Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Can't ping second VLAN subnet through SonicWall TZ215W

Posted on 2015-02-02
8
Medium Priority
?
783 Views
Last Modified: 2015-02-03
I have a SonicWall TZ-215W setup in bridge mode.
- Wireless is a guest network only for internet access 100.150.10.x
- X0 is LAN 192.168.10.x
- X1 is WAN

I also have a Cisco SG300-20 that is configured as a layer 3 switch with two VLAN's
- VLAN1 192.168.10.x
- VLAN10 192.168.0.x

Everything works great internally. I can ping/access both VLAN's from both the SG300 and the SonicWall. I can use the diagnostic tools from the SonicWall and ping devices on both VLAN's using the X1 interface. I can access the internet from both VLAN's.

When I connect via VPN or SSLVPN I can ping everything on VLAN1, but cannot touch anything on VLAN10.

I am probably overlooking something simple, but running out of time to get this up and running.
0
Comment
Question by:teckygeek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40585997
Under SSLVPN -> Client Routes have you added VLAN10?
0
 

Author Comment

by:teckygeek
ID: 40586420
I have, but I am still unable to ping anything on VLAN10 through a VPN/SSLVPN connection.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40586515
Any chance that the subnet on the client end of the SSLVPN is the same as VLAN10?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:teckygeek
ID: 40586841
Client is setup for DHCP and obtains an IP address from VLAN1
192.168.10.x/255.255.255.0

Route(s) on the client
SSLVPN
192.168.10.0/255.255.255.0
192.168.0.0/255.255.255.0

Global VPN Client
10.50.100.0/255.255.255.0
192.168.0.0/255.255.255.0
192.168.10.0/255.255.255.0
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40586866
With the SSLVPN connected, do a "netstat -rn" in a command prompt window on the client. Does it have a route to vlan10?

If possible, post the result with the SSLVPN both connected and disconnected.,
0
 

Author Comment

by:teckygeek
ID: 40587100
Disconnected

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           18        0     en0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36111     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        19        0     en0   1178
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         36      944     en0   1194
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          2    55090     en0    925
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     2761     en0    914
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.255      ff:ff:ff:ff:ff:ff  UHLWbI          0       11     en0
172.16.208/24      link#12            UC              2        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.208.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet8
172.16.252/24      link#11            UC              2        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
172.16.252.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet1

Connected
Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           55        0     en0
default            link#10            UCSI            0        0   utun0
64.2.21.107/32     link#10            UCS             0        0   utun0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36115     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        57        0     en0   1100
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         49     1457     en0   1193
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          3    81513     en0    787
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     3697     en0    776
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.205      28:cf:e9:17:f2:f9  UHLWI           0        0     en0   1117
172.16.208/24      link#12            UC              1        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.252/24      link#11            UC              1        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
192.168.0          link#10            UCS             0        0   utun0
192.168.10         link#10            UCS             0        0   utun0
192.168.10.5/32    link#10            UCS             1        0   utun0
192.168.10.5       link#10            UHWIi           6        8   utun0
192.168.10.67      192.168.10.67      UH              0        0   utun0
SonicWall WAN IP Address    172.16.12.1        UGHS            0        0     en0
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 2000 total points
ID: 40587340
in the sonicwall, network, routing, do you have something like this:
Any       N-vlan10       Any       R-sg300       X0       20       8
0
 

Author Closing Comment

by:teckygeek
ID: 40587358
I knew it was going to be something simple I overlooked. Added the route and everything works like a charm.

Thanks
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

 One of the main issues with network wires is that you never have enough.  You run plenty and plan for the worst case but you still end up needing more.  What many people do not realize is with 10BaseT and 100BaseT (but not 1000BaseT) networks you …
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question