Tech Support Forum - View Single Post - site to site VPN with 2 lan subnets in SonicWall pro 2040

nicker.par · 12-31-2008, 11:26 AM

Brief information again:
Sonicwall site:
There are HQ and outlets.
Outlets: 20 outlets are connecting with IPVPN(MPLS) that is support by ISP. Outlets Lan Network is 10.101.x.x
There are one CE routers in HQ.
one of the router subnet is 10.100.x.x(for HQ lan) and other subnet is 10.101.x.x (for outlets).

HQ: Hq local network is 10.100.x.x that is direct connecting by Sonicwall Firewall.
There is routing from Sonicwall FW to IPVPN CE Router vice visa. So,all HQ lan network is pingable to all outlets vice visa.
I told above is their Internal Network.

When the outlet users or HQ users need to access internet, the users must pass through by Sonicwall Firewall. If the user need to access internet, the user must login(Authentication)to Sonicwall firewall.(local database is stored in Sonicwall).
Login policy life time is assigned for 2 hours only.

Fortigate site:
Local network address is 172.17.x.x.

From Fortigate Lan Network want to ping to Sonicwall lan both subnets.
So, I created VPN tunnel. After VPN tunnel is established, I can access to 10.100.x.x that is directly connected by firewall.
I can't access to 10.101.x.x that is outlets network. But after I login (authentication user) to sonicwall, i can access to 10.101.x.x (outlets network).

(10.100.x.x and 10.101.x.x both subnets can ping to 172.17.x.x network)

I want to acceess 10.101.x.x(outlets network) without authentication user login to sonicwall firewall.

So Where is the problem and how to solve? Pls suggest me.
I m not familiar with Sonicwall Enhanced OS Firewall.

12-31-2008, 11:26 AM	#2 (permalink)
nicker.par Registered User Join Date: Dec 2008 Posts: 2 OS: xp	Re: site to site VPN with 2 lan subnets in SonicWall pro 2040 Brief information again: Sonicwall site: There are HQ and outlets. Outlets: 20 outlets are connecting with IPVPN(MPLS) that is support by ISP. Outlets Lan Network is 10.101.x.x There are one CE routers in HQ. one of the router subnet is 10.100.x.x(for HQ lan) and other subnet is 10.101.x.x (for outlets). HQ: Hq local network is 10.100.x.x that is direct connecting by Sonicwall Firewall. There is routing from Sonicwall FW to IPVPN CE Router vice visa. So,all HQ lan network is pingable to all outlets vice visa. I told above is their Internal Network. When the outlet users or HQ users need to access internet, the users must pass through by Sonicwall Firewall. If the user need to access internet, the user must login(Authentication)to Sonicwall firewall.(local database is stored in Sonicwall). Login policy life time is assigned for 2 hours only. Fortigate site: Local network address is 172.17.x.x. From Fortigate Lan Network want to ping to Sonicwall lan both subnets. So, I created VPN tunnel. After VPN tunnel is established, I can access to 10.100.x.x that is directly connected by firewall. I can't access to 10.101.x.x that is outlets network. But after I login (authentication user) to sonicwall, i can access to 10.101.x.x (outlets network). (10.100.x.x and 10.101.x.x both subnets can ping to 172.17.x.x network) I want to acceess 10.101.x.x(outlets network) without authentication user login to sonicwall firewall. So Where is the problem and how to solve? Pls suggest me. I m not familiar with Sonicwall Enhanced OS Firewall.