I don't know Sonicwall very much, but the idea I said in my reply will still stand. You'll need to send Site B traffic destined for Public IP Range over the VPN and NAT the SRC IP on Router A. When the return traffic comes back, it will be UNNAT'd, sent over the VPN, and then sent to its dst. – emynd Jun 3 '13 at 12:23

SSL VPN enables us to easily get to the corporate SonicWall LAN subnets over the web with secure VPN tunnel but sometimes due to overlapping of SonicWALL LAN subnet and IP of client, we are unable to access the LAN resources. Follow these steps: 1. To create address object for SSL VPN IP tool. SonicWALL 01-SSC-6945 TZ 205 Network Security Appliance Certificate Support: Verisign, Thawte, Cybertrust, RSA Keon, Entrust and Microsoft CA for SonicWALL-to-SonicWALL VPN, SCEP VPN Features: Dead Peer Detection, DHCP Over VPN, IPSec NAT Traversal, Redundant VPN Gateway, Route-based VPN Global VPN Client: Platforms Supported Microsoft Windows XP, Vista 32/64-bit, Windows 7 32/64-bit The Apply NAT Policies feature or NAT over VPN is configured when both sides of a proposed site to site VPN configuration have identical, and hence overlapping, subnets. Network Setup: In this scenario, a VPN tunnel is created between a SonicWall NSA 2650 and a SonicWall NSA 4600 , and NAT over VPN tunnel is configured to translate the networks

SonicWall TZ 205 Series Unified Threat Management Firewall

Apple iPad iPhone VPN Connection to SonicWall Firewall

The correct way would be to fully add the network on the tunnel, thus allowing just that remote endpoint. Depending on the NATing, Inter Zone the SonicWall can potentially see the source IP, that the source is from a VPN IP, and the remote admin would need to make allow rule for that traffic to be allowed.

HOW TO CONFIGURE NAT OVER VPN IN A SITE TO SITE VPN In this scenario, a VPN tunnel is created between a SonicWall NSA 2400 and a SonicWall NSA 240, and NAT over VPN tunnel is configured to translate the networks to a different subnet. Site A subnet, … How can I configure a Sonicwall behind a Router to serve If you have public IP addresses to spare, then set the Sonicwall WAN up on one of them, so no NAT is happening on the router (do NAT on the Sonicwall to your protected network). Then it's pretty straightforward. Each end of the link you set up the VPN (If using Enhanced OS, first create a "network" range name on each firewall thus: UniFi Security Gateway to SonicWALL Site-to-Site VPN From the SonicWALL side, you will however see the familiar green circle indicating the VPN is live and you will be able to pass traffic over the tunnel. If you want to see the status from the USG, you can log into the CLI and type the command “show vpn ipsec status” which will indicate if the IPsec tunnel is active.