Link to home
Create AccountLog in
Avatar of ProUAdmin
ProUAdmin

asked on

SonicWALL GroupVPN Clients in a Separate Subnet

Some of our remote users use the SonicWALL Global VPN Client to access our corporate network. On our SonicWALL Pro 3060 Enhanced we have the GroupVPN configured so the clients get IP addresses from our internal DHCP server. This works great.

My question is can we create a separate subnet just for VPN clients? Ideally, I would like to use the same DHCP server, just with a different scope for the other subnet. The router between the two subnets (the SonicWALL itself?) would forward requests to the DHCP server.
Avatar of digitap
digitap
Flag of United States of America image

You can create a new DHCP scope on the Windows DHCP server and point to that within the sonicwall.  Or, I use the WLAN DHCP scope on the sonicwall for my GVC users.  It's a separate IP network and it's a little easier to manage security.  It has it's own zone, etc., so security can be managed tighter.
Avatar of ProUAdmin
ProUAdmin

ASKER

I know how to create second DHCP scope on my DHCP server, but how do I make the SonicWALL point to that specific scope and how do I prevent clients on my LAN from leasing IP's from it? How do you setup the WLAN DHCP scope for Global VPN clients?
SOLUTION
Avatar of digitap
digitap
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Good suggestion, digitap. I just submitted a case with SonicWALL support. I'll post the results here.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
I don't agree with the part about needing to be in the same subnet as the LAN address.  However, that part is really irrelevant.  Ultimately, you can't have multiple DHCP servers servicing GVC clients providing multiple subnet IP addresses to those GVC clients.  However, you CAN create a DHCP scope on the sonicwall, point your GVC clients to it.  Then, setup DHCP reservations based on the GVC mac.


Thanks for the points and answering a puzzling question.