Solved

Sonicwall TZ100, AT&T Static IP PROBLEMS

Posted on 2012-04-13
18
615 Views
Last Modified: 2012-07-09
I have a site to site VPN and need static IP's on both DSL connections from AT&T.  I can use dynamic DNS with the VPN so I know I can get the VPN connected but it is with dynamic IP's.  

I have the DSL modem in bridge mode and both sonicwall TZ100's receving dynamic and it works for a while.  I received a block of five IP's for both sites even though I only needed  one.  So I go into the WAN portion of the sonicwall and it will let me assign a static IP but I can't setup the subnet, gateway or anything.  Once I do this I hit apply and go back to www.ipchicken.com and the IP is different.  

Am I missing something?
0
Comment
Question by:bhgewilson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
  • 4
18 Comments
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842615
So what IP are you getting from IPChicken.com? Do you recognize it? Is is another one in the block of 5? Is it still one of the dynamic ones from before?
0
 

Author Comment

by:bhgewilson
ID: 37842638
It is completely random.  It does not relate to the block of 5 at all.
0
 
LVL 4

Accepted Solution

by:
schmitty007 earned 500 total points
ID: 37842643
You may want to download the latest firmware and boot to it after you backup your config. Which can be done under System -> Settings
Then under Network go to interfaces
you should see your WAN interface (which in default should be the X1 interface) if it is set to Static it will look like the attachedWAN config screen
Which gives you all the fields you need. If these fields are not displaying then you may have a problem with
the software on your UTM which is why my first suggestion is load new firmware.
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:bhgewilson
ID: 37842655
The problem is where do I put in the info for PPOE.  I still need to authenticate correct?
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842674
Or if the router looks likes it is properly configured, then maybe the modem isn't really behaving as a bridge. the problem could be there too.
0
 
LVL 4

Expert Comment

by:schmitty007
ID: 37842681
If your Sonicwall is Authenticating AFTER YOU SELECT PPPoE you will get a third tab added to the pop-up for Protocol
it is under that tab you will put in specific IP information.
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842686
Why not use the modem to authenticate and take it out of bridge mode? That should make the IP address problem go away for sure, by setting it on the modem.
0
 

Author Comment

by:bhgewilson
ID: 37842731
I do think that the modem is acting as a bridge because the VPN will work but just not stay connected and I come to find out that the external IP's are changing.

I know it will not work if I setup the modem as a bridge because the site to site VPN needs to be directly on the internet.  

I am not sure if I am answering the question correct but I am unsure what "after you select" is, on the sonicwall.
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842781
Yeah, so why not set the modem as a "modem" and configure "it" with the external IP settings including the static IP that you want and the PPPoE authentication settings and a LAN side IP on a subnet that is only for the "inside" (ethernet side) of the modem and the "outside" (WAN side) of the router. Then give the router a WAN IP in that subnet and keep its LAN IP in the subnet of your Local Network (as it already is).
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842818
Here goes again. I'm gong to assume your LANs have 192.168.1.x IPs with subnet masks of 255.255.255.0

In that scenario, you would do the following:

Take modem out of bridge mode and set it as follows

MODEM WAN: desired public IP with ISP's subnet mask, dg, and PPPoE settings
MODEM LAN: 10.0.0.10 with subnet mask 255.0.0.0

Then the router:

ROUTER WAN: 10.0.0.20 with subnet mask 255.0.0.0
ROUTER LAN: 192.168.1.1 with subnet mask 192.168.1.1
0
 
LVL 4

Expert Comment

by:schmitty007
ID: 37842842
You are over complicating this scenario Sonicwall would not be in business if the didn't give their product the ability to configure it in the manor in which it is to be used.
Select PPPoE fill out that information and then select teh Protocol tab on the top of that pop-up screen you will see this
PPPoe IP info screenProbelm solved.
0
 

Author Comment

by:bhgewilson
ID: 37842859
kinecsys,  This will not allow the site to site vpn to connect if we run the modem in Nat Mode.  If I am wrong please let me know.
0
 

Author Comment

by:bhgewilson
ID: 37842876
Schmitty, these are settings brought in by PPOE.  I can't change these in my setup for some reason.
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842890
Sure that's the right way. Full credit to you. Sometimes I've had to work around it if PPPoE doesn't "wan't" to work on the router or if the modem doesn't "want" to properly behave as a bridge. But definitely go with your answer if things behave. Just throwing out an alternative that may seem more complex but has actually saved me time in the past by doing it instead of figuring out whose fault it is: the modem not bridging? or the router not PPPoE'ing correctly?
0
 

Author Comment

by:bhgewilson
ID: 37842901
Kinecsys,  Anytime you deal with AT&T it is a crapshoot and I appreciate the advice.  I would do that if the VPN was not involved.  Thanks for the advice.  I am still a little stuck but will continue to plug through this.
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842908
There's a lot of NAT going on between the two modems already, possibly traveling through a few ISP's and such. NAT can limit or allow communications in any way you configure it to do. The basic setup I am proposing does not imply any restrictions. If you manage to get internet, and the VPN ports are open (as we know they already are) the VPS should work without a problem.
0
 
LVL 4

Expert Comment

by:schmitty007
ID: 37842910
If that information is prepopulating and its not populating your correct public IP information it is time to get AT&T on the phone to verify they actually assigned your modem those public IPs I had to argue once with an AT&T rep for almost an hour to get a situation like this fixed.
0
 
LVL 7

Expert Comment

by:kinecsys
ID: 37842917
Good luck, man, let me know if you have any other questions on my humble idea.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Node.js 11 80
VOIP gateways - feedback 23 120
CCNP Exam question 6 37
Printer Access denied on reboot 5 89
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question