• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1890
  • Last Modified:

SonicWALL NSA2400 NetBIOS between two subnet not work with IP Helper

Hi all,

I am using SonicWALL NSA 2400, it work well with the VPN and other thing.

But not I am setting two subnet on two interface. Then the problem here.

On X0 interface is a Default LAN, I am using 192.168.18.x/24
On X1 interface is a Default WAN, with Static Public IP
On X2 interface, it is a Limit LAN (I named it) and I make this as are Public Zero (Like DMZ, but it is not using for DMZ, just other LAN with higher security) that holded 192.168.19.x/24 this LAN IP range.....

The problems is all setting are default, then I plug the workstation A1, A2 on X0, B1 on X2 interface...

The default firewall setting from LAN Limit to LAN is all thing disallow, so I add the NetBIOS Port open and SMB that need for file shared or Network Neigborad port open in the Firewall rules ... to make the B1 workstation can connect to some A1 and A2 workstation ...

The problems is this, only IP can work from the LAM Limit to LAN, other like NetBIOS Name that using \\abc will never work.

So I search the SonicWALL support, finded the IP Helper, then I enabled it and add the following policy also don't work.

X0 to X2 allow
X2 to X0 allow
Both are using Network Based IP and subnet ...

So I am totoal lose on that, if the netbios not work, it is not good for end-user, since some workstation much join the W2K3 AD and some workstation on the X2 interface not need to join the Domain...

On the Defult LAN X0 interface, all workstation are no problems both using IP or NetBIOS to connect to the share resource ....

Any suggest for me is welcome, and I am beginner on this case, so if have detail step by step is good for me.

Thank you.
1 Solution
NetBIOS won't work over a routed network.

SMB over TCP *will* work on a routed network but you may need to hepl it out.

If you have a WINS server, make sure all your workstations can see it , and know abotu it.

Otherwise, you may need to do one of (or a mixture of)

- using IP address, not server name, in SMB commands, e.g. Net Use f: \\\Sharename
- put the IP address and server name in the HOSTS file of each system.

Either of which is going to be annoying if you later decide to renumber, of course. Such is life.

explorer1979Author Commented:
Hi ccomley,

  We haven't WINS Server, since we just have two DC, and many book also suggestion don't run the WINS on DC.

  If we add WINS Server, do also need two server? One place on the 192.168.18.x subnet, and other place on the 192.168.19.x subnet?

  Where are the HOSTS files? This files is place on the client side workstation or other place?

  Thank you very much again.
Don't mess with the HOSTS file. You want the LMHOST File between domain master browsers of each site.

HOST files are for DNS lookups, in the event you don't have a DNS server.

LMHOST files are for WINS lookups, in the event you don't have a WINS server.

Since SMB or netbios shares are highly targeted, you should check with sonic wall customer service to see how they secure SMB sharing between subnets. I think SonicWall can do so. That would be your best and most secure method to access network shares.

If that will not work for you, then a WINS connection between both domain servers, or an LMHOST on both servers will work for you. These LMHOST Files are editable with a text editor, like notepad.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now