?
Solved

Sonicwall best practice ...

Posted on 2012-04-09
12
Medium Priority
?
1,230 Views
Last Modified: 2012-04-18
Hello, I've just installed a Sonicwall security device for our small business.

I am unable to connect to the LAN X0, if I am connecting over wifi (from the W0 (wlan) interface). I cannot ping computers on the X0.

X0 is on 192.168.0.xx and W0 is on 172.16.31.xx

May I know how to do it and what is the best practice ?

thanks. Clifford
0
Comment
Question by:CliffordNg
  • 7
  • 4
12 Comments
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37822671
It seems that these Sonicwall units block traffic from WLAN to LAN by default.

You need to go into the management interface and add LAN-WLAN and WLAN-LAN firewall rules that will allow traffic to flow between them.

You don't say which unit you have, but Sonicwall provide instructions here under KBID 5351, though the last update to the article was two years ago...
0
 

Author Comment

by:CliffordNg
ID: 37822676
thanks. it's a NSA 220.

If i understand well, having different subnets does not matter ... i will still be able to ping, right ?

Cheers
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37822826
The Sonicwall will take care of the routing between the subnets, so once you've added the rules you should be able to ping hosts successfully regardless of which subnet you're on.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 16

Expert Comment

by:Syed_M_Usman
ID: 37822958
Dear,

please make sure you have enabled interface trust,,,,,
0
 

Author Comment

by:CliffordNg
ID: 37823942
hello syed, hmm, what is the interface trust ? Cannot find it on the Sonicwall mgmt
0
 

Author Comment

by:CliffordNg
ID: 37826503
@Perarduaadastra, good morning, I've set up as follows and I still cannot connect from WLAN to LAN, although I can connect to the internet via WAN.

Is there something I am missing ?

      LAN      >      WLAN      1      Any      Any      Any      Allow      All                           
      WLAN      >      LAN      1      Any      Any      Any      Allow      All                           

Please help - Clifford
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37826598
I'm struggling a bit here, as my Sonicwall is an elderly TZ170, and yours is rather newer!

I have discovered, though that the interface trust referred to by Syed_M_Usman is only available in the SonicOS Enhanced version, which I suspect you don't have...

The closest I can find on SonicWall's support pages is KBID 3558; if you substitute WLAN for OPT, the principle of allowing traffic between zones still holds.

Sorry I can't be more help.
0
 

Author Comment

by:CliffordNg
ID: 37826643
thanks Peraduaadastra.

I've seen and enabled the Interface Trust for WLAN, it is found in Zone. the interface trust for LAN was default activated. I've activated for WLAN, but in vain.

I'm pretty sure Syed knows about it more. Thanks for helping, Clifford
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 37828330
Perhaps you have to reboot the appliance after making this change? It seems unlikely, but doesn't cost anything to try...
0
 

Author Comment

by:CliffordNg
ID: 37831310
rebooting did not help :(

Please see my config screenshot below.

sonicwall management screenshot
0
 

Accepted Solution

by:
CliffordNg earned 0 total points
ID: 37842937
problem sorted. all pcs on the lan should have gateway pointed to the sonic wall.
0
 

Author Closing Comment

by:CliffordNg
ID: 37859691
found answer
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month15 days, 20 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question