Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

sonicwall vpn connect through a router at main site from remote site

Posted on 2014-04-04
8
373 Views
Last Modified: 2014-04-08
I have a sonicwall VPN setup between my remote location and main location.  The VPN is working fine.  What I am trying to do is forward all traffic to a certain group of web sites through an IP that is at the main site.

Example:
Remote 172.17.31.X
local 10.2.0.X

When on a computer at the remote and try to connect to the X.X.X.X network I want to to go through a router at 10.2.0.5 even though it will have to go through the vpn and then out this additional router.  How do I accomplish this?
0
Comment
Question by:Dwci
  • 4
  • 4
8 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39980276
Totally possible.
Make your address objects/groups for the router and websites.
Off of memory, I believe its in network->nat
Source - group that you are messing with
Destination - websites
Translated source - gateway
Pretty sure you also have to do the reverse. Start simple with just one ip in the group, say a laptop next to you, and do tracert each step. If you try to do it all at once and it doesn't work you won't know where the problem is.
0
 

Author Comment

by:Dwci
ID: 39980295
So I guess I am lost.  I was thinking I could just use routing, are you saying I need to use NAT?  Specifics
63.90.86.9 destination
10.2.0.5 ip of additional router at main site that I need the traffic to go out through
172.17.31.X subnet of remote location.

Any help you can give is great.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39980505
Sorry I won't have a sonicwall available until Tuesday to look at and give better details.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 500 total points
ID: 39987257
I think nat is overkill and you can do this in routing.

source: any (probably want to just do a single ip for testing then change to any later)
destination: address object group of websites
service: (any would work but I would make an object for http&https)
gateway: 10.2.0.5
interface: (I'm not sure about this, maybe x1 as a fallback)
check "allow vpn path to take precedence"

Start with just one ip in the source and set this up. Run a tracert and see if it works
0
 

Author Comment

by:Dwci
ID: 39987303
Come to find out all of this will work but it was one of the downline routers that didn't know how to get back.  Thanks.
0
 

Author Closing Comment

by:Dwci
ID: 39987307
This is what ended up working but need to make sure downline routers understand how to get back also.
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39987312
curious: what is the interface setting that worked for you? I wonder if it even matters since the vpn path takes precedence anyway...
0
 

Author Comment

by:Dwci
ID: 39987315
I used the same interface as the VPN was on which in my case was X4.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question