inTheKnowSea
asked on
Sonicwall Route over VPN keeps getting disabled
I am trying to figure out a routing problem with a Sonicwall TZ105.
Current setup:
X0: 10.10.10.1 on a /24
X0:V4 192.168.113.1 on a /24
VPN to 10.10.0.0/16
X0 is our LAN. We have VLAN4 on the LAN running so we can image machines, and configure them on a client's domain. The VPN goes to the clients domain. I was runnng into a problem where machines on VLAN4, when they would try to get to for example 10.10.10.234, they were trying to go to our LAN. When in reality they should be going over the VPN.
I fixed this by adding a static route:
Source: 192.168.113.1
Destination: 10.10.0.0/16
Service: Any
ToS/Mask: Any
Gateway: 0.0.0.0
Interface: X1
Metric: 10
Priority: 1
All other routes are Metric 20. This seems to work. But after a few days it will stop working. I will check the routing in the Sonicwall, and my custom route will be greyed out(disabled?). I only have to hit the configure button, make no changes, and hit ok, and that re-enables the route and everything starts working again.
Any way to do this better? Or to figure out why the route keeps getting disabled?
Current setup:
X0: 10.10.10.1 on a /24
X0:V4 192.168.113.1 on a /24
VPN to 10.10.0.0/16
X0 is our LAN. We have VLAN4 on the LAN running so we can image machines, and configure them on a client's domain. The VPN goes to the clients domain. I was runnng into a problem where machines on VLAN4, when they would try to get to for example 10.10.10.234, they were trying to go to our LAN. When in reality they should be going over the VPN.
I fixed this by adding a static route:
Source: 192.168.113.1
Destination: 10.10.0.0/16
Service: Any
ToS/Mask: Any
Gateway: 0.0.0.0
Interface: X1
Metric: 10
Priority: 1
All other routes are Metric 20. This seems to work. But after a few days it will stop working. I will check the routing in the Sonicwall, and my custom route will be greyed out(disabled?). I only have to hit the configure button, make no changes, and hit ok, and that re-enables the route and everything starts working again.
Any way to do this better? Or to figure out why the route keeps getting disabled?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So working with Sonicwall, we went with a different solution.
I changed my VPN to be to specific IPs. According to the Sonicwall technician, whatever route is "more" specific with take priority. So my VPN being to /32 addresses will take priority over the /24 route to my X0.
This has resolved the issue.
I changed my VPN to be to specific IPs. According to the Sonicwall technician, whatever route is "more" specific with take priority. So my VPN being to /32 addresses will take priority over the /24 route to my X0.
This has resolved the issue.
I don't really understand the problem. To me it sounds like your VLAN4 machines are going out your WAN instead of the VPN endpoints (your client's network)...is this correct?
Also, what type of VPN do you have in place?
Let me know thanks!