Wondering if anyone has dealt with this before:
Customer of mine has the subnet 192.168.0.x at their head office
Users are dialing in using VPN and getting 192.168.13.x as their VPN IPs.
But their home networks are also 192.168.0.x so it’s causing a conflict. The PCs aren’t tunneling traffic to the server because of the duplicate entry in the routing tables.
Anything I can do to work around this without having to re-ip their office?
EDIT: Enabled tunnel-all mode on the VPN and that solved it
Possibly NAT translations for their office network, but this is reason number 1 to never use 192.168.x.x in a business environment.
add 172.16.0.0 to their account.
create a NAT in your firewall. Original Destination - 172.16.0.0/24
Translated Destination - 192.168.0.0/24
and then just need to remember to tell this user to point to 172.16.0.X IP’s instead of 192.168.0.X IP’s. if you are using DNS, the simple solution is to make a host entry on their PC.
May need an extra firewall rule allowing access to the 172.16.0.0/24 object.
I am new to SonicWall but I had a similar issue and came across this:
add/enable a second nic on the server with a different ip scheme. make a lan2 on port X* on the sonicwall and Home Run to the second nic. Grant access to the VPN to that X* port. Works great.
Tunnel all is going to force ALL their traffic, including web and downloads, over the VPN. This is recommended where very high security is required, however, depending on the number of users, this could choke your pipe to the Internet and will at a minimum slow down home user’s internet traffic horribly and break access to their home network.
I’d change the routes advertised to the VPN clients to the specific servers they need access to (eg 192.168.0.20/32). This may break some home network stuff but will at least keep their internet traffic on the split.
Oh, and get them migrated to a big boy subnet that starts with 10 
yup… customer had a Dlink router before and was using the default subnet. This is what they get
or 10.0.x.x - So frustrating to get a new client and discover this has been done. Sometimes it’s a simple change, other times, it’s a disaster because of the number of things that have been setup by different people who never talked to one another along the way.
It’s a Domain Controller, you can’t run multiple NICs on one without causing all sorts of havoc