How to Configure a Route-Based VPN by using Tunnel Interface between two SonicWALL UTM appliances

It is not possible in SonicWall UTM Appliacnes to connect between Spoke to Spoke in Hub and Spoke IPSec VPN topology as Gateway in Spoke can only one time.

We can solve this issue by using Route-Based VPN with Tunnel Interface.

Take a look at below sample network diagram and let's configure route-based vpn in two sonicwall utm appliances.




Step 1:
Log into the SonicWALL
Go to VPN > Settings and click on Add.
The General tab of Tunnel Interface VPN named 'to 2' is shown w/ the IPSec Gateway equal to the other device's X1 IP address, 2.2.2.2





Step 2:
Go to Network > routing and click Add .
The Route Policy example shown below is one in which the source is Any,
and the destination is the "2 Subnets", the service is Any,
and the Interface is set to the name of the previously-created Tunnel Interface VPN, named 'to 2' ; note that the Gateway field is grayed out because SonicOS is smart enough to know that there is already a specific network interface tied to the tunnel interface VPN created above.





I've shown the steps configure on Site 1 here.
You can try to configure on Site 2 by taking reference above steps and sample picture.

Once you've done configuration on both Site 1 and Site 2, you should able to ping both Site LAN network addresses vice versa.

This post is just basice route-based vpn creation among advanced route-based vpn technology for SonicWall.
I'll write how to use Dynamic Routing VPN by using OSPF if I've got some time.

I used NSA 3600 to demostrate this post and note that this route-based vpn is only work SonicWall to SonicWall.
It is not working on 3rd party devices and SonicWall.

Have a good time.
(Be knowledgeable, pass it on then)

Post a Comment