[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

SonicWALL GroupVPN Clients in a Separate Subnet

Posted on 2010-09-09
7
Medium Priority
?
2,371 Views
Last Modified: 2013-09-16
Some of our remote users use the SonicWALL Global VPN Client to access our corporate network. On our SonicWALL Pro 3060 Enhanced we have the GroupVPN configured so the clients get IP addresses from our internal DHCP server. This works great.

My question is can we create a separate subnet just for VPN clients? Ideally, I would like to use the same DHCP server, just with a different scope for the other subnet. The router between the two subnets (the SonicWALL itself?) would forward requests to the DHCP server.
0
Comment
Question by:ProUAdmin
  • 3
  • 3
7 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33643568
You can create a new DHCP scope on the Windows DHCP server and point to that within the sonicwall.  Or, I use the WLAN DHCP scope on the sonicwall for my GVC users.  It's a separate IP network and it's a little easier to manage security.  It has it's own zone, etc., so security can be managed tighter.
0
 

Author Comment

by:ProUAdmin
ID: 33667923
I know how to create second DHCP scope on my DHCP server, but how do I make the SonicWALL point to that specific scope and how do I prevent clients on my LAN from leasing IP's from it? How do you setup the WLAN DHCP scope for Global VPN clients?
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 2000 total points
ID: 33667938
yeah...that's the tricky part.  i've never thought of doing that before and certainly when you are in the DHCP over VPN section, you can add more than one DHCP server to the list.  I've not figured out how to do that just yet.  You've got me stumped at the moment, but I haven't stopped looking!  if you have support with sonicwall, you might hit them up about it.  i'd be interested in what they might have to say.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 

Author Comment

by:ProUAdmin
ID: 33668021
Good suggestion, digitap. I just submitted a case with SonicWALL support. I'll post the results here.
0
 

Accepted Solution

by:
ProUAdmin earned 0 total points
ID: 33696920
The SonicWALL guy said:

"I am contacting you about your service request for a DHCP lease for GVC clients. There were no notes on the case so I wasn’t sure if you had been assisted yet.

"Unfortunately the GVC clients connecting to the Sonicwall terminal on the LAN zone and use DHCP on that zone. It is not possible to have the DHCP server only give GVC users DHCP without also being available for the LAN clients.

"However, you can set the virtual adapter for the GVC to use a Static lease. Or create a static DHCP lease using the virtual adapter MAC address. Then the client would always get the same address. However, the address does have to be in the same subnet as the LAN address. And make sure any static addresses to not overlap with the dynamic DHCP scope."

So, the answer is no, this can't be done.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33697252
I don't agree with the part about needing to be in the same subnet as the LAN address.  However, that part is really irrelevant.  Ultimately, you can't have multiple DHCP servers servicing GVC clients providing multiple subnet IP addresses to those GVC clients.  However, you CAN create a DHCP scope on the sonicwall, point your GVC clients to it.  Then, setup DHCP reservations based on the GVC mac.


Thanks for the points and answering a puzzling question.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses
Course of the Month19 days, 17 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question