SonicWall Router - VPN Tunnel

Posted on 2016-08-15
Last Modified: 2016-09-19
Hi Experts,

I’m working on creating a vpn tunnel to a 3rd party host.  The host is sharing their server among a few of the clients.  When setting up a vpn tunnel, the router tech informed me that an existing client is already using the same network addressing scheme as we are.

Is it possible to emulate another network and ultimately have it connect seamlessly onto our network?  This is a client\server configuration so the entire Lan Primary SubNet  will need to access the cloud resource.

We are on 10.0.0.x \ They are on 192.168.250.x

Not sure if this is correct, but I setup the VPN tunnel up to this point as:
Local Network is: should be, but I crated thinking I can create a route translation
Destination is:

When I attempted to connect the tunnel, of course I get an invalid cookie error which means I don't know what I am doing.

Thanks for any help you can provide.
Question by:byd2k
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 16

Expert Comment

by:Michael Ortega
ID: 41757325
Couple leading questions.

Is it just one device on your end that needs to communicate with them?

If it's multiple devices on your end that need to access the remote end is the initiation of traffic always from your side?

LVL 20

Expert Comment

ID: 41759128
"an existing client is already using the same network addressing scheme as we are'

This represents a problem when your LAN subnet is the same as that of another connection.

You example "We are on 10.0.0.x \ They are on 192.168.250.x" does not reflect that.

What am I missing here?

Expert Comment

by:J Spoor
ID: 41759130
You can do NAT over VPN

View more example configurations and the SonicWALL webui and features on or
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

LVL 16

Expert Comment

by:Michael Ortega
ID: 41759332

I thinking byd2k was referring to the 192.168.250.x subnet being the destination subnet. The local subnet of 10.0.0.x conflicts with some other branch already connected.


Accepted Solution

J Spoor earned 500 total points (awarded by participants)
ID: 41759350
Let me do this by example,
I have a subnet at home, have a VPN tunnel to corporate but they require me to use a 10.z.y.x/24.
The VPN config has 10.z.y.x as source network and corporate as destination network.
I then added NAT policy to translate 192.168.222.x to 10.z.y.x.
You will have to add a LAN to VPN access rule for the original network as the auto created rule is done on 10.z.y.x

The other side of the VPN tunnel must use 10.z.y.x as destination network.

So in your case
NAT to create the VPN tunnel with src = and dst =
make a LAN to VPN firewall rule for to

Expert Comment

by:J Spoor
ID: 41778160
Did this help?

Expert Comment

by:J Spoor
ID: 41804461
No response

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port Forwarding 4 52
domian network access 5 33
VPN Server Configuration in windows 7 7 44
sonicwall vpn green lights on both, but no traffic 10 29
Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question