Quote:
When creating a L2TP IP pool on the SonicWALL device, the IP addresses must be a unique IP subnet – you cannot specify IP addresses from the LAN (or any other) interface subnet on the device.

I know knowthing about VPN's specifically, but I read through the whole linked document, and the only interpretation of that comment that I can figure out is that the IP's can't be from the LAN IP (dhcp) pool. The whole point of a VPN is that the IP's will be in the subnet, but since lower level traffic isn't getting through any existing DHCP server won't be able to hand out addresses. I assume the way to get around having seperate pools is to have a radius server that interfaces with the DHCP server, but since you're NATing you shouldn't have any shortage of IPs so that's kind of moot.

Matthew