So you've went through the VPN wizard. It's running. You have people using it. It's great. Oh wait! What's that? In your security log you see "attacks" labeled as "IP Spoof." Looking at the log, it shows the user logging in on interface X0, but their IP on your network is a X2 address. Sonicwall thinks it is an IP spoof. You see the external IP. You recognize the external IP is from one of your remote sites. It's no threat, but you would like for Sonicwall to not log it anymore. How do you fix it? I'm glad you asked.
X0\ LAN\ Static\ 192.168.10.XXXX\ you use this for DHCP for your wifi users
X2\ LAN\ Static\ 192.168.1.XXXX\ this is your production network that doesn't utilize DHCP every user on this network has a static IP
In your VPN setup, Sonicwall binds the DHCP lease to the interface that uses DHCP (genius idea right?). So you've built this VPN connection. On the client's machine, you install the Sonicwall VPN client software to connect to the network. You want her to be on the production network though, so you change the virtual adapter the Sonicwall client uses on her machine to a 192.168.1. address. Now, she is able to access production network resources like she wanted. Great.
Back home, you see in the security logs, the IP Spoof stuff. How is that fixed? In the Sonicwall admin panel, go to VPN\DHCP over VPN. Click the dropdown box, select Remote Gateway then click configure.
You should see the following, "DHCP Lease Bound To:" and a dropdown box next to that with the various interfaces. Following our example above, choose the X2 interface so the client will be on the production network when logged in using the VPN.