Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need Help Getting SonicWall to SonicWall working over Point to Point.

Status
Not open for further replies.
Jun 6, 2006
2
US
I have two SonicWall 2040's, one in each physical location. Location A has a T-1 Frame-Relay for internet access, and there is a physical Point-to-Point connection between the two sites.

Since the SonicWall devices can not handle the T-1 interfaces, I have Adtran Netvanta 3305 routers in place to handle the interfaces and pass off the connection.

All routing is set up correctly on the Adtran devices, and if I have a laptop set up on each site they can communicate between eachother with no problems. When I connect a Linksys router at each location and turn NAT off, I can still communicate.

However, as soon as the SonicWall devices are introduced, I can not get the two devices to work. I can ping through the Point-to-Point interface up to the SonicWall on each side from the SonicWall's Diagnostics interface, but I can not ping to or through the SonicWall.

I have tried to talk to SonicWall support but they do not understand what I am trying to accomplish... PLEASE HELP ME!
 

So you have two sites.

Site A uses frame relay for internet and a seperate Point to point connections to site B for internal communicatoins.

Site B does not have a internet connection just a point to point connection to site A. Site B gets it's internet through the point to point connection then out the frame realy connectoin at site A.

I am I following?
 
What are the IP address ranges of the two sites?

Are you applying firewall rules on the VPN?

BTW, if this will help, you can request an American technician when you call Sonicwall.
 
JOEPC:
Yes sir you are exactly correct, that is what I am trying to accomplish.

sstopppel:
Do you want the WAN interface addresses or the Lan side???

In attempting to get this working I have set settings to allow all WAN traffic through, and still nothing.


Also I did not know I could get American support... That's good to know, because I have really been having a hard time understanding these guys.
 
In the VPN section of this page there are some very useful documents.


So if I understand correctly, you have Site A, with an internet connection. Behind Sonciwall A you have an internal point-to-point ip connection to site B. Site B does not have a separate internet connection. Your goal is to make sure that traffic over than point-to-point is encrypted?

I wonder if it is a routing thing - Sonicwall_B should have a default route configured to go out the T-1 at site A, and Sonicwall_A should have a static route defined to send traffic over the point-to-point link to reach Sonicwall_B.
 
Is it a true PPP connection from site A to site B? If so you don't really even need to encrypt the traffic. You could just use your routers to connect the sites.
 
I just finished setting up a similar configuration. Cisco 2611s on either side of the t1 and a sw2040 on one side with a 3060 on the other. Check your firewall rules and be sure to allow traffic through the sonicwalls.
 
Make sure the addtrans box has a gateway, default route set to the sonicwall. The local traffic will make it through the T1 without the route, but you need to tell the addtrans to send all traffic not intended for internal subnets to go out the sonicwall. I have had an issue with the addtrans box ignoring the default gateway. Goto the static routes section and define the default route there instead. Worked for me. example: 0.0.0.0 192.168.1.1 (if 192.168.1.0 is local subnet) This is all done on the addtrans at the main site. The remote addtrans should send all traffic to the main. If not, you will need a default route set there also.
Do a traceroute from the remote site and see if the packets bounce between the routers.

Also, you need to setup a static route on the sonicwall redirecting traffic intended for the other end of the T1
to the addtrans. Example: 192.168.2.0 192.168.1.50
192.168.2.0 is the remote subnet. 192.168.1.50 is the local addtrans.

Bryan
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top