Sign in with
Sign up | Sign in
Your question

Routing thru SonicWall TZ170

Last response: in Networking
Share
Anonymous
February 16, 2005 6:37:37 PM

Archived from groups: comp.dcom.vpn (More info?)

I have 2 buildings located across a small street from each other. They
are currently connected over D-Link DWL-2700 wireless access points and
are on the same subnet.

I would like to route local domain traffic thru a VPN Tunnel over the 2
TZ170's and the wireless access points, and have each building's
Internet Gateway be their perspective DSL connections.

Can anyone help me with this? Thanks in advance.
Anonymous
February 17, 2005 6:56:09 AM

Archived from groups: comp.dcom.vpn (More info?)

Sorry, but I don't believe you can establish an IPSec VPN over your network
on the same subnet.

<jim.averitt@gmail.com> wrote in message
news:1108597057.699098.222970@g14g2000cwa.googlegroups.com...
> I have 2 buildings located across a small street from each other. They
> are currently connected over D-Link DWL-2700 wireless access points and
> are on the same subnet.
>
> I would like to route local domain traffic thru a VPN Tunnel over the 2
> TZ170's and the wireless access points, and have each building's
> Internet Gateway be their perspective DSL connections.
>
> Can anyone help me with this? Thanks in advance.
>
Anonymous
February 17, 2005 2:36:17 PM

Archived from groups: comp.dcom.vpn (More info?)

I probably should have mentioned this...

I don't need to keep them on the same subnet. I have no problem
changing that configuration. In fact, I expected I would have to.

I was thinking I would route one building (10.0.0.x) thru the wireless
access points (192.168.1.x) to the other building (10.0.1.x). I just
need to know how I would configure the TZ170's to create the VPN tunnel
over the wireless but keep Internet traffic on each buildings own DSL
line.

Thanks
Related resources
Anonymous
February 17, 2005 9:14:03 PM

Archived from groups: comp.dcom.vpn (More info?)

jim.averitt@gmail.com wrote:
> I probably should have mentioned this...
>
> I don't need to keep them on the same subnet. I have no problem
> changing that configuration. In fact, I expected I would have to.
>
> I was thinking I would route one building (10.0.0.x) thru the wireless
> access points (192.168.1.x) to the other building (10.0.1.x). I just
> need to know how I would configure the TZ170's to create the VPN tunnel
> over the wireless but keep Internet traffic on each buildings own DSL
> line.
>
> Thanks
>

If the tz170's are set up as the firewalls fro the dsl connections, they
will send all non-vpn traffic out over the dsl line to the internet by
default.
Anonymous
February 18, 2005 5:45:10 AM

Archived from groups: comp.dcom.vpn (More info?)

Right. Provided your subnets will be different, only your LAN traffic will
travel over the VPN tunnel...your internet traffic still goes through the
respective DSL lines.

"T. Sean Weintz" <strap@hanh-ct.org> wrote in message
news:111a99rltnrvmd9@news.supernews.com...
> jim.averitt@gmail.com wrote:
> > I probably should have mentioned this...
> >
> > I don't need to keep them on the same subnet. I have no problem
> > changing that configuration. In fact, I expected I would have to.
> >
> > I was thinking I would route one building (10.0.0.x) thru the wireless
> > access points (192.168.1.x) to the other building (10.0.1.x). I just
> > need to know how I would configure the TZ170's to create the VPN tunnel
> > over the wireless but keep Internet traffic on each buildings own DSL
> > line.
> >
> > Thanks
> >
>
> If the tz170's are set up as the firewalls fro the dsl connections, they
> will send all non-vpn traffic out over the dsl line to the internet by
> default.
>
Anonymous
February 18, 2005 12:29:18 PM

Archived from groups: comp.dcom.vpn (More info?)

Makes perfect sense. Thanks folks. I'll give it a try.
June 18, 2009 9:08:50 PM

Then gentlemen above is correct, you cant create the ipsec vpn on the same subnet. But, You should be able to do it, if you change the subnet mask to create a smaller network on each side.
For instance, if you were using the private "192.168.5.0" network, and used a 224 mask, you would then have two smallernetworks, one which starts at 5.0 and one which starts at 5.32. you should then be able to vpn between those.
!