Allowing Wireless Clients Access to SonicWall VPN
Description
There are two basic steps to this process:
- Adjusting the VPN policies.
- Adjusting the firewall rules.
Resolution
Adjusting the VPN Policies
To allow wireless users access to a VPN tunnel, it is necessary to add the subnet of the wireless network to the VPN policy on both sides of the tunnel. SonicWall sets this subnet as 172.16.31.1/24 by default.
At the location that has the wireless network, the subnet of that network should be included in the “Local Networks” address group selected on the “Network” tab of the VPN Policy configuration.
At the other end of the tunnel, the wireless subnet should be included in the “Remote Networks” address group.
If both sides of the tunnel have wireless networks that are integrated into the SonicWall, the other wireless network should be included in the VPN policy the same way.
Adjusting The Firewall Rules
By default the SonicWall’s firewall will block traffic originating in the WLAN zone from reaching the VPN zone.
Add an access rule that looks like the following:
*note that this is a very permissive rule that allows all traffic from the wireless network access to the VPN. Either lock this down to only necessary services and/or make sure you have strongwireless security.
Once both steps are completed, computers on the wireless network should be able to access devices across the VPN.
