Native Windows L2TP Split tunnel has no access to LAN behind TZ300
We have done this MANY times and it works perfectly, but I have one site that it just wont. Its a single site with no SITE-to-SITE VPNs. We use the native Windows VPN client with an L2TP/PSK connection to a SonicWall, in this case a TZ300AC with the latest code. The LAN interface is at 192.168.1.1/24 (I know...), the WAN is dynamic PPPoE. We set a DHCP range in the SonicWall's L2TP configuration to use a subset of the LAN interface's subnet because we want to split the tunnel (NOT use the default gateway on the VPN interface) to avoid unnecessary traffic and filtering. The firewall rules are in place to allow ANY/ANY to/from the L2TP Pool and the LAN. The remote PC is NOT the same subnet as the the SonicWall's LAN so no conflict. It connects fine, but we get no responses to pings but we do see the pings being forwarded to the internal host in packet monitor, just no responses received on the SonicWall's LAN interface...... ARP issue?!
Yes, if we change the subnet in the SonicWall's L2TP configuration to something outside the LAN's subnet AND use the default gateway on the VPN interface in Windows, it works, but then we don't have a split tunnel.
So, hopefully someone has seen/lived this and has a viable solution or suggestion. Like I said, we have many sites configured similarly and it usually works perfectly, just not this one..... and its a simple site...