Cannot access connected AWS VPC from SSL VPN clients
At the office we have connected the Sonicwall to an AWS VPC where we have a SQL Server. Works great for all computers in the office.
However, traveling users who connect to the office network via Sonicwall SSL VPN cannot access those resources..
I can't figure out why. Would appreciate some guidance here.
Best Answer
-
shiprasahu93 Moderator
You can find the 6.5 section if you scroll down a bit. Since this is a route-based VPN, I am guessing the source of the route is set to Any and that includes the SSLVPN IP pool.
On the AWS end, you would need to add routing for the SSLVPN IP pool as well as you have for your LAN network at the moment.
Thank you!
Shipra Sahu
Technical Support Advisor, Premier Services
0
Answers
Hello @ASHW,
Welcome to the SonicWall community.
You need to make sure that SSLVPN IP pool is part of the VPN configured to AWS and the AWS network is added in client routes and VPN access for the SSLVPN client.
The details are given in the following KB.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Thanks for your reply and link to article. (fyi: I am using SonicOS 6.5)
I have completed steps 2 and 3 as instructed in the article, but not step 1. My VPN Policies do not contain anything in Destinations, nor do I see any place in the configuration to add Destination(s).
Yes, I used the 6.5 instructions.
Bingo! Your last sentence there got me on the right track. I had not added the SSLVPN IP pool to the routing on the AWS side of the VPN connection. Once I did that it all worked. Thanks very much, indeed!!
Perfect! Glad that things are working correctly now.
Have a good one!
Shipra Sahu
Technical Support Advisor, Premier Services
Hello,
I'm in this same situation and was wondering if anyone could provide a couple extra details. I have the SSL VPN Pool set to 192.168.168.100 - 200 on the SonicWall. In AWS under the site to site vpn static routes I added a route for 192.168.168.0/24. I also made sure to add the AWS network to the SSL VPN client routes and to the SSL VPN group. I'm not sure if I'm missing something or have something configured wrong. If anyone has any thoughts I would appreciate it.