Solved

How to configure VPN to listen at certain IP on Sonicwall?

Posted on 2016-10-04
8
53 Views
Last Modified: 2016-11-22
This is using DELL Sonicwall NSA 2600. Currently, 2 network ports are in use - X0, for LAN; and X1 for WAN. For LAN, we are using 10.133.0.0/24, while X0, there is a IP pool - a.b.99.128/28; See the IP addresses allocated:

     X0 - 10.133.0.254
     X1 - a.b.99.130

Current, few IPsec tunnel site-to-site were configured and working fine. Except for one site, in which the ip - a.b.99.130 was blocked by the other side of the IPsec tunnel. Now, I am thinking to use a different IP, for example, .142, to be binds to this IPsec tunnel. Shall I have create a secondary IP on X1 interface? How to configure the X0 interface, so as this site VPN is listening at a different IP?

Thanks,
0
Comment
Question by:MichaelBalack
  • 4
  • 4
8 Comments
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827759
It is unfortunately not possible to terminate VPNs to another IP then the WAN primary IP.

What is blocking the IP?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827772
Hi JSpoor,

Originally, on this current sonicwall, we setup 5 site-to-site VPNs to other countries, and all works fine. This firewall is located at Taiwan, and suddenly, the vpn to China dropped. The symptom is, China firewall WAN IP is not pingeable from Taiwan, and vice versa.

At the end, we confirmed that the Taiwan fiewall WAN ip has been blocked by China Telecom Authority. Repetitive appeals to get the IP delisted down to drain.
0
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827780
the reason for black listing?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827798
No idea.
0
 
LVL 7

Accepted Solution

by:
J Spoor earned 500 total points
ID: 41827800
the only option you have then I guess is to swap IP's on the main side...
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827801
Mainland China is very sensitive upon the data from Taiwan. This could be a political issue. For any data (such as, encrypted data from VPN) that not able to track, they will block it.
0
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827805
you have any other sites? you can use to hub and spoke ?
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 41840535
As expert - JSpoor suggested, swap the IP address for WAN (x1) interface. We did it, and it works
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2008 cannot logon remotely 7 55
Auto Smartport macro for Dell and HP laptops 2 72
2012 r2 branch office DNS 2 35
Use of vpn-filter value  in S2S VPN 2 34
One of the Top 10  common Cisco VPN problems are not-matching shared keys. This is an easy one to fix, but not always easy to notice, see the case below. A simple IPsec tunnel between fast Ethernet interfaces of routers SW1 (f1/1) and R1(f0/0). …
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question