the hub and spoke setup. You can refer to the KB below and make sure that the configuration is done correctly.

https://www.sonicwall.com/support/knowledge-base/implementing-hub-and-spoke-site-to-site-vpn-video-tutorial/170503738192273/

I would like to add that the routes are only necessary if you are using tunnel interface VPN and not site to site VPN.

Thanks!