Hey Reddit,
Trying to wrap my head around configuring Comcast EDI Fiber (or MetroE Fiber) on SonicWall to use site to site VPN. Any assistance is much appreciated. So unto the details
Topology Currently our main site is using Level 3 for WAN connection, 76.x.x.160/28 on a SonicWall NSA2600. LAN is your run of the mill 192.168.1.0/23. We are having 3 remote sites coming on line by summer, with 1 already online. All sites will be connected with site to site VPN using NSA2600 at each site. To that end we purchased the Comcast MetroE Fiber 200mb u/d just for the VPN connections. Idea is regular users internet will continue to use the Level 3 while Comcast is dedicated for VPN.
Comcast MetroE is assigned with 2 subnets, a WAN block of 50.x.x.56/30 and a consumer block of 50.x.x.48/29 in my case. Currently the site that is already online I am using the only IP available on the WAN block, 50.x.x.58 as the remote gateway and everything is working fine. But ideally I want the 3 remote sites to use the consumer usable IPs of x.49 - x.54 as remote gateways. This is where I'm not sure about.
Concensus from reading online is to use another layer 3 device in front of the SonicWall, but there are also articles on how to set this up without, either by using static ARP or DMZ. None of them is regarding VPN though.
Thanks in advance.
No comments:
Post a Comment