Sonicwall Behind Home Router

Posted on 2011-03-01
Medium Priority
Last Modified: 2013-12-14
I have a sonicwall TZ150 assigned to me for my home to connect back to the office. I need to set this up behind my existing router (Netgear WNDR3700v2) because the sonicwall kills my speed since I have fiOS with 50Mbs down and 20Mbs UP. The sonicwalls max download is around 22Mbs. I need the speed because I connect to servers that I can max out my connection with hence my delimma.

I need to connect to my corporate netork but only for the ip range 192.168.1.xxx my local lan is 10.10.1.xxx  so my pc wil be connected directly to the Netgear but I need the network to know to pass any 192.168.1.xxx traffic to the sonicwall. The sonicwalll is all preconfigured to establish the connection back to the corporate network. I have access to the device and can make any changes I want as I am part of technical staff there but I can seem to get this to work .

Please help. Thank you
Question by:Oscar Reyes
  • 5
  • 4

Expert Comment

ID: 35014470
try putting your sonicwall router in the DMZ of the negear router. Although depending on the type of VPN your corporate office uses, this may not work.  Also i thought the sonicwall was 100 megabits, i could be wrong

What kind of VPN is it, client/server?
LVL 33

Expert Comment

ID: 35014616
i'm not sure i undrstand. if the vpn is configured, put your netgear in bridge mode, put your public ip on the sonicwall and away you go. i'm guessing they put the sonicwall sa in agressive mode unless they know your public ip. also, i believe your limiting step will be the throughput ipsec processing ability of the 150 which may be at 22mb.

the vpn sounds like a site to site sonicwall vpn.
LVL 33

Expert Comment

ID: 35017709
i went back and checked my datasheet on the 150 and i don't see any reference to the 22mb limitation.

since your IT has already configured your sonicwall's VPN, it should automatically route to the subnet without any intervention from you. getting the 150 connected to your home internet will be the trick.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

by:Oscar Reyes
ID: 35018009
@csaroli - I did try adding it to the DMZ in my TS but it did not help. The Sonicwall is 100megabits on the internal lan for connectivity but the firewall throughput is limited. It is a site to site VPN.

@digitap - Your suggestions make a lot of sense, I will try them this evening. The 22Mbs limitation is real world - I am not sure what the datasheets say.

When my SW is connected as the main router my download maxes out at 22Mbs when my Netgear is connected its maxes out at 58Mbs. I need my NG to be the main router and have my SW behind it connecting to my corporate VPN. Which I can get to work (VPN is established and working, Phone, Laptop wired in) but only for devices that are connected directly to the SW.

My goal is to have my PC connected to my NG but route all 192.168.1.xxx traffic to the SW over the VPN. Not sure how to configure and connect the SW to my network to do this. Another NIC in my computer connected to the SW?

Thank you both for your prompt responses.
LVL 33

Accepted Solution

digitap earned 2000 total points
ID: 35019159
ok...i understand where you're getting the 22mb. there are somethings you can look at on the sonicwall to possibly help with the speed.

- What's the WAN negotiation set to? it's auto by default. go to the sonicwall > network > interfaces and edit the WAN interface. test 100mb/full; 100mb/half. see which one changes your egress/ingress speeds.

- what's the MTU? review the following article i wrote that walks through confirming your MTU on the WAN of the sonicwall is configured properly.


- are there any security services licensed. go to the sonicwall > system > status. on the right hand side, you'll see a list of items that are licensed on the sonicwall. look for content filter, gateway av, IPS, etc. you may need to disable those.

regarding the latter, you could put a second NIC in your workstation/laptop. you'd want two subnets. one for the NG and one for the sonicwall. set a static route on your device to use the sonicwall as the gateway for the network. also, make sure that the NG gateway is a lower metric so default traffic will use the NG.

however, i believe you said you wanted your access to the servers at work via the VPN to experience the higher bandwidth beyond the 22mb. this traffic will go through the sonicwall regardless, so this will always be a limiting step if we can't figure out why your sonicwall is preventing you from experiencing the full bandwidth.

having said that, you COULD take the 150 out of the picture entirely and use the sonicwall Global VPN client.  however, if your work bandwidth is less than your 50mb at home, then this becomes the new limiting step rather than the 150. i assume they are the same or at least your work bandwidth is more than 22mb that the 150 is getting you at home right now.

sorry, i know that's a lot of think about.

Assisted Solution

by:Oscar Reyes
Oscar Reyes earned 0 total points
ID: 35152073
I ended up getting a second NIC card. I configured the network as follows:

Main Router = Netgear (IP = mask

First PC NIC connected to NG static ip of
Sonicwall connected (LAN IP to NG through the WAN port (SW WAN to NG LAN Port)
Second PC NIC connected to Sonicwall LAN port with static ip of

On my PC I issued the following 2 commands using CMD (Elevated to Admin)

route add mask  metric 20 -p

route add mask metric 1 -p

The first command send all "regular" traffic to my NG router throut my first NIC. The second command routes all traffic for 192.168.1.x to the sonicwall through the second NIC.

The provides me with my full bandwidth to my FiOS connection and still connects me to my companys VPN.
LVL 33

Expert Comment

ID: 35152159
the author's final solution was suggested by me. request a new disposition using my solution here, http:#a35019159 as the final solution.

Author Comment

by:Oscar Reyes
ID: 35152257
@digitap: I tried your suggestions but it did not change the throughput of the sonicwall since the bottleneck is the firewall (see attached pdf, highlighted on page 5) though they say 30Mbs real world I was only getting 22Mbs. I tried adjusting my MTU setting from 1500 to 1492, it did not help. There are no other security features licensed only Nodes/Users and VPN.

Your suggestion for how to configure my network with two nics was helpful. Thank you.
LVL 33

Expert Comment

ID: 35152437
thanks! i appreciate that!

Author Closing Comment

by:Oscar Reyes
ID: 35178835
Issue Resolved

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question