Hi.
We’re a small MSP that inherited a SonicWall device at a customer. I don’t have much experience in SonicWall and this SonicWall is pretty complex, so I’m constantly scratching my head. I’m hoping that somebody can help me with my current problem.
There’s SSLVPN set up for company employees, with the client IP pool coming from the same subnet as the primary LAN. They also have a routed IPSec connection to Azure (the “Policy Type” in the VPN settings is “Tunnel interface”). Users on the LAN are able to talk to the Azure subnet but SSLVPN users aren’t able to.
This specific IPSec connection doesn’t have a named interface in the interface list, in the routing rules, the rules for the Azure subnets just point to the name of the IPSec connection as the next hop.
There is a routing rule set up for the LAN network to Azure but no specific rule for the SSLVPN allocation inside the LAN network. The firewall rules for LAN → VPN and SSLVPN → VPN should both allow this traffic.
I tried doing a packet capture but I’m not able to use the name of the IPSec connection as an interface name in the Packet Capture Monitor Filter page.
So I have a few questions regarding this:
- If I want to do a packet capture for IPSec connections with no explicit interface, how do I select that traffic in the Packet Monitor page?
- In circumstances like this, where the SSLVPN users are assigned IP addresses from the LAN pool, what routing and firewall rules would apply, the ones for the SSLVPN zone/interface or the ones for the LAN zone/interface?
- I’m guessing there’s a hidden VTI interface for the IPSec connection, is there any way to show that name?
Hoping somebody here has some pointers, because I’m completely lost! Thanks in advance.