• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 407
  • Last Modified:

Two dedicated lines going into Sonicwall, but only one of them accepts VPNs!

hi guys,

we have an Sonicwall NSA 3500. We have two dedicated lines going into it; one is a 4/4 and the other is a 10/10. The 10/10 has been set as the 'primary' WAN ethernet interface. The issue I'm having is that the 10/10 seems to accept VPN's, however whatever I do, I can't get anything connected on VPN to the 4/4.

Any ideas why or how to diagnose this?

Thanks peeps
Yashy
0
Yashy
Asked:
Yashy
  • 6
  • 3
2 Solutions
 
amatson78Commented:
There are two key parts to using multiple WAN connections with the VPN. Is this for failover? Is this between two SonicWALLs? I have included screen shots for example below. In this example the main side has the two WAN IPs. For the 10/10 I uses 1.1.1.1 and the 4/4 I used 2.2.2.2, the remote location is 3.3.3.3

On the remote site ad 1.1.1.1 for the primary and 2.2.2.2 for the secondary. The on the advanced tab make sure the VPN is bound to "Zone WAN". This will allow any "WAN" address to accept the VPN as long as both Phase 1 and Phase 2 of the VPN Matches.

 Main VPN Configuration Remote VPN Configuration Advanced tab for VPN binding.
Once setup you would have to pull the cable on the 10/10 connection and then attempt to connect the VPN again. Once the remote side cannot reach the primary WAN it will attempt the secondary IP in this case the 4/4 connection.

If it still does not work can you post screen shots of your setup as well as any log files pertaining to the VPN.

Regards,
Alan
0
 
Syed_M_UsmanCommented:
attached may help you
VPN-Policy-X2.png
0
 
YashyAuthor Commented:
Dude, thanks so much for posting.

On the remote sit I have only a draytek router 2820 which connects without any problems to the 10/10 (X2) on the Sonicwall. It's when I disconnect it from the 10/10 and try to connect the VPN to the 4/4 (X1) on the Sonicwall  that it doesn't pick up anything and the configurations are exactly the same so it should work.

I'm not trying to do failover. I just want all of our VPN's to be put on the 4/4 line that's all, but seeing as I can't, I'm having to connect the Draytek 2820s to the 10/10 instead.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
YashyAuthor Commented:
Guys, I'll test this on Monday and see how it goes and follow it up with the points. Thanks again.
0
 
YashyAuthor Commented:
Worked beautifully.
0
 
amatson78Commented:
Any assist points since I did provide the same solution first ?
0
 
YashyAuthor Commented:
Yes, I meant to accept both solutions but submitted for just one. How can I do that?
0
 
YashyAuthor Commented:
I've asked a moderator to offer points to Amatson78 also, so am waiting feedback.
0
 
amatson78Commented:
Lol ty, gotta keep the community growing ;)
0
 
YashyAuthor Commented:
Still am unable to give points here....
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now