Solved

How to configure VPN to listen at certain IP on Sonicwall?

Posted on 2016-10-04
8
43 Views
Last Modified: 2016-11-22
This is using DELL Sonicwall NSA 2600. Currently, 2 network ports are in use - X0, for LAN; and X1 for WAN. For LAN, we are using 10.133.0.0/24, while X0, there is a IP pool - a.b.99.128/28; See the IP addresses allocated:

     X0 - 10.133.0.254
     X1 - a.b.99.130

Current, few IPsec tunnel site-to-site were configured and working fine. Except for one site, in which the ip - a.b.99.130 was blocked by the other side of the IPsec tunnel. Now, I am thinking to use a different IP, for example, .142, to be binds to this IPsec tunnel. Shall I have create a secondary IP on X1 interface? How to configure the X0 interface, so as this site VPN is listening at a different IP?

Thanks,
0
Comment
Question by:MichaelBalack
  • 4
  • 4
8 Comments
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827759
It is unfortunately not possible to terminate VPNs to another IP then the WAN primary IP.

What is blocking the IP?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827772
Hi JSpoor,

Originally, on this current sonicwall, we setup 5 site-to-site VPNs to other countries, and all works fine. This firewall is located at Taiwan, and suddenly, the vpn to China dropped. The symptom is, China firewall WAN IP is not pingeable from Taiwan, and vice versa.

At the end, we confirmed that the Taiwan fiewall WAN ip has been blocked by China Telecom Authority. Repetitive appeals to get the IP delisted down to drain.
0
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827780
the reason for black listing?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827798
No idea.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 7

Accepted Solution

by:
J Spoor earned 500 total points
ID: 41827800
the only option you have then I guess is to swap IP's on the main side...
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 41827801
Mainland China is very sensitive upon the data from Taiwan. This could be a political issue. For any data (such as, encrypted data from VPN) that not able to track, they will block it.
0
 
LVL 7

Expert Comment

by:J Spoor
ID: 41827805
you have any other sites? you can use to hub and spoke ?
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 41840535
As expert - JSpoor suggested, swap the IP address for WAN (x1) interface. We did it, and it works
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now