Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 479
  • Last Modified:

Sonicwall Interface Routing

Should be easy - trying to setup two internal networks to use two different WAN links.  I am using a SonicWall NSA 4500, utilizing 4 of the interfaces as follows:

X0 - Primary LAN - 192.168.10.1 /25
X1 - Primary WAB - b.b.b.b. Gateway: b.b.b.a
X2 - Secondary WAN - c.c.c.c gateway c.c.c.b
X3 - Secondary LAN - 10.10.254.1/24

So, I have it setup that the b.b.b.a is my default gateway.   I have a laptop with a static IP 10.10.254.10/24 plugged into X3.  I can ping this from any device on the X0 subnet or anywhere else.

So I have created a rule where:
Source: X4 Subnet
Destination: Any
Service: Any
Gateway: c.c.c.b

Pings timeout.  If I remove the rule, I get out just fine, but am using the wrong outbound interface.

Suggestions?
0
JamesonJendreas
Asked:
JamesonJendreas
  • 3
  • 2
1 Solution
 
smckeown777Commented:
2 things I can see possibly...

1) Gateway - should be the WAN ip - c.c.c.c, not c.c.c.b
2) I don't see your INTERFACE setting - normally you have an Interface section where you specify WAN1 or WAN2 - is there not an option to select that?
0
 
JamesonJendreasAuthor Commented:
So #1 - That makes some, sense but alas did not resolve the issue. I kind of need to think about that though - since this is a single L3 device, I'm still thinking we'd set the far end of the gateway, as the sonicwall has an interface that is on the same subnet as the c.c.c.b (otherwise, I'm routing to it's own interface)

2) No interface setting for what WAN link to take.  I'm thinking this might be because I have both links setup in the same Zone (WAN), and within an Load Balance group.
0
 
smckeown777Commented:
Ok, your #1 point is correct...I think, but I think the issue is related to #2 where you are Load balancing...

On our Sonicwall we have a WAN interface and an OPT interface - when I setup a route rule I get chance to say what interface to send the traffic out of...can you post screenshot of the main rule setup page so I can compare? See mine for my example...
RoutePolicy.jpg
0
 
JamesonJendreasAuthor Commented:
Alright, that was it.  I for some reason didn't understand what you meant by interface settings, I was thinking the actual physical interface settings (for x3), not the interface settings on the route statement.  

Changing the route to the proper interface resolved the issue. \

Cheers!
0
 
smckeown777Commented:
Great...glad it worked...
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now