SonicWall route traffic destined for one IP over VPN tunnel

  • I have a remote site that is behind a firewall that I don't control and suspect that it's blocking my computers that are attached to my SonicWall TZ 210 from being able to reach Screen Connect over the internet interface.

    I have a VPN tunnel back to the SonicWall NSA 250 at HQ so I figured I would just route all the traffic destined for Screen Connect back to HQ and go out to the internet from there.

    I created a route on the TZ saying

    source: Any 
    Destination ScreenConnectIP 
    Gateway: DefaultGatewayOfHQ-LAN-interface
    Interface: X1 (internet)

    That didn't work, so then I figured I needed a similar static route on the HQ NSA.  I tried that and still no luck.

    I'm wondering if I need to create what SonicWall calls a VPN tunnel interface.  If I do that, does that replace the need for a Site to Site VPN tunnel?