Network failover using MPLS and comcast on a sonicwall NSA 2400

I have a sonicwall nsa 2400,  we just installed a new MPLS line into the organization but have not completed the setup due to some technical difficulties either between my tech staff or the ISP.  none the less, I have a dedicated internet connection at 2 sites, we will call this one x1.  x1 is on 'comcast' and has a site to site vpn running.  We are adding a MPLS circuit, that has both a WAN connection for internet connectivity, and a MPLS circuit.  We can call this one x2.

The isp has 2 ports on the supplied router, 1 for the 'WAN' and 1 for the MPLS.   The WAn side is connected directly to the Sonic wall port x2, and they (the isp) has us plugging the MPLS port into our main switch.

The ISP says they can ping across the mpls circuit into the organization, but we cannot get traffic to run over the MPLS circuit from inside the org.

The site to site on the X2 connection is working over the internet via a secondary IP setup on the VPN connection, but not over the MPLS.

Any ideas?  Am I missing a route? should I be making a new LAN port on the sonic wall for the MPLS?  I am stumped and getting friction from the ISP to make decisions.

Thanks in advance.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

you need something that will route to the interface of the MPLS.  what you should do is setup another interface on the sonicwall (if you have any interfaces left).  Call it MPLS or something.  Connect it to the sonicwall and come up with a unique subnect.  Will the MPLS just route whatever you put on the line?  If so, then you can use whatever subnet you want.  as the interface of the MPLS interface on the sonicwall.  So, MPLS interface is's say.  On the other end of the MPLS, you'd have  So, at the other end, your primary subnet is  On the sonicwall end, you have a route such that anything needing to get to use as the gateway.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
You can also keep the MPLV VPN port connected to the switch, and then have the ISP configure an IP from your LAN subnet on it. Next, you would put a static route on the Sonicwall pointing the remote network to go via the that new IP.

I believe the best way forward is to ask the ISP about what IP addressing and routing they have configured.
@pergr :: my only concern there is creating a dependency on the ISP for you internal network to function properly.  if there is ever a change on their end (which they are not required to notify us when or before they make it), then this could cause disruption.  also, if we need a change, then we must wait on them to implement the change.  either of those scenarios, can take hours or days to complete.  i've seen it happen.  thoughts?
Well, I used to work at an ISP - with these sort of things.

I think the best advice would be to choose a good ISP..., and a good design. If you want to be able to make changes without waiting for them, then choose a dynamic routing protocol (probably BGP) so that if you want to add new subnets at one site you will advertise them yourself and the ISP do not need to make any changes for them to appear on the other side of the VPN.
thanks for the points!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.