We help IT Professionals succeed at work.
Get Started

Add VPN Router Hardware to VPN Firewall Sonicwall Hardware

Last Modified: 2012-05-09
We currently have a VPN Firewall (Sonicwall Pro3060).  An outside company is requiring to install a VPN router on our network to secure VPN to them. Our SonicWall already has IPsec VPN tunnels to our other office locations.  One static route is configured to one of our offices that we have a T1 connection to.  We have a block of 5 static IPs from our Cable ISP.  The two WAN ports are already being used on the Sonicwall Pro3060 (one for internet connetivity/webhosting the other for the vpn tunnels).  We cannot assign another static IP to an interface on the sonicwall, which I would assume we would require to NAT the additional VPN router behind one of the interfaces.

I'm sure this is very simple in theory but am getting confused with everything else comes into play with the existing VPNS and that the sonicwall is our VPN router already.  Am I just assigning a port and NAT one of the IP addresses on the existing interface to the external port of the new VPN router?

I am not configuring the new VPN router, it is being preconfigured and sent to us, but requires information from us.  Below is the info that they require, any help on this would be appreciated:

Hosted Router expected configuration (applies to VPN connectivity)
(I italicized my answer and bolded ones I'm not sure of)

-Internet routable IP/subnet mask and default gateway for outside Ethernet port for Hosted vpn router:
-Interface setting for outside port? We are looking for speed (10/100/1000) and duplex (auto, half, full): Auto
-IP/subnet/gateway for inside Ethernet port of Hosted router: /
-Interface setting for inside port? We are looking for speed (10/100/ or 1000) and duplex (auto, half, or full): 100/Full
-Next hop for inside port of Hosted router: Unsure, do I put our exisiting Sonicwall as the Hop?
-Source IP address of traffic inbound to Hosted servers (typically, end user subnet, firewall NAT, firewall hide address): Unsure, is this our WAN IP? 68.190.x.x? with the port?
-For outside PORT, if hosted VPN router would be located behind firewall, we need info for that too (ip, subnet, gateway and associated routable IP/subnet/gateway): Since I think it will have to be behind our Sonicwall, I'm thinking gateway: (sonicwall ip: subnet:

Our local LAN info is 192.168.x.x / /

Thank you.
Watch Question
Top Expert 2010
This problem has been solved!
Unlock 2 Answers and 16 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE