Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
0
Helpful
5
Replies

Problem in Site to Site VPN-Multiple Networks

sagarshaha
Level 1
Level 1

‎07-25-2012 12:54 AM - edited ‎03-11-2019 04:34 PM

Hi,

I have Cisco 3560X L3 Switch. We have done Inter VLAN in our internal networks. Below are the VLAN details

Default VLAN1 IP 192.168.125.2 (Gi0/1, Gi0/23, Gi0/24)

Interface Gi0/1 (Port Configure as a Trunk)

Interface VLAN 10 SERVERS_SW (Gi0/2 to 0/6)

IP Address: - 192.168.0.1 255.255.254.0

Interface VLAN 20 USERS_SW (Gi0/7 to 0/18)

IP Address: - 192.168.152.1 255.255.248.0

Interface VLAN 30 SPARE_SERVER_SW (Gi 0/19 to Gi 0/22)

IP Address: - 192.168.8.1 255.255.248.0

We have Sonicwall NSA2400 Firewall and we have setup Site-to-Site between our other offices who has Sonicwall TZ210 firewall. It works fine and they are able to access all the above networks.

Now the problem is we have one more site which uses Vigor Firewall (with Internal Network 192.168.100.0). We have setup the site-to-site vpn between Sonicwall NSA 2400 (Lets say SITE A) and Vigor (Lets say SITE B) but SITE A is unable to ping to SITE B Firewall but SITE B is able to *ONLY* SITE A firewall.

SITE A is trying to ping from User VLANs whose local ip is 192.168.152.0 range.

Can you please help us in above scenario to add route to 100.0 so that we will be able to ping and access SITE B networks.

Appreciate your help !!

Thanks

Labels:
0 Helpful
5 Replies 5

Ramraj Sivagnanam Sivajanam
Level 4
Level 4

‎07-26-2012 07:42 PM

Hi Bro

Do you have a static route in your L3 for 192.168.100.0/24 pointing to your Sonic Wall? If yes, then this is fine. All I can think of is, either you've a Phase 1 or Phase 2 VPN issue between your Sonic Wall and Vigor FW.

Warm regards,
Ramraj Sivagnanam Sivajanam
0 Helpful

sagarshaha
Level 1
Level 1
In response to Ramraj Sivagnanam Sivajanam

‎07-29-2012 11:12 PM

Hi Mate,

Thanks for your reply !!

Nopes, i have not yet added the static route on L3 switch. Can you please guide me on same, as i tried below command but nothing worked.

ip route 192.168.100.0 255.255.254.0 192.168.125.1

where,

192.168.125.1 is my local sonicwall.

Also, Yes, I have Group 1 Proposals in Sonciwall.

Appreciate your help in same.

Thanks,

Sagar

0 Helpful

Ramraj Sivagnanam Sivajanam
Level 4
Level 4
In response to sagarshaha

‎07-30-2012 01:40 AM

Hi Bro

I can't help you much, even though I would love too.. as I don't know either Sonic Wall and Vigor FW

Warm regards,
Ramraj Sivagnanam Sivajanam
0 Helpful

sagarshaha
Level 1
Level 1
In response to Ramraj Sivagnanam Sivajanam

‎07-30-2012 02:46 AM

Hey,

Can you just tell me how to add static route to 100.0? i think that should work.

Appreciate your help !!

Thanks,

Sagar

0 Helpful

Ramraj Sivagnanam Sivajanam
Level 4
Level 4
In response to sagarshaha

‎07-30-2012 03:04 AM

Hi Bro

You've done the steps I have suggested

"Nopes, i have not yet added the static route on L3 switch. Can you please guide me on same, as i tried below command but nothing worked.

ip route 192.168.100.0 255.255.254.0 192.168.125.1"

Warm regards,
Ramraj Sivagnanam Sivajanam
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card