Sonicwall Behind Home Router

Posted on 2011-03-01
Last Modified: 2013-12-14
I have a sonicwall TZ150 assigned to me for my home to connect back to the office. I need to set this up behind my existing router (Netgear WNDR3700v2) because the sonicwall kills my speed since I have fiOS with 50Mbs down and 20Mbs UP. The sonicwalls max download is around 22Mbs. I need the speed because I connect to servers that I can max out my connection with hence my delimma.

I need to connect to my corporate netork but only for the ip range my local lan is  so my pc wil be connected directly to the Netgear but I need the network to know to pass any traffic to the sonicwall. The sonicwalll is all preconfigured to establish the connection back to the corporate network. I have access to the device and can make any changes I want as I am part of technical staff there but I can seem to get this to work .

Please help. Thank you
Question by:evengeekier
  • 5
  • 4

Expert Comment

ID: 35014470
try putting your sonicwall router in the DMZ of the negear router. Although depending on the type of VPN your corporate office uses, this may not work.  Also i thought the sonicwall was 100 megabits, i could be wrong

What kind of VPN is it, client/server?
LVL 33

Expert Comment

ID: 35014616
i'm not sure i undrstand. if the vpn is configured, put your netgear in bridge mode, put your public ip on the sonicwall and away you go. i'm guessing they put the sonicwall sa in agressive mode unless they know your public ip. also, i believe your limiting step will be the throughput ipsec processing ability of the 150 which may be at 22mb.

the vpn sounds like a site to site sonicwall vpn.
LVL 33

Expert Comment

ID: 35017709
i went back and checked my datasheet on the 150 and i don't see any reference to the 22mb limitation.

since your IT has already configured your sonicwall's VPN, it should automatically route to the subnet without any intervention from you. getting the 150 connected to your home internet will be the trick.

Author Comment

ID: 35018009
@csaroli - I did try adding it to the DMZ in my TS but it did not help. The Sonicwall is 100megabits on the internal lan for connectivity but the firewall throughput is limited. It is a site to site VPN.

@digitap - Your suggestions make a lot of sense, I will try them this evening. The 22Mbs limitation is real world - I am not sure what the datasheets say.

When my SW is connected as the main router my download maxes out at 22Mbs when my Netgear is connected its maxes out at 58Mbs. I need my NG to be the main router and have my SW behind it connecting to my corporate VPN. Which I can get to work (VPN is established and working, Phone, Laptop wired in) but only for devices that are connected directly to the SW.

My goal is to have my PC connected to my NG but route all traffic to the SW over the VPN. Not sure how to configure and connect the SW to my network to do this. Another NIC in my computer connected to the SW?

Thank you both for your prompt responses.
LVL 33

Accepted Solution

digitap earned 500 total points
ID: 35019159
ok...i understand where you're getting the 22mb. there are somethings you can look at on the sonicwall to possibly help with the speed.

- What's the WAN negotiation set to? it's auto by default. go to the sonicwall > network > interfaces and edit the WAN interface. test 100mb/full; 100mb/half. see which one changes your egress/ingress speeds.

- what's the MTU? review the following article i wrote that walks through confirming your MTU on the WAN of the sonicwall is configured properly.

- are there any security services licensed. go to the sonicwall > system > status. on the right hand side, you'll see a list of items that are licensed on the sonicwall. look for content filter, gateway av, IPS, etc. you may need to disable those.

regarding the latter, you could put a second NIC in your workstation/laptop. you'd want two subnets. one for the NG and one for the sonicwall. set a static route on your device to use the sonicwall as the gateway for the network. also, make sure that the NG gateway is a lower metric so default traffic will use the NG.

however, i believe you said you wanted your access to the servers at work via the VPN to experience the higher bandwidth beyond the 22mb. this traffic will go through the sonicwall regardless, so this will always be a limiting step if we can't figure out why your sonicwall is preventing you from experiencing the full bandwidth.

having said that, you COULD take the 150 out of the picture entirely and use the sonicwall Global VPN client.  however, if your work bandwidth is less than your 50mb at home, then this becomes the new limiting step rather than the 150. i assume they are the same or at least your work bandwidth is more than 22mb that the 150 is getting you at home right now.

sorry, i know that's a lot of think about.
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.


Assisted Solution

evengeekier earned 0 total points
ID: 35152073
I ended up getting a second NIC card. I configured the network as follows:

Main Router = Netgear (IP = mask

First PC NIC connected to NG static ip of
Sonicwall connected (LAN IP to NG through the WAN port (SW WAN to NG LAN Port)
Second PC NIC connected to Sonicwall LAN port with static ip of

On my PC I issued the following 2 commands using CMD (Elevated to Admin)

route add mask  metric 20 -p

route add mask metric 1 -p

The first command send all "regular" traffic to my NG router throut my first NIC. The second command routes all traffic for 192.168.1.x to the sonicwall through the second NIC.

The provides me with my full bandwidth to my FiOS connection and still connects me to my companys VPN.
LVL 33

Expert Comment

ID: 35152159
the author's final solution was suggested by me. request a new disposition using my solution here, http:#a35019159 as the final solution.

Author Comment

ID: 35152257
@digitap: I tried your suggestions but it did not change the throughput of the sonicwall since the bottleneck is the firewall (see attached pdf, highlighted on page 5) though they say 30Mbs real world I was only getting 22Mbs. I tried adjusting my MTU setting from 1500 to 1492, it did not help. There are no other security features licensed only Nodes/Users and VPN.

Your suggestion for how to configure my network with two nics was helpful. Thank you.
LVL 33

Expert Comment

ID: 35152437
thanks! i appreciate that!

Author Closing Comment

ID: 35178835
Issue Resolved

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now