The VPN policy configuration creates a Tunnel Interface between two end points. Static or Dynamic routes can then be added to the Tunnel Interface. The Route. Configuring Tunnel Interface (static route-based) VPN using Enterprise Command Line. Last Updated: 12/6/ Views 9 Users found this article helpful. How to Configure a Tunnel Interface VPN (Route-Based VPN) between two SonicWall UTM appliances · Configuring a Tunnel Interface VPN with DHCP Relay.
|Published (Last):||27 March 2006|
|PDF File Size:||9.17 Mb|
|ePub File Size:||5.47 Mb|
|Price:||Free* [*Free Regsitration Required]|
I have a few Sonicwall connections. This way it’s possible to determine if the routes to the other network from both firewalls are correctly in the route table.
What zone do you have the remote host in on the Sonicwall?
IPSec VPN with SonicWALL – Redirecting traffic over VPN
Actually never mind it worked in the end – despite the fact I changed nothing, maybe pulling the route out of the route table and re-adding it a few times eventually worked. Maybe adding a network diagram where you list all the subnets on both sides of UTM and Sonicwall could enlighten a bit.
I suppose I can try to go through support and see if I can figure out why you still need the static route policy at some point, but I’ve never had much luck with Sonicwall support on anything complicated. For good measure I tried removing all custom NAT rules I implemented in case they were mucking up the traffic, but that doesn’t seem to have made any change either.
I have remedied the remaining communication issues by following your original recommendation of disabling NAT traversal options on both appliances. I also have seen tunnels dropping sporadically.
There are also some small changes to the CLI that slowed me down. I have never had to setup a NAT rule.
My developers are constantly getting kicked out tunnek a “broken pipe” and they are frustrated. This falls within the default L2TP subnet After disabling and re-enabling soincwall VPN tunnels, it all seems to work.
NAT translation is enabled for both hosts. In reply to apijnappels: If so, then no NAT should be needed. In reply to Bobby Tables:. Disabled I guess Auto-add Access Rules: In either case, if you are using the GUI, follow mvisible’s directions above Re: What does that give you?
Virtual Private Gateway Shared Secret: But the downtime is unacceptable for business use. Unanswered question with answer points still available. TI5 or whatever your new tunnel if id is metric 1, disable when disconnect, auto add access rules.
AWS Developer Forums: Help with SonicWall and IPSec VPN
Having the same issue on a TZ, would like to know the answer. Don’t bother setting up both tunnels just keep the secondary tunnel gateway IP information around in case you need to swap interfcae later, since the sonicwall can’t configurf both tunnel interfaces created at the same time due to subnet overlap and doesn’t have a secondary IP option for tunnel mode.
In reply to Robert Yount: May 15, 1: I’ve tried a range of I had been having constant sporadic drops during the day, but at least it would reconnect.
SW always adds the rule automatically as will the UTM if auto firewall rule is selected. Thinking about setting up a gateway virtual appliance that either I spin up in my VPC and or also on my configre environment to connect us. I searched all over but didn’t find the ‘bind tunnel to local interface’ tickbox so I’m going to assume that’s disabled if it’s the default setting. There are route based VPNs, but not needed for this setup.
Are the tunnels reliable and persistent? Clients within the DHCP scope can communicate with it as well.