Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Add VPN client route to destination that is connected via site-to-site vpn (Hardwarea)

I have two locations, (North / South) linked via site-to-site VPN and need to give a user access to resources at both locations, but I wanted to do so via a single NetExtender VPN connection.

I already have them up and running with what they need access to at the South location but in order for them to access a machine at the North facility, I think I need to add a route under SSL VPN Client Settings > Client Routes?

I can ping the IP from the North firewall via the diags page but is what I’m trying to do possible? I want to not have this user use two different VPN connections as both sites are linked via site-to-site.


Category: Mid Range Firewalls
Reply
Tagged:

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    This has been asked and answered many times.

    Add the remote subnet to the SSLVPN Client Settings \ Client Routes (this will add the route to the end user machine once connected via NetExtender).

    Add the remote subnet, or IP in the remote subnet, to the users VPN access in Local Users \ %USER% \ VPN access (this will grant the user access to the remote resource).

    If you manually added Access Rules for the site to site VPN you will also have to add a rule to allow SSLVPN to VPN and vice versa.

  • PaulS83PaulS83 Newbie ✭

    I've done the first two steps but it hasn't worked. looking into your last step now.

  • PaulS83PaulS83 Newbie ✭
    edited September 28

    The rules were auto created. Can't get it to work.


  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Is your VPN tunnel site to site or tunnel interface? Is your SSLVPN client subnet included in the site to site / route through tunnel?

    Have you run a packet capture to determine where the packets are getting dropped?

  • PaulS83PaulS83 Newbie ✭

    VPN is site-to-site

    "Is your VPN tunnel site to site or tunnel interface? Is your SSLVPN client subnet included in the site to site / route through tunnel?" NOt following you on this one. Is this what you're referring to?


  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Yes, the 'Local Networks' setting on the S2S VPN config. Does 'firewalled subnets' include the SSLVPN Client IP address range? I'm going to guess no.

Sign In or Register to comment.