Creating a Tunnel with Sonic Wall TZ and Somic Wall SOHO3

I have created a tunnel between two location of our company using a Sonic Wall TZ at our corporate location and a SOnic Wall SOHO3 at our Satelittle location. The tunnel seems to work fine at the satelitte location when I plug the Sonic Wall LAN port directly into a single PC. When I do this everything passes fine and works. I can get an IP address, get out to the internet, remotoe desktop into other machines.

However, when I plug the SOnic Wall into a switch nothing will work. Checking the logs in the Sonic Wall I get this IP Spoofing error.

"IP spoof detected on packet to Central Gateway, packet dropped"

I've tried all kinds of solutions like using a cross-over cable from the Sonic Wall to the switch, created numerous rules but I must being doing something wrong at some point. Has anyone come accross this issue? Thanks.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

did you define a LAN interface in Sonicwall ? you need to define a LAN interface and trust it , then connect it to the switch.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HLF_DavidAuthor Commented:
I am assuming you are talking about defining the LAN interface at the satelittle location? For the satelittle location I am using the SOHO3 SOnic Wall. NOt sure where to go to define the LAN interface and trust it.

Forgive me for my ignorance  am I filling in for the on-site Network guy and I am a programmer. So alot of this is foreign to me.

After defining your LAN interface and LAN zone ; you should be able to define firewall access rules from LAN to VPN .

what do you see under Network>Zone ?
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

No worries , I think you are doing great .

In your SOHO 3 ; do you have a NETWORK section in web GUI ? do you see interface and zones options ?
where do you see the IP spoofing error ? on SOHO or on TZ ?
I have a similar setup..

I have a SOHO2 .. looking into it now ; let's see the similarities...

Under General > Network : Make sure "NAT enabled " is selected.
Under Sonicwall LAN IP address : make sure you have an IP in the range that you considered for your satellite network .

from ACCESS > service ; make sure default is selected at least.

Under ACCESS > Rules : Make sure you allow services from source (LAN) to destination(*).

this is on SOHO side ; If you get the IP spoofing error on TZ , let me know .
Syed_M_UsmanSystem AdministratorCommented:
Dear could you please answer "where do you see the IP spoofing error ? on SOHO or on TZ ? "

apart from above could you please let us know how many network switches you have, are you using VLANs in your office?
what is the lan subnet of your site and what is the lan subnet of other site?

""IP spoof detected on packet to Central Gateway, packet dropped" this error has nothing to do with NAT or Routing
HLF_DavidAuthor Commented:
Ok. I stopped and did a little thinking and figured out what was causing the IP Spoofing issues.

What happened is this. Before I finished the tunnel I had move over 3 server from corporate to set up at the satelittle location. They had already been assigned a DHCP lease at corporate so when I plugged them up here and to the switch and then plugged the Sonic Wall into the switch they conflicted.

To remedy this I unplugged everything from the switch and unplugged it. Then I plugged the LAN from the Sonic Wall to the switch. After that I used a HotSpot connection to VPN to corporate and release the DHCP leases assigned to the servers. Once I did that I hooked up an individual PC and then the servers and everything is working as it should be.

Thanks for the help your posts got me to thinking along a different tangent.
HLF_DavidAuthor Commented:
The post got me to thinking about how I hooked everything up to the switch and in what order. It helped lead to a final solution.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.