Using 2 SonicWall's with 2 ISPs on the same subnet

Here is my situation, we have two SonicWall's (a TZ-180 and TZ-170) and would like to be able to have one using each ISP connection. One would act as a site-to-site VPN link and the other for the LAN, is it possible that these SonicWall's can be connected so site's connected through the VPN can use servers on the other SonicWall?

Thanks
Rob--Asked:
Who is Participating?
 
Erik BjersConnect With a Mentor Principal Systems AdministratorCommented:
my advice: spend the money on something like the NSA series with the enhanced OS.  Check your vendor many will offer trade up programs.

I don't see an easy way to do what you want and routing will be a pain but it can be done (I just have to spend some time thinking about it)

Is the above picture your current layout?  Can you label the different networks (subnets) you are using along with interface IP?  You can use fake IPs but this will help me get a better picture.

eb
0
 
Erik BjersPrincipal Systems AdministratorCommented:
This should work if you get routing setup correctly, but why would you want to do it this way?  You can setup Zones (assuming you have the enhanced OS) on the SonicWALL so it would be best to just use one device.

I guess I'm just not sure what you are trying to accomplish, can you attach a diagram of what you want?

eb
0
 
Rob--Author Commented:
Attached is a sketch of what we are after. We are only doing it this way to hold off on purchasing a sonicwall that has dual WAN support. Both these sonicwalls do not have the enhanced OS.
sketch.jpg
0
The eGuide to Automating Firewall Change Control

Today‚Äôs IT environment is constantly changing, which affects security policies and firewall rules. Discover tips to help you embrace this change through process improvement & identify areas where automation & actionable intelligence can enhance both security and business agility.

 
Rob--Author Commented:
Would you be able to explain the benefits to moving up to the NSA series? This is my preferably option and would appreciate some backing to prove this is the best option. Thanks
0
 
Erik BjersPrincipal Systems AdministratorCommented:
What are your current devices?  How large is your network? How many nodes on each side of the VPN? Any rote access VPN users.
0
 
Rob--Author Commented:
Currently we only utilize one sonicwall for LAN and site-to-site VPN needs with a single ISP. We are adding a second ISP and want to understand the benefits of the NSA 240 unit. Thanks
0
 
dosdet2Commented:
If price is an issue, check out the tradeup to the TZ210.  It still has gigbit ports (6) and all ports are configurable as Lan, Wan or DMZ and run enhanced OS (which is now standard on all newer units.)  If you have a lot of users, then the NSA is the way to go.  But for a small shop ( 50 - 60 users ?? ) on a budget - it's a good deal.  

Site to Site with 2 sonicwalls is a killer setup too.  You can have duplicate subnets and still access everything on both sites easily.  We use it for a backup site with a TZ210 on the main site & a TZ200 on the backup site.  All the server IPs match their counterparts and can still transfer between each other.
Can use RDC to everything from either site.

0
 
Rob--Author Commented:
Provided an adequate purchase option
0
All Courses

From novice to tech pro — start learning today.