Solved

Can't ping second VLAN subnet through SonicWall TZ215W

Posted on 2015-02-02
8
642 Views
Last Modified: 2015-02-03
I have a SonicWall TZ-215W setup in bridge mode.
- Wireless is a guest network only for internet access 100.150.10.x
- X0 is LAN 192.168.10.x
- X1 is WAN

I also have a Cisco SG300-20 that is configured as a layer 3 switch with two VLAN's
- VLAN1 192.168.10.x
- VLAN10 192.168.0.x

Everything works great internally. I can ping/access both VLAN's from both the SG300 and the SonicWall. I can use the diagnostic tools from the SonicWall and ping devices on both VLAN's using the X1 interface. I can access the internet from both VLAN's.

When I connect via VPN or SSLVPN I can ping everything on VLAN1, but cannot touch anything on VLAN10.

I am probably overlooking something simple, but running out of time to get this up and running.
0
Comment
Question by:teckygeek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40585997
Under SSLVPN -> Client Routes have you added VLAN10?
0
 

Author Comment

by:teckygeek
ID: 40586420
I have, but I am still unable to ping anything on VLAN10 through a VPN/SSLVPN connection.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40586515
Any chance that the subnet on the client end of the SSLVPN is the same as VLAN10?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:teckygeek
ID: 40586841
Client is setup for DHCP and obtains an IP address from VLAN1
192.168.10.x/255.255.255.0

Route(s) on the client
SSLVPN
192.168.10.0/255.255.255.0
192.168.0.0/255.255.255.0

Global VPN Client
10.50.100.0/255.255.255.0
192.168.0.0/255.255.255.0
192.168.10.0/255.255.255.0
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40586866
With the SSLVPN connected, do a "netstat -rn" in a command prompt window on the client. Does it have a route to vlan10?

If possible, post the result with the SSLVPN both connected and disconnected.,
0
 

Author Comment

by:teckygeek
ID: 40587100
Disconnected

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           18        0     en0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36111     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        19        0     en0   1178
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         36      944     en0   1194
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          2    55090     en0    925
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     2761     en0    914
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.255      ff:ff:ff:ff:ff:ff  UHLWbI          0       11     en0
172.16.208/24      link#12            UC              2        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.208.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet8
172.16.252/24      link#11            UC              2        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
172.16.252.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       11  vmnet1

Connected
Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.12.1        UGSc           55        0     en0
default            link#10            UCSI            0        0   utun0
64.2.21.107/32     link#10            UCS             0        0   utun0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              4    36115     lo0
169.254            link#4             UCS             0        0     en0
172.16.12/24       link#4             UCS             4        0     en0
172.16.12.1/32     link#4             UCS             1        0     en0
172.16.12.1        c0:67:af:db:cf:61  UHLWIir        57        0     en0   1100
172.16.12.5        0:50:56:b9:2b:7c   UHLWIi         49     1457     en0   1193
172.16.12.15       78:2b:cb:3a:e6:c5  UHLWIi          3    81513     en0    787
172.16.12.25       0:11:32:13:b:b1    UHLWIi          1     3697     en0    776
172.16.12.201/32   link#4             UCS             0        0     en0
172.16.12.205      28:cf:e9:17:f2:f9  UHLWI           0        0     en0   1117
172.16.208/24      link#12            UC              1        0  vmnet8
172.16.208.1       0:50:56:c0:0:8     UHLWIi          1       29     lo0
172.16.252/24      link#11            UC              1        0  vmnet1
172.16.252.1       0:50:56:c0:0:1     UHLWIi          1       29     lo0
192.168.0          link#10            UCS             0        0   utun0
192.168.10         link#10            UCS             0        0   utun0
192.168.10.5/32    link#10            UCS             1        0   utun0
192.168.10.5       link#10            UHWIi           6        8   utun0
192.168.10.67      192.168.10.67      UH              0        0   utun0
SonicWall WAN IP Address    172.16.12.1        UGHS            0        0     en0
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 500 total points
ID: 40587340
in the sonicwall, network, routing, do you have something like this:
Any       N-vlan10       Any       R-sg300       X0       20       8
0
 

Author Closing Comment

by:teckygeek
ID: 40587358
I knew it was going to be something simple I overlooked. Added the route and everything works like a charm.

Thanks
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
server can't ping default gateway 25 133
Cisco 5508 WLC software upgrade 2 151
The ideal material to secure cables 7 65
Mesh Router system for 10,000 Sq ft office? 18 20
Broadband over Power Lines Broadband over Power Lines is the technology of transmitting computer data through power lines. This method of connectivity allows the user to have access to the internet without having to rely on additional cables, suc…
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question