<div>
It is unfortunately not possible to terminate VPNs to another IP then the WAN primary IP.<br />
<br />
What is blocking the IP?
</div>


<div>
Hi JSpoor,<br />
<br />
Originally, on this current sonicwall, we setup 5 site-to-site VPNs to other countries, and all works fine. This firewall is located at Taiwan, and suddenly, the vpn to China dropped. The symptom is, China firewall WAN IP is not pingeable from Taiwan, and vice versa. <br />
<br />
At the end, we confirmed that the Taiwan fiewall WAN ip has been blocked by China Telecom Authority. Repetitive appeals to get the IP delisted down to drain.
</div>


<div>
the reason for black listing?
</div>


<div>
Mainland China is very sensitive upon the data from Taiwan. This could be a political issue. For any data (such as, encrypted data from VPN) that not able to track, they will block it.
</div>


<div>
you have any other sites? you can use to hub and spoke ?
</div>


<div>
As expert - JSpoor suggested, swap the IP address for WAN (x1) interface. We did it, and it works
</div>


<div>
<div class="content wysiwyg-content">
This is using DELL Sonicwall NSA 2600. Currently, 2 network ports are in use - X0, for LAN; and X1 for WAN. For LAN, we are using 10.133.0.0/24, while X0, there is a IP pool - a.b.99.128/28; See the IP addresses allocated:<br />
<br />
&nbsp; &nbsp; &nbsp;X0 - 10.133.0.254<br />
&nbsp; &nbsp; &nbsp;X1 - a.b.99.130<br />
<br />
Current, few IPsec tunnel site-to-site were configured and working fine. Except for one site, in which the ip - a.b.99.130 was blocked by the other side of the IPsec tunnel. Now, I am thinking to use a different IP, for example, .142, to be binds to this IPsec tunnel. Shall I have create a secondary IP on X1 interface? How to configure the X0 interface, so as this site VPN is listening at a different IP?<br />
<br />
Thanks,
</div>
</div>


This is using DELL Sonicwall NSA 2600. Currently, 2 network ports are in use - X0, for LAN; and X1 for WAN. For LAN, we are using 10.133.0.0/24, while X0, there is a IP pool - a.b.99.128/28; See the IP addresses allocated:

     X0 - 10.133.0.254
     X1 - a.b.99.130

Current, few IPsec tunnel site-to-site were configured and working fine. Except for one site, in which the ip - a.b.99.130 was blocked by the other side of the IPsec tunnel. Now, I am thinking to use a different IP, for example, .142, to be binds to this IPsec tunnel. Shall I have create a secondary IP on X1 interface? How to configure the X0 interface, so as this site VPN is listening at a different IP?

Thanks,

How to configure VPN to listen at certain IP on Sonicwall?

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Since 1984, Dell has been delivering technology to fit your life.
Dell is in Enterprise, Home Office and Consumer sectors of the market, supplying a broad range of customizable desktops, laptops, notebooks, servers, storage, and network devices.