Solved

Can SonicWall TZ170 Wireless be on same subnet as domain computers?

Posted on 2011-09-22
10
1,203 Views
Last Modified: 2012-05-12
A client has a SonicWall TZ180 Wireless router. The wireless portion, setup via the wizard, is located at 172.16.31.1, is running DHCP (for wireless), and handing out IP addresses to clients. The clients could not access resources on the domain (192.168.100.x) until I manually put the SBS 2008 Server IP  (192.168.100.2) as the first DNS Server under Network / DHCP Server / Dynamic Range Configuration/ DNS/WINS. See image:
SonicWall Settings
Once this was done, the clients could access the network without issue, so I assume the SonicWall is doing some kind of NAT work.
 
The problem is that I'm using Sunbelt Software's Vipre Enterprise AntiVirus and it can't communicate with the laptop in order to update status, etc. I assume the reason is because of the different subnets and NAT involved. Here's the laptop IP settings:
 Laptop IP settings
Question: Can I change the SonicWall Wireless to be on the 192.x.x.x subnet without causing DNS / DHCP issues? Or is there another approach I should be using?
0
Comment
Question by:scion111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 32

Accepted Solution

by:
aleghart earned 500 total points
ID: 36582659
Why not enable DHCP to pass to your domain's DHCP controller?  I've had TZ100 and TZ200, and never used the built-in DHCP server.  Even VPN users got forwarded to the domain controller for DHCP requests.
0
 

Author Comment

by:scion111
ID: 36583267
aleghart:
Thanks fo rthe suggestion. I just plowed through the wizard and did not notice the pass through option. I assume I just uncheck "Enable DHCP Server" and check "Allow DHCP passthrough" and don't have to adjust any other settings. Is that correct?
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36583303
Yes. Should work. If you have VPN users you'll have to find the setting for DHCP relay, which will forward DHCP requests from the remote user to your domain's DHCP server.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:scion111
ID: 36583339
VPN users connect through the Small Business Server so I assume that would not be an issue. Let me know if you feel otherwise.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36583344
No...then they'll not have to worry about the SonicWall VPN settings.
0
 

Author Comment

by:scion111
ID: 36583474
Thanks - you've been a great help!
0
 

Author Comment

by:scion111
ID: 36583705
aleghart:
Sorry - I spoke too soon. When I tried to enable DHCP passthrough, I go this message: "DHCP passthrough only works in Transparent Mode. Please change your networking address mode"

Did some reading and it sounds a bit scary...

As an alternate, do you think I can leave the DHCP server on, but change the scope to be within the 192.168.100.x subnet, and then exclude them from distribution on th SBS 2008 DHCP Server?

Example:
On SBS 2008 DHCP, exclude IP range 192.168.100.80 - 192.168.100.90 from distribution.
On SonicWall, set DHCP Range from 192.168.80 - 192.168.90, set Gateway to 192.168.100.1 (which is LAN IP of SonicWall that the domain uses as a Gateway, set Subnet mask to 255.255.255.0

My concern is that the SBS 208 DHCP will sense the SonicWall and disable itself - not good.
0
 
LVL 32

Expert Comment

by:aleghart
ID: 36583900
I was thinking about the "IP Helper".  It was on the TZ170, and I see it on the TZ200 under Network > IP Helper.
Make an entry under "Relay Protocols" for DHCP.
Create the domain server as an object first (with the proper LAN IP address).
Add a policy that forwards DHCP to your domain server.


sonicwall-IPHelper-DHCP.jpg
0
 

Author Comment

by:scion111
ID: 36589712
I will look at later tonight and advise - thanks again for all your help.
0
 

Author Comment

by:scion111
ID: 36590696
aleghart:
No "IP Helper" settings on TZ180 I could find. Any idea if the DHCP server with a limited scope I mentioned above would work (or wreak havoc)?

Another alternate would be to just get a Wireless Access Point, but I thought this would be doable with the SonicWall.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA blocks some https sites. 27 66
Turn off power management for the wireless nic card 3 47
Connectivity issues after power outage 5 63
Router question 6 249
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question