SonicWall Connect
Het1920
Newbie ✭
in VPN Client
Hi Everyone,
I have a strange issue with my VPN. If the user IP address is the same as our IP address range they are unable to access any of our servers once connected via SonicWall Mobile Connect.
Example. User home network IP address 192.168.0.x will be unable to connect or ping anything on the other end of the VPN with an address of 192.168.0.x
If the user changes their address to 192.168.1.x they are able to connect to anything on the 192.168.0.x range.
So far Virgin Media and Sky have the above issue. BT works as expected.
The firewall is a SonicWALL NSA 3600. The user device is various MacBook's.
Thanks!
Category: VPN Client
Tagged:
0
Answers
Just to clear things up a little more.
The network is seeing the users IP address assigned by their own DHCP rather than the address assigned to the VPN client. The IP address shown on the client under the monitor tab is different than the users IP address. 10.2.2.x is the range assigned to it.
@Het1920
I always prefer different DHCP pool for GVC users. Do one thing configure one empty Firewall port for GVC ( Dont connect any cable on that port) & configure a different subnet for the GVC and its should be under LAN Zone.
For example follow the below screen shot.
LAN Interface:
GVC Interface (Should be empty port & do not use for anything)
Then configure the DHCP Pool for the GVC Users:
Then Configure the DHCP Over VPN as same as below;
try above steps and let us know if its help you to resolve your GVC issues.
Hello Ajishlal,
We use mobile connect that uses SSLVPN rather than GVC. GVC doesn't work for MacOS devices.
Thanks for your advise so far but it appears the setup you proposed wont work for us.
Thanks
Just an update i have found this link.
Currently following the instructions and it looks like everything has been configured correctly.
I have noticed an issue in a NAT policy. Will test over the weekend and report back.
Followed the instructions exactly and still have the same original problem. Any suggestions would be appreciated.
Hi @Het1920
if your network and end user home network ips are same. Mobile connect doesn't work. If it is possible to change your ssl vpn network ip segment.
before change the ip segment please check the "Tunnel All Mode" disabled. if tunnel all mode is disabled and same ip network doesn't work again than chenge the ssl-vpn network ip blocks.