DHCP server which only services Global VPN Client
mike_yung
Newbie ✭
in VPN Client
I've been trying for three days to implement this but can't find the right combination of settings.
X1 - WAN
XO, X2, X3 - LAN on 192.168.31.1, DHCP range 192.168.31.2 though 192.168.31.254
(DHCP assigns IPs)
X4 - LAN on 192.168.0.1, DHCP range 192.168.0.230 through 192.168.0.250
(DHCP assigns IPs Global VPN Clients but ignores hardwired devices physically connected to LAN side)
Category: VPN Client
1
Answers
@mike_yung ,
Which interface (LAN) devices you want access from GVC? LAN1 or LAN2? or both?
LAN2 only, the LAN on interface 4
@mike_yung
can you define below your LAN & LAN2 IP subnets so will easy to understand. As well as share to us the GVC logs.
Absolutely. Here's a sketch of what I need to setup.
And here's my GVC log. As expected the log is showing the GVC connecting to the X4 LAN which is what I've configured.
The part I'm having trouble setting up is making that DHCP server at 192.168.0.1 exclusive to the GVC. A PC in the building which is accidentally connected to X4 needs to get an 169.25.0.xxx address.
I believe I did give access to LAN1 ip segments.
When I go into Users --> Local Users & Groups --> Configure --> VPN Access I have "LAN Subnets" in the Access List.
If I'm misunderstood your question please let me know where I should click to answer correctly.
ooops, pardon the typo. The NOTES should read "PC's on physical LAN are assigned IPs ranging from 192.168.31.2 through 192.168.31.250. I can send a new sketch if you need @Ajishlal. Just let me know.
Send me the updated one.
Thank you. Please see below.
@mike_yung,
is there any free Firewall interface is available?
your GVC DHCP Scope & LAN2 DHCP scope are same so you would have to assign different subnet DHCP scope for the GVC users.
Follow the below KB.
Let me know if you need further assistance.
Thanks @Ajishlal. This looks promising & I look forward to trying that out. Unfortunately the Sonicwall I'm testing on will be in use elsewhere for at least a few weeks. I'll be sure to let you know how it turns out as soon as I have opportunity.
Hi @Mike
could you try to change Zone name Lan to Lan1 on the firewall?
when you changed the Zone name and then you should create access rules each others.
best regards.
I've followed that KB article but my Sonicwall behaved differently.
I created my 2nd DCHP scope with "Interface Pre-Populate" unchecked but instead of a DHCP scope showing interface "N/A" like the KB article my DHCP scope showed as "X4".
When I connect through the GVC I'm given an IP on the 192.168.31.0 network and not the 192.168.0.0 network.
When I connect physically to X4 I'm given an IP on the 192.168.0.0 network and not defaulting to an 169.254.0.??? address.