SonicWALL Global VPN DHCP over VLAN issues


I am having an issue with our SonicWALL Pro 4100.  I am attempting to set up DHCP over a VLAN on our main subnet (X0) for all of our Global VPN clients.  This was working, but now isn't.  When clients attempt to log in, they can authenticate, but get stuck on the Acquiring IP step.  If I look in the log, the furthest they get is the "DHCP DISCOVER received from remote device" step.  The IP is never sent to them.  Below is the set up:

I have a VLAN set up off of the X0 (LAN) interface.  The IP is with a subnet mask of
I have a Dynamic DHCP entry, enabled, using the interface including IPs with gateway using the VLAN interface.
The WAN Group VPN is set up for the Virtual Adapter to use DHCP Lease.
DHCP over VPN Central Gateway is set to Use Internal DHCP Server for Global VPN Clients with the relay IP set to

I'm not sure where to go from here and SonicWALL support has been pretty much a waste of time.  Any ideas?

Who is Participating?
digitapConnect With a Mentor Commented:
Go to VPN > DHCP over VPN. Confirm Central Gateway then click Configure.  Confirm the following are set:

Check "Use Internal DHCP Server"
Check "For Global VPN Client"
Not Checked "For Remote Firewall"
Not Checked "Send DHCP requests to the server listed below"

Set the "Relay IP Address" to the gateway IP of the X0:V10 (or whatever the VLAN is) VLAN -

Also, on the Local User account on the 3060 that I was using to authenticate, on the Users>Local Users screen, on the VPN Access configuration tab for that user, I allowed access to the following networks;

LAN Primary Subnet
X0:V10 (or whatever the VLAN is) Subnet

Hope it helps!
So, you have an internal Windows server supplying an IP to your GVC clients?  I've only had problems with this.  I setup the Sonicwall to supply IP addresses.
clarkincitAuthor Commented:
No, we have the SonicWALL set up to serve the .12 subnet IPs via DHCP.  It's almost like the SonicWALL can't see the VLAN.  I've tried recreating it using a separate subnet and it still doesn't work.
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

clarkincitAuthor Commented:
These are all done.  I'm really not sure what is going on here.  It is very strange.  It almost looks like it can't get to that DHCP range.  If I change it to use an IP in the LAN range (.1 subnet) or to use our internal DHCP server, it works.  We're running out of IPs and that is why we need this..
clarkincitAuthor Commented:
I gave up on getting this to work.  I decided to set one of our open ports up as a dummy LAN with the .12 subnet assigned to it and run DHCP off of there.  It appears to be working.

I  used directions above to make it work.

Thanks for your assistance!
That's a good idea.  Sorry the VLAN config didn't work.  Thanks for the points!
pdmills12Supervisor of Networks and TelecommCommented:
I know this is an old thread, BUT, For what it's worth... I had the EXACT same scenario with my Sonicwall NSA-3500 and the Accepted Solution actually worked with my VLAN config!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.