Solved

SonicWall Router - VPN Tunnel

Posted on 2016-08-15
7
31 Views
Last Modified: 2016-09-19
Hi Experts,

I’m working on creating a vpn tunnel to a 3rd party host.  The host is sharing their server among a few of the clients.  When setting up a vpn tunnel, the router tech informed me that an existing client is already using the same network addressing scheme as we are.

Is it possible to emulate another network and ultimately have it connect seamlessly onto our network?  This is a client\server configuration so the entire Lan Primary SubNet  will need to access the cloud resource.

We are on 10.0.0.x \ They are on 192.168.250.x

Not sure if this is correct, but I setup the VPN tunnel up to this point as:
Local Network is: should be 10.0.0.0, but I crated 10.0.15.0 thinking I can create a route translation
Destination is: 192.168.250.0

When I attempted to connect the tunnel, of course I get an invalid cookie error which means I don't know what I am doing.

Thanks for any help you can provide.
0
Comment
Question by:byd2k
  • 4
  • 2
7 Comments
 
LVL 16
ID: 41757325
Couple leading questions.

Is it just one device on your end that needs to communicate with them?

If it's multiple devices on your end that need to access the remote end is the initiation of traffic always from your side?

MO
0
 
LVL 20

Expert Comment

by:carlmd
ID: 41759128
"an existing client is already using the same network addressing scheme as we are'

This represents a problem when your LAN subnet is the same as that of another connection.

You example "We are on 10.0.0.x \ They are on 192.168.250.x" does not reflect that.

What am I missing here?
0
 
LVL 5

Expert Comment

by:JSpoor
ID: 41759130
You can do NAT over VPN
see: https://support.software.dell.com/kb/sw7759

View more example configurations and the SonicWALL webui and features on http://livedemo.sonicwall.com or http://ngfw-demo.com
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 16
ID: 41759332
@carlmd,

I thinking byd2k was referring to the 192.168.250.x subnet being the destination subnet. The local subnet of 10.0.0.x conflicts with some other branch already connected.

MO
0
 
LVL 5

Accepted Solution

by:
JSpoor earned 500 total points (awarded by participants)
ID: 41759350
Let me do this by example,
I have a 192.168.222.0/24 subnet at home, have a VPN tunnel to corporate but they require me to use a 10.z.y.x/24.
The VPN config has 10.z.y.x as source network and corporate as destination network.
I then added NAT policy to translate 192.168.222.x to 10.z.y.x.
You will have to add a LAN to VPN access rule for the original 192.168.222.0 network as the auto created rule is done on 10.z.y.x


The other side of the VPN tunnel must use 10.z.y.x as destination network.

So in your case
NAT 10.0.0.0/24 to 10.0.15.0/24 create the VPN tunnel with src = 10.0.15.0/24 and dst = 192.168.250.0/24
make a LAN to VPN firewall rule for 10.0.0.0/24 to 192.168.250.0/24
0
 
LVL 5

Expert Comment

by:JSpoor
ID: 41778160
Did this help?
0
 
LVL 5

Expert Comment

by:JSpoor
ID: 41804461
No response
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now