GVPN routing over site to site VPN
ColinTaberner
Newbie ✭
We have two Sonicwall SOHOW (Site A and Site B) with a static VPN tunnel between. Server A (x.1.10.240) exists at Site A (x.1.10.0/24). Site B (x.1.11.0/24) provides access to Global VPN clients (x.1.12.0/24). I would like to be able to set up access and routing on the SOHO devices for Server A to be accessible by Site B Global VPN clients.
I've tried a few scenarios but can't quite seem to get it. There is no problem with Site B GVPN clients accessing Site B.
Thank you!
Best Answer
-
CORRECT ANSWER
KaranM
Administrator
In that case, please follow this:
- Add the GVC subnet under local network on Site B, for example: If you have X0 subnet already selected, create a group which includes the X0 subnet and GVC subnet and select this group under Local network for Site B.
- At Site A under network tab for VPN, please include GVC subnet as destination network, here create a group consisting of Site B Local network and GVC network. Please make sure the zone for the GVC network is set to VPN here.
- Also under the User Access list for GVC users at Site B, make sure the Site A network or Site A Server is added based on your requirement.
Tip: Please take an export of your settings on both the ends before making these changes and also I would suggest scheduling a downtime for this, in case this is a business-critical setup.
Thank You
Knowledge Management Senior Analyst at SonicWall.
5
Answers
Hello @ColinTaberner ,
I hope you are doing well!
Can you please follow: https://www.sonicwall.com/support/knowledge-base/accessing-remote-site-resources-when-connected-to-the-main-site-via-remote-vpn-client/170505963174776/ and let me know if this works for you?
Thank You
Knowledge Management Senior Analyst at SonicWall.
The configuration in the link looks like it should work - it's a VERY similar setup - but it doesn't. Site B uses central gateway (the Sonicwall itself) for dhcp to the VPN clients. The dhcp subnet for VPN clients is different than the LAN subnet at Site B. The reason i'm saying this is i think that's where the issue lies - Site A has no "knowledge" of Site B VPN DHCP subnet...
Thanks!
Thank you VERY VERY much!
@ColinTaberner ,
You are welcome.
Knowledge Management Senior Analyst at SonicWall.