Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 850
  • Last Modified:

Can't ping second VLAN subnet through SonicWall TZ215W

I have a SonicWall TZ-215W setup in bridge mode.
- Wireless is a guest network only for internet access 100.150.10.x
- X0 is LAN 192.168.10.x
- X1 is WAN

I also have a Cisco SG300-20 that is configured as a layer 3 switch with two VLAN's
- VLAN1 192.168.10.x
- VLAN10 192.168.0.x

Everything works great internally. I can ping/access both VLAN's from both the SG300 and the SonicWall. I can use the diagnostic tools from the SonicWall and ping devices on both VLAN's using the X1 interface. I can access the internet from both VLAN's.

When I connect via VPN or SSLVPN I can ping everything on VLAN1, but cannot touch anything on VLAN10.

I am probably overlooking something simple, but running out of time to get this up and running.
0
teckygeek
Asked:
teckygeek
  • 4
  • 3
1 Solution
 
carlmdCommented:
Under SSLVPN -> Client Routes have you added VLAN10?
0
 
teckygeekAuthor Commented:
I have, but I am still unable to ping anything on VLAN10 through a VPN/SSLVPN connection.
0
 
carlmdCommented:
Any chance that the subnet on the client end of the SSLVPN is the same as VLAN10?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
teckygeekAuthor Commented:
Client is setup for DHCP and obtains an IP address from VLAN1
192.168.10.x/255.255.255.0

Route(s) on the client
SSLVPN
192.168.10.0/255.255.255.0
192.168.0.0/255.255.255.0

Global VPN Client
10.50.100.0/255.255.255.0
192.168.0.0/255.255.255.0
192.168.10.0/255.255.255.0
0
 
carlmdCommented:
With the SSLVPN connected, do a "netstat -rn" in a command prompt window on the client. Does it have a route to vlan10?

If possible, post the result with the SSLVPN both connected and disconnected.,
0
 
teckygeekAuthor Commented:
Disconnected

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           18        0     en0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36111     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        19        0     en0   1178
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         36      944     en0   1194
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          2    55090     en0    925
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     2761     en0    914
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.255      ff:ff:ff:ff:ff:ff  UHLWbI          0       11     en0
172.16.208/24      link#12            UC              2        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.208.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet8
172.16.252/24      link#11            UC              2        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
172.16.252.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet1

Connected
Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           55        0     en0
default            link#10            UCSI            0        0   utun0
64.2.21.107/32     link#10            UCS             0        0   utun0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36115     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        57        0     en0   1100
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         49     1457     en0   1193
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          3    81513     en0    787
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     3697     en0    776
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.205      28:cf:e9:17:f2:f9  UHLWI           0        0     en0   1117
172.16.208/24      link#12            UC              1        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.252/24      link#11            UC              1        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
192.168.0          link#10            UCS             0        0   utun0
192.168.10         link#10            UCS             0        0   utun0
192.168.10.5/32    link#10            UCS             1        0   utun0
192.168.10.5       link#10            UHWIi           6        8   utun0
192.168.10.67      192.168.10.67      UH              0        0   utun0
SonicWall WAN IP Address    172.16.12.1        UGHS            0        0     en0
0
 
Aaron TomoskyTechnology ConsultantCommented:
in the sonicwall, network, routing, do you have something like this:
Any       N-vlan10       Any       R-sg300       X0       20       8
0
 
teckygeekAuthor Commented:
I knew it was going to be something simple I overlooked. Added the route and everything works like a charm.

Thanks
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now