Sonicwall Pro 4060 and TZ170 at remote end - VPN problem/question.

Hello all.

I've been trying to get this working for sometime but failing.

I have a Pro 4060 at the central location and a TZ170 at my house. On
the Pro 4060, there is /22 network block firewalling the internal
block which works fine.

I'd like to be able to have the TZ170 use IPs within that /22 across a
VPN and provide ips from same block into my internal LAN on the remote
network.

Then I should be able to access all the firewalled machines internally
and also access the internet from the remote location via the central
networks internet connectivity.

Any help appreciated!

Matt

Re: Sonicwall Pro 4060 and TZ170 at remote end - VPN problem/question.

mmartingm@googlemail.com wrote:

> Hello all.
>
> I've been trying to get this working for sometime but failing.
>
> I have a Pro 4060 at the central location and a TZ170 at my house. On
> the Pro 4060, there is /22 network block firewalling the internal
> block which works fine.
>
> I'd like to be able to have the TZ170 use IPs within that /22 across a
> VPN and provide ips from same block into my internal LAN on the remote
> network.

Simply forget it, use a different subnet at home.

Wolfgang

Re: Sonicwall Pro 4060 and TZ170 at remote end - VPN

Hi,
> Simply forget it, use a different subnet at home.

Thanks... I can get another block without a problem - but what would
be the best way to do this. I want the block to be a public accessable
block that has any applicable firewall rules that filter traffic
before it reaches the remote network.

Thanks

Matt

Re: Sonicwall Pro 4060 and TZ170 at remote end - VPN problem/question.

mmartingm@googlemail.com wrote:

> Hi,
>> Simply forget it, use a different subnet at home.
>
> Thanks... I can get another block without a problem - but what would
> be the best way to do this. I want the block to be a public accessable
> block that has any applicable firewall rules that filter traffic
> before it reaches the remote network.

Normally one would use private IPs from different subnets for both networks,
like e.g. 10.0.0.0/22 for the headquarter and 10.0.4.0/24 for the branch
office.

Of course you can use public adresses as well (however that would be a
rather unusual setup) but once you do that. you can only reach the machines
on the other side of the tunnel through the tunnel. Filtering the traffic
that goes throught the tunnel should be possible as usual.

Wolfgang

Re: Sonicwall Pro 4060 and TZ170 at remote end - VPN

On Dec 5, 9:18 am, mmarti...@googlemail.com wrote:
> Hi,
>
> > Simply forget it, use a different subnet at home.
>
> Thanks... I can get another block without a problem - but what would
> be the best way to do this. I want the block to be a public accessable
> block that has any applicable firewall rules that filter traffic
> before it reaches the remote network.
>
> Thanks
>
> Matt

Matt,

At work we have these devices. We have a Pro 2040 and the satelite
offices have the TZ170. We are able to do a Gateway to Gateway VPN,
however we have not had success with DCHP over the VPN, once you have
the VPN up you can add routes to the networks you need to reach. once
you do that you can access any device on the other network as if it
was on your own network. SonicWALL support is usually very good so you
can always call them.

Hope that helps,

Hex

Re: Sonicwall Pro 4060 and TZ170 at remote end - VPN

Hi,

> Of course you can use public adresses as well (however that would be a
> rather unusual setup) but once you do that. you can only reach the machines
> on the other side of the tunnel through the tunnel. Filtering the traffic
> that goes throught the tunnel should be possible as usual.

I think I may need to look at a bridge over VPN instead of standard
routed VPN. Which makes this even more of a task :(

Thanks for your help.