Link to home
Start Free TrialLog in
Avatar of James Seifert
James Seifert

asked on

DHCP over Sonicwall Tunnel

Hello,

We are looking into setting up a remote site tunnel using a Soncwall NSA 2600 (local) and a Cisco RV110W (remote). We would like to have DHCP from our local network (10.56.102.0 /24) to give addresses through the tunnel, to hosts connected to the Cisco device. So hosts on the remote network, would look as if they have a 10.56.102.0 address. Is this possible?

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of Nathan Hawkins
Nathan Hawkins
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of John
John
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of John
John
Flag of Canada image
I should add that forcing the remote site to go the office for all its traffic (that is what DHCP will do) will be very slow (slower than VPN is anyway).
Avatar of JAN PAKULA
JAN PAKULA
Flag of United Kingdom of Great Britain and Northern Ireland image
We tried that solution - very quickly went back (and that was on 100Mbps bearer - with latency less then 10ms)
basically when you have vpn tunnel -  packets have to be formatted  to pass the tunnel (and obviously inspected) =which is slow
Avatar of JAN PAKULA
JAN PAKULA
Flag of United Kingdom of Great Britain and Northern Ireland image
solution to your problem would be using variable subnetting

like

10.56.102.0 /25
network 1 from 10.56.102.0
10.56.102.1-10.56.102.126  (127 broadcast)

network 2 from
10.56.102.128 /25
10.56.102.129-10.56.102.254 (255 broadcast)

so your subnet mask on both would be 255.255.255.128
SOLUTION
Avatar of JAN PAKULA
JAN PAKULA
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Nathan Hawkins
Nathan Hawkins
Flag of United States of America image
The question that was asked was whether it was possible and my original response pretty much addressed this question. Dont do it... As for the specifics... Setup an entirely different DHCP scope for the remote office to use. I wouldnt use anything even close. Use the 172.16.0.0 /26 RFC 1918 subnet for Non Local but stil trusted traffic. Logically this is better because now for logging purposes you know exactly who is doing what with regards to access by IP per outside office.