Remote network traffic not passing through VPN
- by John Virgolino
We have the following topology:
LAN A LAN B LAN C
10.14.0.0/16 <-VPN-> 10.18.0.0/16 --- SONICWALL <-VPN-> M0N0WALL --- 10.32.0.0/16
Traffic between LAN A and LAN B works perfectly.
Traffic between LAN C and LAN B works perfectly.
Traffic between LAN A and LAN C, not so much.
LAN A's gateway has a route to LAN C that points to the Sonicwall. The Sonicwall has a route to LAN A pointing to the VPN gateway connecting LAN B to LAN A. Tracing packets on the Sonicwall shows the LAN C destined traffic to arrive on the Sonicwall, but it does not forward the traffic, it dies there. Traffic from LAN B gets forwarded.
Tracing packets on the Sonicwall while sending traffic from LAN C destined for LAN A shows nothing.
This tells me that the M0N0WALL is not forwarding traffic for the 10.14.0.0 network and the Sonicwall is not forwarding from 10.14.0.0.
The SA on the Sonicwall terminates on the WAN ZONE and is defined to use an address group that incorporates both the 10.14.0.0 and 10.18.0.0 networks.
The M0N0WALL is configured for the 10.18.0.0 network and I have tried with both a static route to 10.14.0.0 and without on the M0N0WALL.
I tried manually adding the 10.14.0.0 network to the SA on the M0N0WALL, but that really aggravated it and the SA never came up, so I reverted.
I have checked all the firewall rules to make sure nothing is blocked. All of the Sonicwall auto-added rules look right.
Specs:
Sonicwall TZ200, Enhanced OS
M0N0WALL v1.32
I'm at a loss at this point. Any help would be appreciated.