Here's my problem:
3 separate Internet locations; one of these locations is the "main" location. The other two "branch" locations connect to the main location over IPSec VPN.
What I need to do is connect the two branch locations to each other over their corresponding VPN tunnels through the main location.
Example:
Branch 1 SonicWALL (192.168.0.1) connects to Main SonicWALL (192.168.1.1) via VPN
Branch 2 SonicWALL (192.168.2.1) connects to Main SonicWALL (192.168.1.1) via VPN
Branch 1 and Branch 2 subnets need to be able to communicate with each other through their VPNs to the Main location (i.e. 192.168.2.1 <-> 192.168.1.1 <-> 192.168.0.1)
I'm aware that a VPN tunnel between the 2 Branch locations would achieve communication, but in the actual scenario this is not practical.
Is this possible? If so, how can I achieve this? If not, what is the best solution?
If there's anymore information needed, please let me know and I will update the question.
Thank you
Best Answer
As KorXo mentioned, this is a standard Hub and Spoke configuration, but KorXo's link is for IPv6. Here's one for IPv4:
https://support.software.dell.com/kb/sw3552
There's also a video. Basically you create the VPN (eg. from Branch 1 to Main) but use an Address Object GROUP that includes both the Main and Branch 2 subnets. That way Branch 1 understands the VPN to Main includes Main AND Branch 2's networks on the far side. The other sides are similarly configured.
An alternative is to use Tunnel (route) based VPNs. When you start adding additional Branch sites this makes life simpler as the VPN is just a tunnel from Branch X to Main, and ROUTES are added to allow traffic from Branch 1 to Branch X. See: https://support.software.dell.com/kb/sw7902
Either would be fine in your situation (with 2 Branch sites) but one may make more sense, so have a look at both! Then choose one, try it and open a new question if you need further assistance (try to include router models, SonicOS versions, and maybe a diagram - showing interface configurations).
Good luck!