Improve company productivity with a Business Account.Sign Up

x
?
Solved

Secondary Gateway on Sonic Wall TZ190

Posted on 2009-05-17
7
Medium Priority
?
369 Views
Last Modified: 2012-08-14
I created a secondary by following the instructions on this link below. it works great but the two internal subnets are able to ping each other. I need to have two subnets and have a block so that one subnet can not reach the other. Example, lan subnet primary is 192.168.2.1
secondary is 192.168.0.1 I don't want anything on 2.1 to be able to access 0.1 subnet

http://www.sonicwall.com/downloads/supporting_multiple_firewalled_subnets_on_sonicos_enhanced.pdf
0
Comment
Question by:webiis
  • 4
  • 3
7 Comments
 
LVL 6

Accepted Solution

by:
KevinCovert earned 2000 total points
ID: 24408968
I would have to assume that the subnets are on two separate VLAN/zones.  Check your firewall policy from zone A>zone B and set a rule to deny all and then create another policy for zone B>zone A for deny all.  That should block all your traffic between the two LANs.

If you can't do it through the firewall just redirect the traffic between the LAN subnets with an intentional bad gateway.  Not nearly as clean but it will stop the traffic.

Source                Dest                    Gateway
192.168.0.x       192.168.2.x          1.1.1.1

Try the firewall route if at all possible.

KMC
0
 
LVL 6

Expert Comment

by:KevinCovert
ID: 24429304
Any luck?
0
 

Author Comment

by:webiis
ID: 24431188
haven't had a chance to try it.  I'm not exactly sure of how to create those zones. I will try though.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
LVL 6

Expert Comment

by:KevinCovert
ID: 24433060
Configuring Zones - Chapter 17.  This is assuming you have the 4.0 enhanced OS.

http://www.sonicwall.com/downloads/SonicOS_Enhanced_4.0_TZ_180_190_Administrators_Guide.pdf
0
 
LVL 6

Expert Comment

by:KevinCovert
ID: 24476097
How is this issue coming along?

KMC
0
 

Author Comment

by:webiis
ID: 24938400
no luck yet. I'm going to try it again. info soon.
0
 

Author Comment

by:webiis
ID: 25113835
sorry guys still haven't had a chance to implement this. I will circle back around asap.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Have a Cisco router that you forgot the password or maybe you bought a used router that is locked with a password? This article will guide you through the steps on how to recover the password on your Cisco gear.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question