Sonicwall Multi-Homed Servers for VPN

If you are a Managed Service Provider,you will inevitably have a customer whose IP subnet is the same as another customer. I have multiple customers on 192.168.1.0/24 network which is because Linksys defaults to this; however I just can’t change those networks subnet without hassle and downtime.

This is how I typically deal with this:

Pick a new subnet that you wish those machines to be on. In this example I have picked 10.11.10.0/24 and I always maintain the last octet for some consistency, so 192.168.1.70 would become 10.11.10.70. Then the next step is to add the IP.

1

Next run ipconfig /all to obtain your mac address.

2

Add the static ARP entry for that ip address and mac address. This is done on the Sonicwall.

3

You will also need to ‘Publish’ 10.11.10.1 ARP entry on the Sonicwall which is #9.

You will then need to set the static route to the proper interface.

4

You then setup the static VPN like you normally would but use 10.11.10.0/24

5

You then have the ability to connect to those servers and do what you need to over the VPN, including pivot from those servers to any other workstation not set up.

In conclusion, I now have direct access to this customer without the need to dial up a VPN from my workstation and I don’t lose access to the other customers during that period. Furthermore my network monitor (Netmon v5.3) at my site which monitors all my customers can now monitor those servers as well. All this was done with 0 downtime and is quite easy to set up.