Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Types of site to site VPN scenarios and configurations

12/20/2019 7,894 People found this article helpful 143,886 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    Here's the different scenarios:

    • Main Mode - Used when VPN Sites have permanent/Static public IP address.
      How to Configure a Site-to-Site VPN Policy using Main Mode
      Configuring a Site to Site VPN between two SonicWalls on the same WAN subnet with same default gateway
    • Aggressive Mode - Used when One Site has permanent/static public IP and the other site has a dynamic/temporary public IP address.
      Configuring Aggressive Mode Site to Site VPN when a Site has Dynamic WAN IP address
    • Hub and Spoke - Setting up VPNs when two or more remote sites (Spokes) want to connect to central site (Hub).
      Implementing Hub and Spoke Site-to-Site VPNs
      How to create a Hub and Spoke Tunnel Interface VPN network with OSPF
    • IKEv2 - Setting up VPNs using the Internet key exchange (IKEv2) protocol.
      How to setup Site to Site VPN with IKE2 Dynamic Client Proposal in SonicOS 6.2 and above
    • Using Wizard - walks you step-by-step through the VPN configuration.
      Cconfiguring Site-to-Site VPN using the Wizard on SonicOS Enhanced

    Here's some advanced VPN configurations:

    • NAT over VPN - Used when VPN sites have same or overlapping networks.
      How to configure NAT over VPN in a site to site VPN with overlapping networks
    • IPv6
      How to configure an IPv6 IPSec VPN
    • Using Route Based VPN / Tunnel Interface
      How to Configure a Tunnel Interface VPN (Route-Based VPN) between two SonicWall UTM appliances
      Configuring a Tunnel Interface VPN with DHCP Relay using IP Helper
    • VPNs using Dynamic Routes (RIP, OSPF, BGP, etc.)
      Dynamic Route Based VPN (Basic Config)
      How to configure redundant routes for Route Based VPN
      Configuring Site-to-Site VPN over OSPF using Command Line
      How to create a mesh VPN network using Tunnel Interfaces and OSPF
    • Adding more IP Subnets to existing VPNs
      Adding a subnet to an existing Site to Site VPN Tunnel
      Adding a wireless network to a site to site VPN
      How to allow wireless traffic over a site to site VPN when the WLAN is bridged to the LAN
    • Bandwidth Management
      Bandwidth Management of Site to Site VPN Traffic
    • Certificates
      How to obtain certificates for VPN connections (Site to Site, GVC, L2TP) from a Windows Certificate server
      Site to Site VPN Using Certificates
    • Command Line
      Configuring Site to Site VPN policies using Enterprise Command Line Interface (E-CLI)
      Configuring Site-to-Site VPN over OSPF using Command Line
    • DHCP Over VPN
      Using IP Helper to obtain DHCP over a Policy-based Site to Site VPN Tunnel
    • Manual Key
      Configuring Site-to-Site VPN with Manual Key
    • Mapping Drives
      Cconfigure VPN sites to pass Microsoft NetBIOS broadcast traffic
    • Port Forwarding
      Port Forwarding over a Site to Site VPN Tunnel
      Route traffic to certain website(s) through site to site VPN without Route All Traffic VPN setup
    • Probing
       Configuring VPN Failover using Static Routes and Network Monitor Probes
    • Restrictions
      How to control / restrict traffic over a site to site VPN tunnel using Access Rules?
    • uPNP
      How to connect a Playstation 3 (PS3) console to a UPnP Media Server over a site-to-site VPN?
    • 3rd Party
      How To configure a Site to Site VPN tunnel between a SonicWall and Linksys VPN Router in aggressive mode?

      Site to site VPN between a SonicOS Enhanced and a Cisco IOS device?

    Related Articles

    • App Control fails by schema error when editing VPN category
    • Custom Geo-IP list to exclude a website from Geo-IP filter
    • GVC stuck on acquiring IP for some users

    Categories

    • Firewalls > NSa Series > VPN
    • Firewalls > TZ Series > VPN
    • Firewalls > NSv Series > VPN

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
      Scroll to top
      Trace:dd05288e52973a5809ba22c373a5ba22-70