How to configure VPN to listen at certain IP on Sonicwall?

This is using DELL Sonicwall NSA 2600. Currently, 2 network ports are in use - X0, for LAN; and X1 for WAN. For LAN, we are using 10.133.0.0/24, while X0, there is a IP pool - a.b.99.128/28; See the IP addresses allocated:

     X0 - 10.133.0.254
     X1 - a.b.99.130

Current, few IPsec tunnel site-to-site were configured and working fine. Except for one site, in which the ip - a.b.99.130 was blocked by the other side of the IPsec tunnel. Now, I am thinking to use a different IP, for example, .142, to be binds to this IPsec tunnel. Shall I have create a secondary IP on X1 interface? How to configure the X0 interface, so as this site VPN is listening at a different IP?

Thanks,
LVL 1
MichaelBalackAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

J SpoorTMECommented:
It is unfortunately not possible to terminate VPNs to another IP then the WAN primary IP.

What is blocking the IP?
0
MichaelBalackAuthor Commented:
Hi JSpoor,

Originally, on this current sonicwall, we setup 5 site-to-site VPNs to other countries, and all works fine. This firewall is located at Taiwan, and suddenly, the vpn to China dropped. The symptom is, China firewall WAN IP is not pingeable from Taiwan, and vice versa.

At the end, we confirmed that the Taiwan fiewall WAN ip has been blocked by China Telecom Authority. Repetitive appeals to get the IP delisted down to drain.
0
J SpoorTMECommented:
the reason for black listing?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

MichaelBalackAuthor Commented:
No idea.
0
J SpoorTMECommented:
the only option you have then I guess is to swap IP's on the main side...
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MichaelBalackAuthor Commented:
Mainland China is very sensitive upon the data from Taiwan. This could be a political issue. For any data (such as, encrypted data from VPN) that not able to track, they will block it.
0
J SpoorTMECommented:
you have any other sites? you can use to hub and spoke ?
0
MichaelBalackAuthor Commented:
As expert - JSpoor suggested, swap the IP address for WAN (x1) interface. We did it, and it works
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.