Routing Internet traffic through a remote SonicWall device which is in another network
10/14/2021 114 People found this article helpful 408,852 Views
Description
There are two SonicWalls, Site A and Site B.
- Site A and Site B are connected by using a point to point link layer 2 device.
- Site A's X5 Interface was assigned to the LAN Zone, which means that by default Site B has access to Site A's LAN .
- There is no existing VPN between Site A and Site B.
- The Internet traffic from the Site B network has to go through the Site A SonicWall.
- If the point to point link to Site A goes down then the Site B network will access the Internet through the local Site B DSL line
Site A
- LAN IP is: 10.29.1.1
- WAN IP is : 72.35.91.2
- X5 Interface IP is: 10.33.1.2
Site B
- LAN IP is : 192.168.168.168
- WAN IP is: 12.12.12.12
- X5 Interface IP is: 10.33.1.1
Resolution
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
On Site B SonicWall
- Create a route by navigating to Manage | Network | Routing. This is to introduce that the gateway for the Site B Network is another device.
Source: LAN Subnets or Firewalled Subnets
Destination: Any
Service : Any
Gateway: 10.33.1.2 (X5 Interface IP of Site A since point to point connection is through X5 Interfaces of both devices)
Interface: X5
Enable the option which says Disable route when the interface is disconnected
On Site A SonicWall
- Create a route by navigating to Manage | Network | Routing. This is for the return traffic destined for Site B.
Source: Any
Destination: Site B Network (192.168.168.0/24)
Service: Any
Gateway: 10.33.1.1 (X5 Interface IP for Site B)
Interface: X5
- Create a NAT Policy by navigating to Manage | Rules | NAT Policies. This is to allow the Site B traffic Internet access.
Original Source: Site B Network (192.168.168.0/24)
Translated Source: WAN Primary IP or X1 IP
Original Destination: Any
Translated Destination: Original
Original Service: Any
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Testing: Go to whatismyip.com on a computer behind Site B. It should return the WAN IP of site A.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
On Site B SonicWall
- Create a route. This is to introduce that the gateway for the Site B Network is another device.
Source: LAN Subnets or Firewalled Subnets
Destination: Any
Service : Any
Gateway: 10.33.1.2 (X5 Interface IP of Site A since point to point connection is through X5 Interfaces of both devices)
Interface: X5
Enable the option which says Disable route when the interface is disconnected
On Site A SonicWall
- Create a route. This is for the return traffic destined for Site B.
Source: Any
Destination: Site B Network (192.168.168.0/24)
Service: Any
Gateway: 10.33.1.1 (X5 Interface IP for Site B)
Interface: X5
- Create a NAT Policy. This is to allow the Site B traffic Internet access.
Original Source: Site B Network (192.168.168.0/24)
Translated Source: WAN Primary IP or X1 IP
Original Destination: Any
Translated Destination: Original
Original Service: Any
Translated Service: Original
Inbound Interface: Any
Outbound Interface: Any
Testing: Go to whatismyip.com on a computer behind Site B. It should return the WAN IP of site A.
Related Articles
Categories
Was This Article Helpful?
YESNO