• SonicOS and SonicOSX 7 IPSec VPN
• IPSec VPN Overview
  • About Virtual Private Networks
  • VPN Types
    • IPsec VPN
    • DHCP over VPN
    • L2TP with IPsec
    • SSL VPN
  • VPN Security
    • About IKEv1
    • About IKEv2
    • Mobility and Multi-homing Protocol for IKEv2 (MOBIKE)
    • About IPsec (Phase 2) Proposal
    • About Suite B Cryptography
  • VPN Base Settings and Displays
    • Policies
    • Active Tunnels
    • Settings
  • IPv6 VPN Configuration
• Site to Site VPNs
  • Planning Site to Site Configurations
  • General VPN Configuration
    • Configuring Settings on the General Tab
    • Configuring Settings on the Network Tab
    • Configuring Settings on the Proposals Tab
    • Configuring Settings on the Advanced Tab
  • Managing GroupVPN Policies
    • Configuring IKE Using a Preshared Secret Key
    • Configuring IKE Using 3rd Party Certificates
    • Downloading a GroupVPN Client Policy
  • Creating Site to Site VPN Policies
    • Configuring with a Preshared Secret Key
    • Configuring with a Manual Key
    • Configuring with a Third-Party Certificate
    • Configuring the Remote SonicWall Network Security Appliance
    • Configuring VPN Failover to a Static Route
• VPN Auto Provisioning
  • About VPN Auto Provisioning
    • Defining VPN Auto Provisioning
    • Benefits of VPN Auto Provisioning
    • How VPN Auto Provisioning Works
      • About Establishing the IKE Phase 1 Security Association
      • About Establishing IKE Phase 2 using a Provisioned Policy
  • Configuring a VPN AP Server
    • Starting the VPN AP Server Configuration
    • Configuring VPN AP Server Settings on General
    • Configuring VPN AP Server Settings on Network
    • Configuring Advanced Settings on Proposals
    • Configuring Advanced Settings on Advanced
  • Configuring a VPN AP Client
• Rules and Settings
  • Adding a Tunnel Interface
    • Creating a Static Route for the Tunnel Interface
  • Route Entries for Different Network Segments
  • Redundant Static Routes for a Network
• Advanced
  • Configuring Advanced VPN Settings
  • Configuring IKEv2 Settings
  • Using OCSP with SonicWall Network Security Appliances
    • OpenCA OCSP Responder
    • Loading Certificates to Use with OCSP
    • Using OCSP with VPN Policies
• DHCP over VPN
  • DHCP Relay Mode
  • Configuring the Central Gateway for DHCP Over VPN
  • Configuring DHCP over VPN Remote Gateway
  • Current DHCP over VPN Leases
• L2TP Servers and VPN Client Access
  • Configuring the L2TP Server
  • Viewing Currently Active L2TP Sessions
  • Configuring Microsoft Windows L2TP VPN Client Access
  • Configuring Google Android L2TP VPN Client Access
• AWS VPN
  • Overview
  • Creating a New VPN Connection
  • Reviewing the VPN Connection
    • Configuration on the Firewall
    • Configuration on Amazon Web Services
  • Route Propagation
  • AWS Regions
  • Deleting VPN Connections
• SonicWall Support
  • About This Document

Route Propagation

Additional steps need to be taken to ensure connections can be made to and from resources on subnets within a particular VPC. You must also propagate the connections to the route table that is used for the subnet of interest. Three ways can be used to enable propagation to the route tables in a VPC.

• When Creating the VPN Connection

  If the firewall detects that route propagation is disabled for one or more route tables within a VPC, the popup dialog includes a checkbox allowing you to specify that Route Propagation should be enabled for all route tables within that VPC. However, this is not a a consistent approach; it does allows propagation for some route tables and not others.

• Using checkboxes for each route table

  After a VPN connection has been established, expanding a row in the VPC table on the AWS VPN page reveals all of the subnets in that VPC, organized by route table. Each route table row includes a checkbox that can be used to enable or disable propagation for that particular route table and the subnets it governs.

• On the AWS Console

  The subnets for each VPC can be viewed on the subnets page under the VPC Dashboard on the AWS Console. Selecting a subnet identifies the governing route table and provides a hyperlink so that you can jump to the relevant page.

  Otherwise, you can navigate to the Route Table page and use the filter to narrow the search by VPC or subnet.

To enable or disable route propagation to a specific route table

1. Select the route table in question.
2. Click the Route Propagation tab.
3. Click Edit.
4. Check or uncheck the Propagate box as appropriate.
5. Click Save to commit your changes.