sonicwall vpn connect through a router at main site from remote site

I have a sonicwall VPN setup between my remote location and main location.  The VPN is working fine.  What I am trying to do is forward all traffic to a certain group of web sites through an IP that is at the main site.

Example:
Remote 172.17.31.X
local 10.2.0.X

When on a computer at the remote and try to connect to the X.X.X.X network I want to to go through a router at 10.2.0.5 even though it will have to go through the vpn and then out this additional router.  How do I accomplish this?
DwciAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Aaron TomoskyConnect With a Mentor SD-WAN SimplifiedCommented:
I think nat is overkill and you can do this in routing.

source: any (probably want to just do a single ip for testing then change to any later)
destination: address object group of websites
service: (any would work but I would make an object for http&https)
gateway: 10.2.0.5
interface: (I'm not sure about this, maybe x1 as a fallback)
check "allow vpn path to take precedence"

Start with just one ip in the source and set this up. Run a tracert and see if it works
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
Totally possible.
Make your address objects/groups for the router and websites.
Off of memory, I believe its in network->nat
Source - group that you are messing with
Destination - websites
Translated source - gateway
Pretty sure you also have to do the reverse. Start simple with just one ip in the group, say a laptop next to you, and do tracert each step. If you try to do it all at once and it doesn't work you won't know where the problem is.
0
 
DwciAuthor Commented:
So I guess I am lost.  I was thinking I could just use routing, are you saying I need to use NAT?  Specifics
63.90.86.9 destination
10.2.0.5 ip of additional router at main site that I need the traffic to go out through
172.17.31.X subnet of remote location.

Any help you can give is great.
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
Aaron TomoskySD-WAN SimplifiedCommented:
Sorry I won't have a sonicwall available until Tuesday to look at and give better details.
0
 
DwciAuthor Commented:
Come to find out all of this will work but it was one of the downline routers that didn't know how to get back.  Thanks.
0
 
DwciAuthor Commented:
This is what ended up working but need to make sure downline routers understand how to get back also.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
curious: what is the interface setting that worked for you? I wonder if it even matters since the vpn path takes precedence anyway...
0
 
DwciAuthor Commented:
I used the same interface as the VPN was on which in my case was X4.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.