Solved

Sonicwall NSA 4500 Enhanced OS Setup help

Posted on 2011-02-13
8
1,365 Views
Last Modified: 2012-05-11
OK, I'm at a bit of a loss here.  I'm replacing an older sonicwall pro 3060 with standard OS to a NSA 4500 with the enhanced OS.  I've setup 3 interfaces, the LAN (which works fine) my WAN (which doesn't seem to work) and my DMZ (which I can access from my LAN but not from the internet)

Now, I've checked my WAN properties and my IP, subnet, dns etc are all the same as what's on my old unit.  I'm using the same LAN info as well, and just swapping out the units.  I have no trouble accessing the FW when i make the switch. I have link lights on mt WAN port (x1)

I've looked at my routes and can't seem to find anything wrong.  I do have a bunch of static routes, but all to either specific VLANs in the 192.168.x.xxx or in my DMZ and where copied by from my old router.  Granted the setups aren't the exact same between the routers.  Same goes with my access rules.

DMZ is in transparent mode and shows the same subnet as my WAN.

Any suggestions as to what to look at?
0
Comment
Question by:JamesonJendreas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 10

Expert Comment

by:Korbus
ID: 34883767
I have seen some internet modems be particular regarding the MAC address to which it is connected.
I think you can simulate a MAC address with a sonicwall.
Also, I belive the sonicwall has diagnostics that will enable you to ping your WAN gateway address, directly from the sonicwall. If this fails, try the MAC address thing, or contact your isp.
0
 
LVL 6

Assisted Solution

by:caskrist
caskrist earned 166 total points
ID: 34883942
Maybe an issue with duplex (half/full). Try to set it to fixed.
0
 
LVL 33

Accepted Solution

by:
digitap earned 334 total points
ID: 34884525
i think it's the speed/duplex as caskrist has suggested already.  however, you might check your mtu.  if incorrect, you'd drop packets making it seem like you can't connect to the internet.  here's an article that walks you through that.


http://www.experts-exchange.com/viewArticle.jsp?articleID=3110
0
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

 
LVL 1

Author Comment

by:JamesonJendreas
ID: 34888397
As an FYI, my router is a Cisco 2621XM.  I did do a MAC clone, didn't help.  I changed the MTU to what was on my previous router as well.  My link shows as 1000mbps full duplex.  Now I'm connected through an Fa0 port on my router, shouldn't that then be 100mbps?  
0
 
LVL 1

Author Comment

by:JamesonJendreas
ID: 34888660
I've also setup a bit of a test environment for this, - I've set the LAN IP to .2 from .1, and have given it an IP in my public range (this one is .104, instead of .66 as 104 was the only open IP I have currently).  My old sonic wall was connected to a hub then to my router, so I'm planning on plugging both into the hub.  Is there any reason this wouldn't work?   I'm switching my PC's gateway from one to the other.
0
 
LVL 6

Expert Comment

by:caskrist
ID: 34888820
Yes, the hub is an option. But try setting the wan interface to fixed 100 mbps fulle duplex.
0
 
LVL 1

Author Comment

by:JamesonJendreas
ID: 34888844
Well I'm not 100% sure why, but it's seems to work (in the test environment above).  I changed it to force 100mbps, but that didn't seem to fix the issue.  I downloaded and installed the newest firmware, and BAM! it's up and running
0
 
LVL 33

Assisted Solution

by:digitap
digitap earned 334 total points
ID: 34888988
if you are in a hub at the moment, then changing the speed/duplex MAY not resolve the issue.  however, if your WAN interface is connected directly to the cisco, then it would...at least in my experience.  i always have to set the static speed/duplex.

glad you got it with the firmware.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VOIP gateways - feedback 23 65
Is Fedora an appropriate distro for the environment. 7 89
AS-Path BGP Attribute 7 28
WDS can't PXE boot 3 33
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question