Sonic Wall 2040 VPN Client access to branch sites not working

Posted on 2009-07-14
Last Modified: 2012-05-07
I have one main office and 10 branch offices . All branch offices have a VPN Tunnel setup to come back to main office on the Sonicwall 2040 (using cisco 806 and 871 routers). Issue is that users that use the sonic wall VPN Client while offsite can connect to main office and see everything at the main office but cannot see any of the branch offices. The sonicwall appliance is running SonicOS Standard The client VPN are set to use split tunnels.
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 32

Expert Comment

ID: 24860283
As you are running split tunnels on VPN clients; the remote users would not be able to send traffic to remote tunnels as the traffic from their machine for remote tunnels would not flow over the VPN tunnel.

You can use default route tunnels instead; of if an option; include all other subnets in the split tunel configuration [I am not sure if you can include all 10].

Please let know if you need more details.

Thank you.

Author Comment

by:Information Technology
ID: 24861634
Thanks for the reply. I have tried also different configurations with no success. I have dropped the split tunnels and set the following options for my GroupVPN settings (screenshots attached). I still cannot access any of the other sites. I can ping the gateway but that's it...
 Sorry I am not very familiar with the Sonicwall VPN configuration... Thanks for any input you have!

LVL 32

Expert Comment

ID: 24870462
Under Client tab; client connections, set "Allow Connections to" to "All Secured Gateways"; this should help.

If it still does not work, then under Advanced tab, set Default LAN gateway as

Please note you would need to change the settings on the client or reimport the configuration file.

Please check and update.

Thank you.
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!


Author Comment

by:Information Technology
ID: 24897755
Thanks for the reply. I did try your siggestions and some other combinations of those but still no go. I cannot ping anything outside of the main network. We are anyway considering going with a Cisco ASA 5505 or 5510 instead of renewing the Sonicwall 2040... All the other router beeing Cisco, it will probably unify our network. Please let me know if you have any other suggestions just in case. I am suspecting maybe a firewall rule is blocking the VPN traffic but even if I don't enable the NAT and Firewall rules options, it does not make any difference.
LVL 32

Accepted Solution

dpk_wal earned 500 total points
ID: 24901863
I am assuming that the remote cilents are getting IP in the same subnet as trust network; if not then yes you would need a firewall policy/rule allowing traffic from remote clients to remote subnet; also, in this case the VPN tunnel definitions need to include remote client subnet at all ends.

I would like to know when you enabled default route tunnel; at that time before and after tunnel establishment from the client, can you check the output of following command:
route print
and ensure that the remote IP as assigned by Sonicwall is the default gateway on the client machine. Also, if possible run some packet capture (like wireshark) and sniff to see if the packets are reaching the network behind sonicwall.
If yes, then based on the policies the traffic should get routed to the remote VPN tunnels.

Other than I am not sure what else could be blocking the traffic.

Thank you.

Author Closing Comment

by:Information Technology
ID: 31603273
hi, thanks for trying to resolve this. It is time for an update of our VPN so I did not persue with issue. I think it will be solved when we switch the appliance with a new one.
LVL 32

Expert Comment

ID: 25017127
Thank you for the points!

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Let’s list some of the technologies that enable smooth teleworking. 
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question