| All Categories |
Primers
VPN, Firewall, Security ... |
Guides
HowTo, Choosing a VPN ... |
Reference
Articles, FAQs, Whitepapers ... |
Standards
Architectures, Protocols ... |
Downloads
VPN, Firewall, Security ... |
Products & Services
Hardware, Software, Services |
| Organizations |
Business
Market Research, Law ... |
| Forums |
News
Archive, Events, Newsletters ... |
|
|
| |
| VPN labs is an open community for researching, testing, reviewing, and discussing Virtual Private Networks. Get trusted, unbiased advice on just about everything related to VPN. For more detail check: How to use this site. VPN Labs - VIRTUAL PRIVATE NETWORKS - Free VPN Software and Virtual Private Network News. |
|
|
|
|
nicker.par
Member since:
2008-12-31 22:36:10 |  posted: 2008-12-31 22:39:05
site to site VPN with 2
lan subnets in SonicWall
pro 2040
----------
I will appreciate your
technical expertise on
this issue that we
encounter. The customer
has a Sonicwall pro 2040
enhance o/s ver
4.0.10.15e. Our office
has a Fotigate 100A. We
manage to link up the
Site to site VPN between
the 2 firewalls.
Sonicwall all local lan
subnets are able to reach
our private LAN network
behind the Fortigate
without any problem. From
our private network
(Fortigate) we can reach
the LAN interface and the
same subnet of the
Sonicwall without any
authentication
processes.
However
we are not able to reach
the subnet other that the
lan interface subnet of
the Sonicwall. The
authentication process
are needed before we are
allow to reach the other
subnets located at 20
remote locations island
wide (all having
different subnets). The
authentication only allow
2 hrs where a re login is
require again. Being a
site to Site VPN
connection we cannot
afford this. The
authentications are for
the company policy for
internal user to
authenticate before there
are allow to access the
remote location and the
Internet. This has
affected the site to site
VPN as well. We cannot
find any settings to
bypass this restriction
or exempt out filter.
Need your advise on
this.
(FYI)
Sonicwall site:
There
are HQ and
outlets.
Outlets: 20
outlets are connecting
with IPVPN(MPLS) that is
support by ISP. Outlets
Lan Network is
10.101.x.x
There are
one CE routers in
HQ.
one of the router
subnet is 10.100.x.x(for
HQ lan) and other subnet
is 10.101.x.x (for
outlets).
HQ: Hq
local network is
10.100.x.x that is direct
connecting by Sonicwall
Firewall.
There is
routing from Sonicwall FW
to IPVPN CE Router vice
visa. So,all HQ lan
network is pingable to
all outlets vice
visa.
I told above is
their Internal
Network.
When the
outlet users or HQ users
need to access internet,
the users must pass
through by Sonicwall
Firewall. If the user
need to access internet,
the user must
login(Authentication)to
Sonicwall firewall.(local
database is stored in
Sonicwall).
Login
policy life time is
assigned for 2 hours
only.
Fortigat
e site:
Local network
address is
172.17.x.x.
From
Fortigate Lan Network
want to ping to Sonicwall
lan both subnets.
So,
I created VPN tunnel(site
to site). After VPN
tunnel is established, I
can access to 10.100.x.x
that is directly
connected by
firewall.
I can't
access to 10.101.x.x that
is outlets network. But
after I login
(authentication user) to
sonicwall, i can access
to 10.101.x.x (outlets
network).
(10.100.x.x
and 10.101.x.x both
subnets can ping to
172.17.x.x network)
I
want to acceess
10.101.x.x(outlets
network) without
authentication user login
to sonicwall
firewall.
So Where is
the problem and how to
solve? Pls suggest
me.
I m not familiar
with Sonicwall Enhanced
OS Firewall. |
|
