I am trying to setup a hub and spoke VPN with my sonicwalls but for some reason I cant get it working. I have selected "forward packets to remote vpns" on the main sonicwall and all remote sonicwalls. On the sonicwall that I want to access remote networks I added the subnet one of the LANs to the destination networks in my VPN but I cannot even access the sonic via LAN IP. Does my network need to be listed in the other sonicwalls VPN destination network?

edit:ok adding my network seemed to work.

Is there a easier way to add 20+ networks to the list? I tried 10.6.0.0/255.255.0.0 but it said it overlaps with my main subnet of 10.6.0.0/255.255.255.0. Do I need to just do 10.0.0.0/255.0.0.0 or can I even do this?

Are you trying to access one satellite LAN from another satellite LAN? I don't believe it's possible, quite sure you can only access the satellites from the central "mothership" LAN.

TWW will know for sure, he's the Sonicwall guru here, but when I setup my big Sonicwall client, I'm pretty sure I remember finding this out.

I am trying to set it up so that I can access any other LAN from my house. I have a tele3 TZW at home.

Ahh...I use the Global VPN client for that, to connect to them from either home, or my office. Have a profile for each location, just load that config file into the VPN client and "connect"...BAM, I'm in.

I am trying to set it up so that I can access any other LAN from my house. I have a tele3 TZW at home.

This is not Hub & Spoke. H&S is; Main Office in Chicago; satellite offices in NY and L.A., and you want L.A. and NY to be able to talk to each other, as well as Chicago.

Your situation is a simple Tunnel. I use this exact scenario for my clients. You need a separate SA from your office to each client office. It's so much nicer than using the Global Client, because you can have all tunnels up simultaneously, all the time. Then, you can use whatever method you'd like to access them; Term Svcs; remote desktop; PC Anywhere, etc. Remember, your TZW will only accept 10 associations.

My Tele3 TZW
http://www.talkaboutwireless.biz/Pics/matthome.jpg
Tele 3 at one of my stores
http://www.talkaboutwireless.biz/Pics/prescott.jpg

I can access anything on the 10.6.3.0 subnet from 10.6.100.0 and viceversa. I could apply NAT and firewall rules on my Tele3 to block the 10.6.3.0 subnet from accessing anything on my LAN. I am only using 2 SAs this way.

I guess I'm missing the point. Like I said- create SA's from your home TZW to each of the remote appliances. Then you can access them all. What more do you need to do?

What is the point of the option to forward packets to remote VPNs then?

What is the point of the option to forward packets to remote VPNs then?

Their purpose is to have a central (hub) location, that primary communication takes place, but then also have the ability to pass data to the spokes. You then need to share things gateways, etc. You are not doing this. All you want to do is communicate with your remote sites, all the time. This is done through SA's. You leave them up and running, and communicate with them at will, anytime, since the tunnels are up vs. having to use a client one site at a time. Simple. I think you're trying to create a topology that neither exists in your scenario, nor is it necessary.

Well if I have to create a SA for every site then im going to need a 2040 at my house to create that many SA's.

I would need over 10 SA's for the config below which my tele3 doesnt support. I thought I was interpreting this right from the pdf doc on sonicwall.com.
http://www.talkaboutwireless.biz/Pics/matthome2.jpg

I can access any device on any LAN I am connected to now. I always had to term service into my machine at corp and then access my sonicwalls.

I am connected to my corporate office via VPN connection, all my offices are also connected via VPN. Why then can I not access the other sites through their VPN tunnels? Why do I have to create sepearte tunnels to connect to those offices?

edit:I think I know why I am not susposed to do it that way and why you were saying it was something that doesnt exist in my situtation.

A network diagram would be more useful and helpful thank looking at a screenshot of your SA's.

I have 20 remote sites each with 1-2 computers and 1 IP Camera. Our corporate office has 10 computers, 3 servers(DC,TS,FS) and I use a sonic 2040. We have our current office which will be turned into a telemarketing office and will have 10 computers and some IP cameras. We have 6 stores in AZ including corporate and the telemarketing store(7 if you add my tele3 tzw), 2 stores in colorado, 3 in new mexico, 4 in arkansas, 1 in louisiania, 2 in mississippi and 2 in texas. They all connect to corporate with VPNs using either the TELE3, TELE3 SP or TZ 170 SP. I didnt have anytime to make a network diagram.