Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Unable to access subnet on remote network using SonicWALL TZ-215 and NSA 2400.

Posted on 2013-01-18
4
Medium Priority
?
1,050 Views
Last Modified: 2013-01-18
I need to know if my SonicWALL TZ-215 will support static routes through a site-to-site VPN tunnel. My Madison office has a site-to-site VPN connection to HQ. Chicago is on a Metro Ethernet connection with HQ and shares HQ's NSA 2400 for Internet access.

Madison needs to connect to Chicago's subnet via their site-to-site connection with HQ if possible. Will this work with TZ-215 via an IPSec site-to-site VPN tunnel to my HQ office? Or is there a better way to handle this.

Basically, my Madison TZ-215 does not know how to get to Chicago (without a TZ-215). Both Madison and Chicago are connected to HQ's network.

Thank you.
0
Comment
Question by:vsCoder
  • 2
  • 2
4 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 38793528
Do all 3 sites have different non routable ip address ranges on their LAN?

Is Chicago connected via a different Sonicwall X interface other than the WAN. If so, how is it configured?
0
 
LVL 1

Author Comment

by:vsCoder
ID: 38793860
@carlmd - thank you for your response. All sites have non-routable IPs on their LANs. Our new provider has connected our Chicago and Corporate offices (along with a couple of other subnets) to their Metro Ethernet network. Chicago comes into my LAN subnet via a separate Cisco router. My NSA 2400 then provides both Corporate and the Chicago subnet Internet access. Make sense?

Madison is on a separate Internet connection using a site-to-site VPN connection from their SonicWALL TZ-215 to my Corporate SonicWALL NSA 2400.
0
 
LVL 20

Accepted Solution

by:
carlmd earned 2000 total points
ID: 38793972
So if I understand Chicago bypasses the Sonicwall and is directly connected to your LAN.

I assume you currently have a permanent route at corporate that allows the LAN there to connect to Chicago, with the Cisco router as the gateway. Is that correct.

I would try...

I assume you can ping anything on your corporate LAN from Madison, true?
From Madison I would traceroute to the ip of the Cisco router at corporate.  Can you get there?
If so, try adding a static route at Madison that has the Cisco router as the gateway and the Chicago subnet as the destination.

What happens now?
0
 
LVL 1

Author Comment

by:vsCoder
ID: 38794112
Thank you, carlmd.

I was able to solve the problem with some additional VPN policies on the TZ-215 and NSA 2400. All is well now.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month20 days, 16 hours left to enroll

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question