Link to home
Create AccountLog in
Avatar of Maximus54
Maximus54

asked on

SonicWall Default Gateway configuration

I have a Sonicwall Pro 4100 firewall appliance, I have one LAN and 2 WANs configured on the interfaces. The LAN interface is X0 for the local area network, X1 is the default Gateway that routes a group of defined computers to ISP 1 and the X2 interface is the secondary Interface that routes the rest of the computers to a different ISP 2. Is there an easier way of swapping the Default Gateway interface, in other words can I make the X2 interface the default Gateway so that any computer not defined can use the X2 interface to go out of since ti is the default.
Avatar of digitap
digitap
Flag of United States of America image

you can't modify the default routes.  the sonicwall will use it's default WAN interface for any host that isn't defined in a custom route.  to affect those hosts NOT defined, create a new route that's similar to the default gateway route.

source: any
destination: secondary gateway
service: any
gateway: 0.0.0.0
interface: x2
metric: make this the same as your default primary gateway

a traceroute from one of the hosts to google.com will let you know if your new route is working.

Avatar of Maximus54
Maximus54

ASKER

My other reason for not wanting an entry like the one that you supplied me is because the client VPN is configured to go through the default gateway which I instead want using the other WAN. I specified in the Advanced tab of the WAN GroupVPN configuration that I wanted VPN clients to go thought the secondary WAN by adding the secondary IP address entry in 'Default Gateway' but now the users cannot connect to the internet anymore. They can connect to the our network but they can not connect to the internet while connected to the VPN, which is a result of checking the required ' Set Default Route as this Gateway'.
So you see the routing entries fixed one set of the problem but noW the VPN clients cannot connect to the internet while connected to the VPN.
ASKER CERTIFIED SOLUTION
Avatar of digitap
digitap
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Yes you got it, swapping them is what I want to do. I did not want to change the current configuration on the interfaces entry and switching the cables in case some things did not work and I can quickly revert back but it seems that reconfiguring the interfaces as well as changing some route policies to reflect this change is the only way of doing this.
The answer is no there is not a section or place where I can change the default interface.
export the settings under system > settings before you make any changes to revert back quickly if something goes wrong.
Will do, thanks as usual digitap
you're welcome and thanks for the points!