Sonicwall NSA 2400MX - SSLVPN - force clients to use sslvpn to route to a particular ip address

James Ross-Bowles
James Ross-Bowles used Ask the Experts™
on
When users are logged onto the SSLVPN, how do i force them to access a particular website over the sslvpn, instead of via their own internet connection.  i am able to do this easily via openvpn's sslvpn by adding the websites ip to the list of private subnets.  how do i do this with the NSA 2400MX.

I tried adding, an address object and bind it to the WAN Zone, and then add that object to the SSLVPN's Client Route page, but its not working.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
One caveat, i do not want to use the Tunnel All mode, is there a way to just route the one ip over the vpn, and not all of its internet traffic?
If you run your own dns server, and have the SSLVPN set to use that dns server, then you can add the www url to your dns such that it resolves to an ip address on your LAN, instead of the WAN.
Clear something up for us..   is the single IP you are wishing to route over the link on your LAN or on the WAN?  In other words, you want just that one ip to route over the VPN and out your default gateway, but all other Internet traffic should stay with the local client?
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
WAN

Author

Commented:
sorry for any confusion.  the address is on the wan.  is a website that will only allow connections from our office ip range . I can achieve this with tunnel all mode, but I don't want all traffic going over our wan just the traffic for things behind the firewall and that one particular website.

Author

Commented:
no replies?
Sorry for the delay.  I have never tried to do such a thing.  It has always been the tunnel all or nothing.  

I have found a few pieces of information that may get you going in the right direction

https://forum.sonicwall.com/showthread.php?t=19017&highlight=route+website+vpn

Author

Commented:
thanks, this got me looking in the right direction.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial