Solved

Sonicwall best practice ...

Posted on 2012-04-09
12
1,220 Views
Last Modified: 2012-04-18
Hello, I've just installed a Sonicwall security device for our small business.

I am unable to connect to the LAN X0, if I am connecting over wifi (from the W0 (wlan) interface). I cannot ping computers on the X0.

X0 is on 192.168.0.xx and W0 is on 172.16.31.xx

May I know how to do it and what is the best practice ?

thanks. Clifford
0
Comment
Question by:CliffordNg
  • 7
  • 4
12 Comments
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37822671
It seems that these Sonicwall units block traffic from WLAN to LAN by default.

You need to go into the management interface and add LAN-WLAN and WLAN-LAN firewall rules that will allow traffic to flow between them.

You don't say which unit you have, but Sonicwall provide instructions here under KBID 5351, though the last update to the article was two years ago...
0
 

Author Comment

by:CliffordNg
ID: 37822676
thanks. it's a NSA 220.

If i understand well, having different subnets does not matter ... i will still be able to ping, right ?

Cheers
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37822826
The Sonicwall will take care of the routing between the subnets, so once you've added the rules you should be able to ping hosts successfully regardless of which subnet you're on.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 16

Expert Comment

by:Syed_M_Usman
ID: 37822958
Dear,

please make sure you have enabled interface trust,,,,,
0
 

Author Comment

by:CliffordNg
ID: 37823942
hello syed, hmm, what is the interface trust ? Cannot find it on the Sonicwall mgmt
0
 

Author Comment

by:CliffordNg
ID: 37826503
@Perarduaadastra, good morning, I've set up as follows and I still cannot connect from WLAN to LAN, although I can connect to the internet via WAN.

Is there something I am missing ?

      LAN      >      WLAN      1      Any      Any      Any      Allow      All                           
      WLAN      >      LAN      1      Any      Any      Any      Allow      All                           

Please help - Clifford
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37826598
I'm struggling a bit here, as my Sonicwall is an elderly TZ170, and yours is rather newer!

I have discovered, though that the interface trust referred to by Syed_M_Usman is only available in the SonicOS Enhanced version, which I suspect you don't have...

The closest I can find on SonicWall's support pages is KBID 3558; if you substitute WLAN for OPT, the principle of allowing traffic between zones still holds.

Sorry I can't be more help.
0
 

Author Comment

by:CliffordNg
ID: 37826643
thanks Peraduaadastra.

I've seen and enabled the Interface Trust for WLAN, it is found in Zone. the interface trust for LAN was default activated. I've activated for WLAN, but in vain.

I'm pretty sure Syed knows about it more. Thanks for helping, Clifford
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37828330
Perhaps you have to reboot the appliance after making this change? It seems unlikely, but doesn't cost anything to try...
0
 

Author Comment

by:CliffordNg
ID: 37831310
rebooting did not help :(

Please see my config screenshot below.

sonicwall management screenshot
0
 

Accepted Solution

by:
CliffordNg earned 0 total points
ID: 37842937
problem sorted. all pcs on the lan should have gateway pointed to the sonic wall.
0
 

Author Closing Comment

by:CliffordNg
ID: 37859691
found answer
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question