Sonic Wall 2040 VPN Client access to branch sites not working

Posted on 2009-07-14
Last Modified: 2012-05-07
I have one main office and 10 branch offices . All branch offices have a VPN Tunnel setup to come back to main office on the Sonicwall 2040 (using cisco 806 and 871 routers). Issue is that users that use the sonic wall VPN Client while offsite can connect to main office and see everything at the main office but cannot see any of the branch offices. The sonicwall appliance is running SonicOS Standard The client VPN are set to use split tunnels.
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 32

Expert Comment

ID: 24860283
As you are running split tunnels on VPN clients; the remote users would not be able to send traffic to remote tunnels as the traffic from their machine for remote tunnels would not flow over the VPN tunnel.

You can use default route tunnels instead; of if an option; include all other subnets in the split tunel configuration [I am not sure if you can include all 10].

Please let know if you need more details.

Thank you.

Author Comment

by:Information Technology
ID: 24861634
Thanks for the reply. I have tried also different configurations with no success. I have dropped the split tunnels and set the following options for my GroupVPN settings (screenshots attached). I still cannot access any of the other sites. I can ping the gateway but that's it...
 Sorry I am not very familiar with the Sonicwall VPN configuration... Thanks for any input you have!

LVL 32

Expert Comment

ID: 24870462
Under Client tab; client connections, set "Allow Connections to" to "All Secured Gateways"; this should help.

If it still does not work, then under Advanced tab, set Default LAN gateway as

Please note you would need to change the settings on the client or reimport the configuration file.

Please check and update.

Thank you.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

by:Information Technology
ID: 24897755
Thanks for the reply. I did try your siggestions and some other combinations of those but still no go. I cannot ping anything outside of the main network. We are anyway considering going with a Cisco ASA 5505 or 5510 instead of renewing the Sonicwall 2040... All the other router beeing Cisco, it will probably unify our network. Please let me know if you have any other suggestions just in case. I am suspecting maybe a firewall rule is blocking the VPN traffic but even if I don't enable the NAT and Firewall rules options, it does not make any difference.
LVL 32

Accepted Solution

dpk_wal earned 500 total points
ID: 24901863
I am assuming that the remote cilents are getting IP in the same subnet as trust network; if not then yes you would need a firewall policy/rule allowing traffic from remote clients to remote subnet; also, in this case the VPN tunnel definitions need to include remote client subnet at all ends.

I would like to know when you enabled default route tunnel; at that time before and after tunnel establishment from the client, can you check the output of following command:
route print
and ensure that the remote IP as assigned by Sonicwall is the default gateway on the client machine. Also, if possible run some packet capture (like wireshark) and sniff to see if the packets are reaching the network behind sonicwall.
If yes, then based on the policies the traffic should get routed to the remote VPN tunnels.

Other than I am not sure what else could be blocking the traffic.

Thank you.

Author Closing Comment

by:Information Technology
ID: 31603273
hi, thanks for trying to resolve this. It is time for an update of our VPN so I did not persue with issue. I think it will be solved when we switch the appliance with a new one.
LVL 32

Expert Comment

ID: 25017127
Thank you for the points!

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
New office setup 2 38
Opening Ports for Specific LAN IP Address on Juniper SRX240 3 82
SSL VPN to Fortigate 100D 2 32
DNS and Promoting Server 2012R2 to DC Issues 10 48
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question