Share via

Resolve Arp Through VPN Tunnel Of Remote Network

Daniel Bove 81 Reputation points
2024-07-18T19:24:08.98+00:00

I am trying to resolve arp of a LAN through vpn tunnel.

SonicWall to SonicWall VPN tunnel is already setup.

Site 1 Private LAN gateway: 192.168.150.1

Site 2 Private LAN Gateway: 192.168.60.1 Already have connection between the two.

Site 1 VM NIC 1: 192.168.150.10 (working) Nic 2: 192.168.60.10 (no internet)

Is it possible to have a IP address of the remote network and resolve arp requests of the remote network? What do I need to add to appliance/firewall to allow this traffic?

Windows for business | Windows Client for IT Pros | Networking | Network connectivity and file sharing
0 comments
Accepted answer
  1. Jing Zhou 7,765 Reputation points Microsoft External Staff
    2024-07-19T07:37:16.3733333+00:00

    Hello,

    Thank you for posting in Q&A forum.

    To resolve LAN ARP requests through a VPN tunnel, you need to ensure that the VPN tunnel can transmit ARP traffic and that the firewall configuration allows this traffic to pass through.

    Here are some of our suggestions:

    1. Confirm that the VPN tunnel from SonicWall to SonicWall has been properly configured to transmit all necessary network traffic, including ARP requests.
    2. Routing configuration:
    • Ensure that both site 1 and site 2 have the correct routing configuration on their SonicWall firewalls, so that traffic from both sites can be transmitted through VPN tunnels.
    • Add static routing on SonicWall at Site 1:

    Destination network: 192.168.60.0

    Subnet mask: 255.255.255.0

    Gateway: VPN tunnel interface

    • Add static routing on SonicWall at Site 2:

    Destination network: 192.168.150.0

    Subnet mask: 255.255.255.0

    Gateway: VPN tunnel interface

    1. Firewall rules:
    • Confirm that the firewall rules for Site 1 and Site 2 allow ARP traffic to pass through. Usually, firewalls block ARP traffic by default because it is a protocol at the LAN layer. But for VPN tunnels, the firewalls at both ends need to be configured to allow ARP traffic.
    • Create a rule in SonicWall firewall that allows ARP requests to pass through:

    Source address: 192.168.60.0/24

    Destination address: 192.168.150./24

    Service: Allow all services (including ARP)

    Similarly, create corresponding rules in the firewall of Site 2.

    1. Check the network interface and subnet mask:

    Ensure that the network interface configuration of the VM is correct. NIC 2 should be configured in the correct subnet and able to access network resources of 192.168.60.0/24

    5.Finally, further investigation can be conducted through the following methods:

    • Perform ARP request test on VM at Site 1:

    Use command-line tools (such as arp-a) to view the ARP cache and check if it can resolve the IP address of the 192.168.60.0/24 network.

    • Packet capture analysis:

    Use packet capture tools (such as Wireshark) to capture packets on the network interfaces of Site 1 and Site 2, and check whether ARP requests and response packets are transmitted through VPN tunnels.

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

    Best regards,

    Jill Zhou

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.