L2TP server - site-to-site vpn connection

Question

I am not sure this is the right place for this question but here goes.

We want to connect users using an L2TP VPN connection to a users at the other end of a SonicWall site-to-site VPN.

Currently we have a SonicWall firewall/router contraption in the home-office that is connected to a far-office over a VPN. Communications with machines in the home-office and far-office is fine. We also have an L2TP server running on the SonicWall that outside users can connect to. This gives them access to machines in the home-office. Communication between outside users and the home-office is fine. However outside users connected to the home-office via the L2TP server can't communicate with machines in the far-office.

Will there need to be network bridging or routing needed? Or will this simply be a firewall setting to get this working?

Thanks for any help or clues you provide! Rob

Answer 1

You're most likely experiencing a routing issue. The image below is what I imagine your network roughly looks like.

If your home office network is 192.168.10.0/24

and your branch office network is 192.168.20.0/24

and if your L2TP VPN network is 192.168.30.0/24

Then on your branch office router, you will need to add a static route that points 192.168.30.0/24 (user VPN) to 192.168.10.0/24 (home office router). This lets the branch office know how to get to the user VPN network.

You will also need to assure your firewall rules on the SonicWall allow the different VPNs to talk to each other, whether it be a policy or a custom port rule for whatever types of traffic you want available to each other.