sonicwall vpn connect through a router at main site from remote site

I have a sonicwall VPN setup between my remote location and main location.  The VPN is working fine.  What I am trying to do is forward all traffic to a certain group of web sites through an IP that is at the main site.

Example:
Remote 172.17.31.X
local 10.2.0.X

When on a computer at the remote and try to connect to the X.X.X.X network I want to to go through a router at 10.2.0.5 even though it will have to go through the vpn and then out this additional router.  How do I accomplish this?
DwciAsked:
Who is Participating?
 
Aaron TomoskySD-WAN SimplifiedCommented:
I think nat is overkill and you can do this in routing.

source: any (probably want to just do a single ip for testing then change to any later)
destination: address object group of websites
service: (any would work but I would make an object for http&https)
gateway: 10.2.0.5
interface: (I'm not sure about this, maybe x1 as a fallback)
check "allow vpn path to take precedence"

Start with just one ip in the source and set this up. Run a tracert and see if it works
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
Totally possible.
Make your address objects/groups for the router and websites.
Off of memory, I believe its in network->nat
Source - group that you are messing with
Destination - websites
Translated source - gateway
Pretty sure you also have to do the reverse. Start simple with just one ip in the group, say a laptop next to you, and do tracert each step. If you try to do it all at once and it doesn't work you won't know where the problem is.
0
 
DwciAuthor Commented:
So I guess I am lost.  I was thinking I could just use routing, are you saying I need to use NAT?  Specifics
63.90.86.9 destination
10.2.0.5 ip of additional router at main site that I need the traffic to go out through
172.17.31.X subnet of remote location.

Any help you can give is great.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Aaron TomoskySD-WAN SimplifiedCommented:
Sorry I won't have a sonicwall available until Tuesday to look at and give better details.
0
 
DwciAuthor Commented:
Come to find out all of this will work but it was one of the downline routers that didn't know how to get back.  Thanks.
0
 
DwciAuthor Commented:
This is what ended up working but need to make sure downline routers understand how to get back also.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
curious: what is the interface setting that worked for you? I wonder if it even matters since the vpn path takes precedence anyway...
0
 
DwciAuthor Commented:
I used the same interface as the VPN was on which in my case was X4.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.