DHCP over Sonicwall Tunnel


We are looking into setting up a remote site tunnel using a Soncwall NSA 2600 (local) and a Cisco RV110W (remote). We would like to have DHCP from our local network ( /24) to give addresses through the tunnel, to hosts connected to the Cisco device. So hosts on the remote network, would look as if they have a address. Is this possible?

James SeifertAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nathan HawkinsTechnical Lead - Network SecurityCommented:
Why would you do this? If anything happens to the circuit, internet routing goes wonky, edge equipment failure...practically anything... The remote office is pretty hosed... You need to setup a remote server onsite at the remote office that does all of the Day to Day services so that latency and other single point of failure mission critical services are delivered properly and you dont have to troubleshoot anything of that nature WHEN something goes wrong.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnBusiness Consultant (Owner)Commented:
I would not do that (agree with the above).

Both the Sonic Wall and Cisco are capable of split tunneling and both can give out IP addresses. So assuming the Cisco is remote, set it up to hand out DHCP locally to the remote devices. I can do this with my Cisco box.

I am assuming you don't want an actual server at the remote site. Please let us know about that.
JohnBusiness Consultant (Owner)Commented:
I should add that forcing the remote site to go the office for all its traffic (that is what DHCP will do) will be very slow (slower than VPN is anyway).
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

JAN PAKULAICT Infranstructure ManagerCommented:
We tried that solution - very quickly went back (and that was on 100Mbps bearer - with latency less then 10ms)
basically when you have vpn tunnel -  packets have to be formatted  to pass the tunnel (and obviously inspected) =which is slow
JAN PAKULAICT Infranstructure ManagerCommented:
solution to your problem would be using variable subnetting

like /25
network 1 from  (127 broadcast)

network 2 from /25 (255 broadcast)

so your subnet mask on both would be
JAN PAKULAICT Infranstructure ManagerCommented:
or use 2 different subnets with dhcp on each location(much easier to manage)
Nathan HawkinsTechnical Lead - Network SecurityCommented:
The question that was asked was whether it was possible and my original response pretty much addressed this question. Dont do it... As for the specifics... Setup an entirely different DHCP scope for the remote office to use. I wouldnt use anything even close. Use the /26 RFC 1918 subnet for Non Local but stil trusted traffic. Logically this is better because now for logging purposes you know exactly who is doing what with regards to access by IP per outside office.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.