Solved

Sonicwall routing

Posted on 2011-03-14
13
1,639 Views
Last Modified: 2012-05-11
I have a Sonicwall TZ 210. The LAN interface is X0 (192.168.1.0), WAN is X1 (75.99.99.0).

I wanted to put a device (192.168.40.10) on interface X2

How do I configure the Sonicwall device to route packets from the 192.168.1.0 network to the 192.168.40.1 device?
When I configure the X2 interface with address 192.168.40.2, it creates an automatic entry in the route table, I can ping the device from the SonicWall, but cannot from the LAN network.
SonicWall-router.jpg
0
Comment
Question by:Hamptonite
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
13 Comments
 
LVL 6

Expert Comment

by:expert02232010
ID: 35131589
You need to create a route on your internal network for the 192.168.40.x subnet that routes to the X1 interface IP address of the sonicwall
0
 

Author Comment

by:Hamptonite
ID: 35131646
The Sonicwall is THE router, why does it not route the packets to the X1 or X2 interfaces depending on the IP?
0
 
LVL 6

Expert Comment

by:expert02232010
ID: 35131770
Have you created firewall rules to all traffic between X0 and X2?  

0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 

Author Comment

by:Hamptonite
ID: 35131950
The firewall is set to allow all bewteen the interfaces.
0
 
LVL 6

Expert Comment

by:expert02232010
ID: 35131989
what does a tracert report from each side?
can the 192.168.40.10 get to the internet ok?
0
 
LVL 33

Expert Comment

by:digitap
ID: 35135075
what type of traffic is on this interface? you will need to either create a new zone for this interface or use the LAN zone. if there is an inherent trust and you don't need to really manage the traffic between the two interfaces, then just use the LAN zone.

when you've decided on a zone, go to network > interface. select the X2 interface and edit it. the issue you are having probably has to do with the portshield function. when you edit the X2 interface, you want to choose the zone and then click the drop down for IP assignment. default will be portshield. select static and you can choose an IP on the 192.168.40.0/24 subnet and this will be the gateway for your hosts on that interface.

when you click OK, the sonicwall create all the routes and firewall rules needed to communicate between the two interfaces. as long as you use the IP of the X2 interface as the gateway on your X2 hosts, it should route properly.

hope that helps!
0
 

Author Comment

by:Hamptonite
ID: 35152284
digitap - I had already  configured the interface as you suggested. I think I need to give you more information;
There is only one host on the .40 network. It already has a default gateway and I do not really have access to that network, although it is sitting a couple of feet from my servers.

A company is trying to intergrate the two systems' SQL data, so has asked if I could access the SQL server (192.168.40.10) from my network (192.168.0.0/24). I can ping 192.168.40.10 on the X2 interface from the Sonicwall (192.168.40.2) but I think what may be happening is that since 192.168.40.10 has a different gateway, when I ping it from the 192.168.0.0 network, the ICMP packets are being lost.

Is there a way to have traffic flow through the interface?

Literally, I could connect an Ethernet cable between the two networks and assign IPs from both networks on the PC that needs access, but I'd rather be able to set firewall rules and monitor traffic between the two networks to prevent virus outbreaks, etc.
Route-Traffic-RedNX.jpg
0
 
LVL 33

Accepted Solution

by:
digitap earned 250 total points
ID: 35153742
if you could get their IT to add the following route to their SQL server, i think that would solve your routing problem:

route ADD 192.168.0.0 MASK 255.255.255.0 192.168.40.2

you've essentially added the gateway of the sonicwall on the X2 interface for traffic trying to get to your subnet. hope they'll let you do that.




0
 

Author Comment

by:Hamptonite
ID: 35184101
digitap - sounds like a good plan. I am in contact with their tech people and will let you know how it turns out.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35379601
i believe adding the route on the other vendor's hardware is the answer here. the other end doesn't know how to route the network and adding the route resolves that problem. it would be great to get that confirmation, but i'm not sure Hamptonite will have success getting the other end to add the route. nothing against Hamptonite. Rather, the other vendor might not let the route be added. That would be the sure test.
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35439131
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question