VPN routing for SonicWALL TZ350

Dextor03
Dextor03 used Ask the Experts™
on
I have migrated a Cisco ASA 5510 to a SonicWALL TZ350 leaving the existing network set up in place.

The XO LAN interface is configured with an IP address 10.12.0.1 and X1 WAN interface is configured to connect to the net.

I have configured a remote VPN policy for users and I am able to connect to the site and see that the VPN tunnel is established. My issue is that I have two internal LANs with the following IP address ranges that I am unable to contact - 10.15.0.0/16 and 192.168.40.0/24. I know it's probably a simple change but I'm new to firewalls so learning as I go.

Any help is greatly appreciated! Let me know if I need to provide any additional information.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Philip ElderTechnical Architect - HA/Compute/Storage

Commented:
Make sure all subnets are in the VPN networks setup.

Then verify the NAT/Firewall rules are set up to allow packets to move between the various subnets.

Author

Commented:
That's where my problem lies.

I've created a DHCP pool of 172.30.1.0/16 for the VPN users and am able to connect to the site and now assigned an IP address of 172.30.1.200. I am unable to contact to anything on the 10.15.0.0 range. The VPN users have been assigned access to the "LAN Subnets" but it's the NAT/Firewall rules that is causing me grief. I've been playing around with it but no joy.

Would it be possible to provide a few examples of what I need to configure?
Philip ElderTechnical Architect - HA/Compute/Storage
Commented:
At this point, the best thing to do would be to reach out to SonicWALL Support. All of our SW devices have 24/7 support contracts for firmware updates and such. Their support is actually quite good.

Given the complexity of the setup, I'm not so sure a forum back and forth would really suffice to get an acceptable resolution.

As I recall, when we set up the VPN network the SW sets up a default NAT and Firewall rule set that allows ALL between LAN <--> VPN Subnet. So, packets should flow. We always trim the default to DENY by default then configure rules for allowed services/ports. Again, that's beyond the scope of this forum IMNSHO.
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Distinguished Expert 2018

Commented:
Can you show your configurations?
Commented:
Great shout Philip, contacted SonicWALL Support earlier today and were very helpful. Issues arose from the migration from the ASA using the SonicWALL migration tool. All sorted now. Thanks for your input.
Philip ElderTechnical Architect - HA/Compute/Storage

Commented:
I should get the points don't you think?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial