?
Solved

Route traffic from VPN Client to other Subnets

Posted on 2009-04-09
3
Medium Priority
?
2,024 Views
Last Modified: 2013-11-16
I have the following issue with our Sonicwall Firewall.

Network:  192.168.0.0/255.255.252.0
Remote Subnet:  192.168.5.0/255.255.255.0
Remote Subnet 2: 192.168.15.0/255.255.255.0
VPN Clients:  192.168.0.0/255.255.252.0


I need to be able to access the remote subnets via the Sonicwall Global VPN Client software.  I can connect over VPN and am able to access my 0.0/22 network with no issue but cannot figure out how to get traffic to come from the GVC user to the remote subnets and back again.

Thanks
0
Comment
Question by:mcusadev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Expert Comment

by:Frank McCourry
ID: 24114767
Check the client tab of your VPN policy.  Make sure that it is set to use split tunnels.  Then make sure that your routing table has a path to each of the subnets and that your firewall or NAT policies do not block these paths in any way.  You will also need an access rule under your firewall settings that specifically allows VPN clients access to each of the individual networks.
0
 
LVL 17

Accepted Solution

by:
ccomley earned 2000 total points
ID: 24143440
First up, you will need something on the remote client to TELL it that the additional networks are to be reached via the VPN tunnel - else to reach thsoe IPs it will send the traffic to the default gateway by default. You may be able to do this by setting the option to force ALL internet (i.e. non-local) traffic from the VPN client to go via the VPN tunnel. But you may not wish to do that - in which case your other option would be manually adding routes to the client PC - which you can perhaps do with a BAT (CMD) file full of ROUTE ADD commands which in turn can be called by the "run program on connection" option of the GVPN client.


SECOND don't forget you will need return routes BACK from the other networks to the VPN host network for the VPN client's IP - though with more modern Sonicwall s/w this will be an IP address in the host LAN range issued by the DHCP server, not a remote IP address - so this bit probably isn't the issue.

0
 

Author Comment

by:mcusadev
ID: 24170497
ccomley:  makes sense.  I will give that a shot and report back.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month15 days, 6 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question