I am having trouble sharing files between my LAN and WLAN with a SonicWall TZW firewall

Posted on 2004-08-14
Last Modified: 2013-11-09

Does anyone have any suggestions on how I can get a TZW to share files?
I can ping between my LAN -> WLAN and WLAN -> LAN.
I have a rule set for LAN -> WLAN NETBIOS allow
I have a rule set for WLAN -> LAN NETBIOS allow
I have a rule set for LAN -> WLAN DNS allow
I have a rule set for WLAN -> LAN DNS allow

I have a check mark in Windows Networking (NetBIOS) Broadcast Pass Through From WLAN to LAN

In Predefined Services I have
Name Service (DNS) 53 53 TCP
Name Service (DNS) 53 53 UDP
NetBios 137 137 TCP
NetBios 137 137 UDP
NetBios 138 138 TCP
NetBios 138 138 UDP
NetBios 139 139 TCP
NetBios 139 139 UDP

I don't have a wins server. I do have all PC's in Lmhosts. I can't
see other PC's in Network Neighborhood. A search fails when I search
on name. If I try to open a different PC from the run command with
\\ it fails WLAN -> LAN.  If I run the same from WLAN -> WLAN it works fine \\

I have run a test on the ports and here is the results:
137/tcp    open        netbios-ns              
138/tcp    open        netbios-dgm            
139/tcp    open        netbios-ssn  
445/tcp    open        microsoft-ds            

Any Ideas?
Question by:docfxit
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1

Expert Comment

ID: 11801858
More information would be very helpful.
What is the ip number of the computers ?
What is wan address? Are other computers using same router?
Is all computers on the same lan?

wlan->lan with address shouldn't be possible. It's reserved for internal lan, like

Expert Comment

ID: 11801937
You mention and, these are by default not in the same network.
It looks like one of them is on your wireless lan and the other on the hardwired lan.
If so, does the Sonicwall force you to assign different networks to the lan an wlan?
You could have better luck if both the lan and wlan have the same network number.

You say you cannot see other PCs in network neighborhood.
As a start, you should be able to see at least all the PCs on the hardwired lan from any PC on that lan,
and all PCs on the wireless lan from any PC on the wireless lan.
If you cannot do that then you need to solve that first, before worrying about seeing PCs on the other side of the Sonicwall.

Let us know what the status is!

Author Comment

ID: 11802546
Hi  Dragonmen,

To answer your questions:
I will keep this as simple as possible.
The WAN address is
One WLAN address is
One LAN address is 192.168.1 113
It is mandatory in a SonicWall TZW that each have there own sub domain.  It won't communicate if they aren't on a different sub domain.  
The FireWall and Router are all one hardware box called a SonicWall TZW.
Some computers are on the LAN and some computers are on the WLAN.
The SonicWall is supposed to create the link between sub domains.  That is where my need is in knowing how to configure the SonicWall.

Hi CajunBill,

You are correct.  SonicWall does that mandatory and on purpose so they start with all ports closed.  I need to figure out how to open up the correct ports.
It seems to me also that I should be able to see all  PC's on the LAN from the LAN
And all PC's on the WLAN from any other PC's on the WLAN
And because I have rules saying all PC's on the WLAN should pass ports 137-139 & 445 to the   LAN.
And because I have rules saying all PC's on the    LAN should pass ports 137-139 & 445 to the WLAN.
I should be able to see all PC's on both sub domains.

If you know the SonicWall this should be a piece of cake to solve.
If you know networking you should be able to tell me what ports need to be passed to get this working.
If you know how NETBios works this should be a piece of cake to figure out.

I am obviously not doing something correctly.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 11802930
netbios uses ports    137-139,  also want to enable icmp and it doesnt mattter really though, since im guessing that all the computers are connected through a the same switch on the router,

first off, ping the ips of each comp

start run - command hit enter black box comes up, type ping or whatver the ip is

get a reply?
is there a firewall on the comp your pinging?
it might block the ping

also from command prompt try this

route add othercompIP yourCompIP persistent:yes

it will add to your routing tables
not really neccesary

do this, start run \\ipaddress    do you see any shares?
try this as well   start run command hit enter
type in netview \\ipaddress

can you see anything

networking is networking, no matter what the device

Accepted Solution

CajunBill earned 500 total points
ID: 11803039
Yes, I have some Sonicwalls of my own - but not that model.
Anyway, the Sonicwall is not simply a switch, but instead a firewall, as you know.

In order to make the subnets communicate as you have been trying to do,
you may need to set up VPNs between the hardwired and wireless lans.
That's because they are on different network numbers, and this type of Windows traffic does not normally go between networks.
But before that will work for you, the Network Neighborhood must work within the subnets.
After that you can try to make it work between subnets.

You probably need to open up some more ports.
The simplest thing (and of course the least secure) would be to open all ports between the hardwired and wireless lans.
But it may be that all you need is to allow something like SMB in both directions.

Author Comment

ID: 11803215
Hi jjk16,

Your statement of "networking is networking, no matter what the device" is correct.  I agree.  How the OS or in this case the firewall is the unknown.  Your suggestions to  test each component of the network is excellent.  As you will see in a moment (since I figured it out) sometimes it helps to know the equipment.  I defiantly don't profess to know or understand this box.  And since I have been on the phone with SonicWall Tech Support with 1st level (India), 2nd level (India) and 3rd level (AZ) they don't seem to know the box either.

Hi CajunBill,

It sounds like you understand more about  SonicWall firewalls.  I think you were actually on the right track.  The difference between other models and this one is this one has one more layer.  Your's  probably has a WAN and a LAN on two different subnets.  This one has a built in Wireless also so there are other wireless  areas that make this more complicated.

I did setup VPN's between the Wireless and the SonicWall.  I experienced a problem trying to pass remote printer information on port 515.  It wouldn't work through the SonicWall VPN client.  When I turned off the VPN and WiFiSec Enforcement port 515 started working.    I'm waiting for a call from 3rd level as to the solution.  I did turn on "Enable MAC Filter List" so no one else can get into my wireless but it doesn't protect any sensitive information.  To answer your next question, I don't know how to turn on all ports.  If I did that would certainly be a good way to find out if  the problem is with the firewall or not.   I also don't know what SMB is.  I don't have an option in the firewall that says SMB.  Maybe there is another name for it?

I  have figured out what the problem was.  One of the support techs had me add a rule to the firewall  Allow WLAN -> LAN  Any.    Which means open any (and all) ports from WLAN -> LAN.
As soon as I  turned that rule off  i was able to search (and find)  the PC's  from the wireless to the LAN.  I know it sounds crazy but I have also found other rules that conflict and cause problems.  I don't know how long this firewall has been around but as far as I am concerned they don't have the bugs out yet.

Thanks for your help.

Expert Comment

ID: 12579367
Ok, for the port allowing you need to enable ports 137-139 for the netbios and port 445 for ms-ds.
For the routing to function you should use your firewall as a gateway.
Did some of this helps ?

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
fabric 1 58
Port to open for RDP connection to VM in DMZ ? 5 68
Extend coverage on my home wifi 7 13
Datacenter Upgrade - Design Question 5 24
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question