0

This is more of a theoritcal question then a problem. With regards to Site to Site VPN links, let's for the sake of the question say we have two Sonicwall Firewalls.

Site A and Site B

SonicwallA and SonicwallB respectively to the sites mentioned above.

1). Now if I was to create a Site to Site VPN on SonicwallA at SiteA and set the Primary Gateway to the IP of Sonicwall B at SiteB but didn't configure anything on SonicwallB - what connectivity would I achieve?

2). Next I would go and configure a Site-to-Site Link on SonicwallB and set Primary Gateway for the VPN to IP of SonicwallA. What connectivity would I achieve then with both active?

The reason I ask this is because a Site-to-Site VPN only establishes one tunnel, but how is that possible with two Firewalls connecting to each other via two totally seperate Site-to-Site VPN configurations?

PnP
  • 1,684
  • 8
  • 39
  • 65

1 Answers1

3
  1. No connectivity whatsoever. Imagine the security disaster that the world would be if anyone could set up a site-to-site VPN by configuring only the device on their end.
  2. Assuming that the rest of the configuration is correct and complete, you have a tunnel between SiteA and SiteB.

They are not two totally separate site-to-site VPN configurations. Each device needs to be configured to communicate with the other in order to establish a single connection.

Skyhawk
  • 14,200
  • 4
  • 53
  • 95