Add additional routes to GVC VPN
TZ670 + Global VPN Client.
Our VPN is configured as 'Split Tunnel' and we need to preserve this to manage bandwidth usage.
We cannot move to SSLVPN as we currently have licenses for GVC only.
We have several sites that we use that are locked down for access from our business external IP address only
We need to allow our remote users access to these sites over the VPN.
Question, how do we add additional routes to the 'Split Tunnel' so remote users can access the sites locked down to our external IP address over the VPN?
As a newbie to Sonicwall kit I would appreciate a fairly detailed explanation if possible, or links to documentation.
Many thanks.
Ian.
Best Answer
-
preston All-Knowing Sage ✭✭✭✭
Go off this guide below with the additional changes (ignoring the WAN remote Networks object in the users Group, you can use the Object to simplify the VPN-WAN firewall rule but not in the User Groups) and replacing with the items in 2 & 3
This document presumes you are using X1 as your WAN interface if your is different choose that Interface instead.
2. Create the Address Objects for the remote IP addresses as hosts in the WAN Zone
3. Add these to the User Group used for the VPN policies (usually the Trusted one or if you are using an imported LDAP group add in there as VPN Networks)
4. So in your User Group for the VPN you should have the local Networks and the remote IP Hosts.
1
Answers
@preston
Many thanks for the response, very helpful and as a newbie exactly what I was looking for.
regards