Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Site to Site VPN access problems

JamesYJamesY Newbie ✭

Dear all:

My company use site to site VPN with TZ210 to connect A and B. Now, we bulid a new office in C. I setup a new site to site VPN between A and C. the VPN is active and I can ping C network from A site.but I can't ping A from C. is it any routing I miss ? below is the information about A B C

A gateway TZ 210

B gateway TZ 210

A and B use site to site vpn to connect each other and I don't need make any other configuration. it's connect normal.

C Have Vlan the TZ300 is on router model(turn off the DHCP). X0 LAN ip is 192,168,168,1 gateway

core network switch Vlan --- lan wifi

we made a routing to access internet in C firewall.

source: any

destination: office net(address gourp which inclued )

services: any


interface: X0

I can ping form A but can't ping from C the VPN is active.

Would you please to give me some guide ?

Category: SSL VPN


  • AjishlalAjishlal Community Legend ✭✭✭✭✭


    Can you check is there any other service such as SMB or telnet is working in between these two subnet?

    If its working, change ping service priority to high in access rule ( for the s2s ).

  • JamesYJamesY Newbie ✭


    Thank you very much for your reply. I am not sure whether SMB or telnet is working between A and B. I will check first through I am not familiar with Fairwell setttings. But I also can't access server which in A site through remote desktop from C.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭


    in that case your s2s having ACL issue. Can you brief us your S2S configuration so might be we can help you to resolve your problem.

  • JamesYJamesY Newbie ✭

    @Ajishlal Thank you for your reply. below is the settings of my firewall.

    Please let me if I miss any information you need. I am very appreciate for your help.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭


    Show me the Address Object also which you created for the S2S.(From both end)

  • JamesYJamesY Newbie ✭

    Dear @Ajishlal

    here is the information

  • AjishlalAjishlal Community Legend ✭✭✭✭✭
    edited September 2022


    The Zone assignment is wrong. If its the remote firewall subnet, you would have to create address object with VPN Zone.

    NB: Assume you created the VLAN in Firewall.

  • AjishlalAjishlal Community Legend ✭✭✭✭✭


    As per your network diagram, in Site C you have core switch & gateway device and VLAN's are created in core switch.

    from gateway device to Core Switch how the routing is configured?

  • JamesYJamesY Newbie ✭


    site C firewall T300 IP

    The address of the Layer 3 interface from the gateway to the firewall is

    gateway route

    Destination network segment Destination segment subnet mask next hop 183.167.X.X (this is the private lan use for monitor)

    core switch route

Sign In or Register to comment.