Sonicwall Behind Home Router

I have a sonicwall TZ150 assigned to me for my home to connect back to the office. I need to set this up behind my existing router (Netgear WNDR3700v2) because the sonicwall kills my speed since I have fiOS with 50Mbs down and 20Mbs UP. The sonicwalls max download is around 22Mbs. I need the speed because I connect to servers that I can max out my connection with hence my delimma.

I need to connect to my corporate netork but only for the ip range 192.168.1.xxx my local lan is 10.10.1.xxx  so my pc wil be connected directly to the Netgear but I need the network to know to pass any 192.168.1.xxx traffic to the sonicwall. The sonicwalll is all preconfigured to establish the connection back to the corporate network. I have access to the device and can make any changes I want as I am part of technical staff there but I can seem to get this to work .

Please help. Thank you
Oscar ReyesSenior Systems AdministratorAsked:
Who is Participating?
 
digitapConnect With a Mentor Commented:
ok...i understand where you're getting the 22mb. there are somethings you can look at on the sonicwall to possibly help with the speed.

- What's the WAN negotiation set to? it's auto by default. go to the sonicwall > network > interfaces and edit the WAN interface. test 100mb/full; 100mb/half. see which one changes your egress/ingress speeds.

- what's the MTU? review the following article i wrote that walks through confirming your MTU on the WAN of the sonicwall is configured properly.

http://www.experts-exchange.com/viewArticle.jsp?articleID=3110

- are there any security services licensed. go to the sonicwall > system > status. on the right hand side, you'll see a list of items that are licensed on the sonicwall. look for content filter, gateway av, IPS, etc. you may need to disable those.

regarding the latter, you could put a second NIC in your workstation/laptop. you'd want two subnets. one for the NG and one for the sonicwall. set a static route on your device to use the sonicwall as the gateway for the 192.168.1.0/24 network. also, make sure that the NG gateway is a lower metric so default traffic will use the NG.

however, i believe you said you wanted your access to the servers at work via the VPN to experience the higher bandwidth beyond the 22mb. this traffic will go through the sonicwall regardless, so this will always be a limiting step if we can't figure out why your sonicwall is preventing you from experiencing the full bandwidth.

having said that, you COULD take the 150 out of the picture entirely and use the sonicwall Global VPN client.  however, if your work bandwidth is less than your 50mb at home, then this becomes the new limiting step rather than the 150. i assume they are the same or at least your work bandwidth is more than 22mb that the 150 is getting you at home right now.


sorry, i know that's a lot of think about.
0
 
csaroliCommented:
try putting your sonicwall router in the DMZ of the negear router. Although depending on the type of VPN your corporate office uses, this may not work.  Also i thought the sonicwall was 100 megabits, i could be wrong

What kind of VPN is it, client/server?
0
 
digitapCommented:
i'm not sure i undrstand. if the vpn is configured, put your netgear in bridge mode, put your public ip on the sonicwall and away you go. i'm guessing they put the sonicwall sa in agressive mode unless they know your public ip. also, i believe your limiting step will be the throughput ipsec processing ability of the 150 which may be at 22mb.

the vpn sounds like a site to site sonicwall vpn.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
digitapCommented:
i went back and checked my datasheet on the 150 and i don't see any reference to the 22mb limitation.

since your IT has already configured your sonicwall's VPN, it should automatically route to the subnet without any intervention from you. getting the 150 connected to your home internet will be the trick.
0
 
Oscar ReyesSenior Systems AdministratorAuthor Commented:
@csaroli - I did try adding it to the DMZ in my TS but it did not help. The Sonicwall is 100megabits on the internal lan for connectivity but the firewall throughput is limited. It is a site to site VPN.

@digitap - Your suggestions make a lot of sense, I will try them this evening. The 22Mbs limitation is real world - I am not sure what the datasheets say.

When my SW is connected as the main router my download maxes out at 22Mbs when my Netgear is connected its maxes out at 58Mbs. I need my NG to be the main router and have my SW behind it connecting to my corporate VPN. Which I can get to work (VPN is established and working, Phone, Laptop wired in) but only for devices that are connected directly to the SW.

My goal is to have my PC connected to my NG but route all 192.168.1.xxx traffic to the SW over the VPN. Not sure how to configure and connect the SW to my network to do this. Another NIC in my computer connected to the SW?

Thank you both for your prompt responses.
0
 
Oscar ReyesConnect With a Mentor Senior Systems AdministratorAuthor Commented:
I ended up getting a second NIC card. I configured the network as follows:

Main Router = Netgear (IP =10.10.1.1 mask 255.255.255.0)

First PC NIC connected to NG static ip of 10.10.1.2
Sonicwall connected (LAN IP 192.168.123.1) to NG through the WAN port (SW WAN to NG LAN Port)
Second PC NIC connected to Sonicwall LAN port with static ip of 192.168.1.2

On my PC I issued the following 2 commands using CMD (Elevated to Admin)

route add 0.0.0.0 mask 0.0.0.0  10.10.1.1  metric 20 -p

route add 192.168.1.0 mask 255.255.255.0 192.168.123.1 metric 1 -p

The first command send all "regular" traffic to my NG router throut my first NIC. The second command routes all traffic for 192.168.1.x to the sonicwall through the second NIC.

The provides me with my full bandwidth to my FiOS connection and still connects me to my companys VPN.
0
 
digitapCommented:
the author's final solution was suggested by me. request a new disposition using my solution here, http:#a35019159 as the final solution.
0
 
Oscar ReyesSenior Systems AdministratorAuthor Commented:
@digitap: I tried your suggestions but it did not change the throughput of the sonicwall since the bottleneck is the firewall (see attached pdf, highlighted on page 5) though they say 30Mbs real world I was only getting 22Mbs. I tried adjusting my MTU setting from 1500 to 1492, it did not help. There are no other security features licensed only Nodes/Users and VPN.

Your suggestion for how to configure my network with two nics was helpful. Thank you.
0
 
digitapCommented:
thanks! i appreciate that!
0
 
Oscar ReyesSenior Systems AdministratorAuthor Commented:
Issue Resolved
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.