Resolve Arp Through VPN Tunnel Of Remote Network

Daniel Bove 81 Reputation points
2024-07-18T19:24:08.98+00:00

I am trying to resolve arp of a LAN through vpn tunnel.

SonicWall to SonicWall VPN tunnel is already setup.

Site 1 Private LAN gateway: 192.168.150.1

Site 2 Private LAN Gateway: 192.168.60.1 Already have connection between the two.

Site 1 VM NIC 1: 192.168.150.10 (working) Nic 2: 192.168.60.10 (no internet)

Is it possible to have a IP address of the remote network and resolve arp requests of the remote network? What do I need to add to appliance/firewall to allow this traffic?

Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
879 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jing Zhou 7,765 Reputation points Microsoft External Staff
    2024-07-19T07:37:16.3733333+00:00

    Hello,

    Thank you for posting in Q&A forum.

    To resolve LAN ARP requests through a VPN tunnel, you need to ensure that the VPN tunnel can transmit ARP traffic and that the firewall configuration allows this traffic to pass through.

    Here are some of our suggestions:

    1. Confirm that the VPN tunnel from SonicWall to SonicWall has been properly configured to transmit all necessary network traffic, including ARP requests.
    2. Routing configuration:
    • Ensure that both site 1 and site 2 have the correct routing configuration on their SonicWall firewalls, so that traffic from both sites can be transmitted through VPN tunnels.
    • Add static routing on SonicWall at Site 1:

    Destination network: 192.168.60.0

    Subnet mask: 255.255.255.0

    Gateway: VPN tunnel interface

    • Add static routing on SonicWall at Site 2:

    Destination network: 192.168.150.0

    Subnet mask: 255.255.255.0

    Gateway: VPN tunnel interface

    1. Firewall rules:
    • Confirm that the firewall rules for Site 1 and Site 2 allow ARP traffic to pass through. Usually, firewalls block ARP traffic by default because it is a protocol at the LAN layer. But for VPN tunnels, the firewalls at both ends need to be configured to allow ARP traffic.
    • Create a rule in SonicWall firewall that allows ARP requests to pass through:

    Source address: 192.168.60.0/24

    Destination address: 192.168.150./24

    Service: Allow all services (including ARP)

    Similarly, create corresponding rules in the firewall of Site 2.

    1. Check the network interface and subnet mask:

    Ensure that the network interface configuration of the VM is correct. NIC 2 should be configured in the correct subnet and able to access network resources of 192.168.60.0/24

    5.Finally, further investigation can be conducted through the following methods:

    • Perform ARP request test on VM at Site 1:

    Use command-line tools (such as arp-a) to view the ARP cache and check if it can resolve the IP address of the 192.168.60.0/24 network.

    • Packet capture analysis:

    Use packet capture tools (such as Wireshark) to capture packets on the network interfaces of Site 1 and Site 2, and check whether ARP requests and response packets are transmitted through VPN tunnels.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best regards,

    Jill Zhou


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.