Solved

Route traffic from VPN Client to other Subnets

Posted on 2009-04-09
3
1,937 Views
Last Modified: 2013-11-16
I have the following issue with our Sonicwall Firewall.

Network:  192.168.0.0/255.255.252.0
Remote Subnet:  192.168.5.0/255.255.255.0
Remote Subnet 2: 192.168.15.0/255.255.255.0
VPN Clients:  192.168.0.0/255.255.252.0


I need to be able to access the remote subnets via the Sonicwall Global VPN Client software.  I can connect over VPN and am able to access my 0.0/22 network with no issue but cannot figure out how to get traffic to come from the GVC user to the remote subnets and back again.

Thanks
0
Comment
Question by:mcusadev
3 Comments
 
LVL 9

Expert Comment

by:Frank McCourry
ID: 24114767
Check the client tab of your VPN policy.  Make sure that it is set to use split tunnels.  Then make sure that your routing table has a path to each of the subnets and that your firewall or NAT policies do not block these paths in any way.  You will also need an access rule under your firewall settings that specifically allows VPN clients access to each of the individual networks.
0
 
LVL 16

Accepted Solution

by:
ccomley earned 500 total points
ID: 24143440
First up, you will need something on the remote client to TELL it that the additional networks are to be reached via the VPN tunnel - else to reach thsoe IPs it will send the traffic to the default gateway by default. You may be able to do this by setting the option to force ALL internet (i.e. non-local) traffic from the VPN client to go via the VPN tunnel. But you may not wish to do that - in which case your other option would be manually adding routes to the client PC - which you can perhaps do with a BAT (CMD) file full of ROUTE ADD commands which in turn can be called by the "run program on connection" option of the GVPN client.


SECOND don't forget you will need return routes BACK from the other networks to the VPN host network for the VPN client's IP - though with more modern Sonicwall s/w this will be an IP address in the host LAN range issued by the DHCP server, not a remote IP address - so this bit probably isn't the issue.

0
 

Author Comment

by:mcusadev
ID: 24170497
ccomley:  makes sense.  I will give that a shot and report back.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2008 cannot logon remotely 7 55
WiFi Router device supports GPON! 3 58
VPN tunnel between Watchguard and OpenVPN? 1 36
Teamviewer vpn for dc replication 9 21
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question