Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

networking issue between sonicwall TZ100 and ASA5505

Posted on 2013-06-25
6
292 Views
Last Modified: 2013-11-12
Sonicwall handles data network 10.0.0.0/24
ASA5505 handle voice network 10.0.1.0/24
ASA5505 IP 10.0.1.1/24  (inside)
I have configured the sonicwall x2 interface to have the IP of 10.0.1.253/24, and connected a cat5 to one of  the ports on the ASA5505 that's part of vlan1 (inside).
no special routes or acls have been done yet.
The Sonicwall  can ping all my 10.0.1.x IP's (10.0.1.253 (x2 on the sonicwall), 10.0.1.1 (asa5505), 10.0.1.107 (voip phone), etc..
But when I go to ping or browse to my phones using IE (10.0.1.107) I'm unable to ping them from the server or PC on the 10.0.0.0/24 network.
So is it a routing issue, or more of a DNS issue?
The only IP I can ping from the 10.0.0.x network is 10.0.1.253, which is the X2 interface on the sonicwall.

The goal is to be able to open IE on the server or PC that's on the 10.0.0.0/24 network, type in my voip ph IP of 10.0.1.107 and access the phones web interface.

I've also provided a simple network diagram.

thanks
Winston
network.jpg
0
Comment
Question by:spectrumIT
6 Comments
 
LVL 5

Expert Comment

by:JasonDuncanworks
ID: 39276768
If you cannot ping by IP then its not a DNS issue, with SonicWALLS you have to rules to allow the traffic to go to the other subnets.

Check this see if it matches.

http://serverfault.com/questions/86325/sonicwall-route-traffic-through-specific-interface-based-on-destination
0
 
LVL 17

Expert Comment

by:lruiz52
ID: 39276981
If you are not using a routing protocol, you will need to add a static route on the asa to the 10.0.0.0/24 network, you will also need some acl's
0
 
LVL 4

Expert Comment

by:iconnectu
ID: 39277302
As lruiz52 write, you have to create a static roule on the ASA for the 10.0.0.0/24 Network. Otherwise the ASA will send all the traffic to the default Gateway (WAN).

If you try to ping a IP Adress, DNS is not involved. IF you try to Ping server.domain.local , you need DNS to translate den DNS name in a IP Address.

Also make sure, that the Firewall on the TZ100 is open from X2 to X0.
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:spectrumIT
ID: 39278527
ok, just need to clear up a few items..
I've put the 10.0.0.0/24 route into the ASA to the X2 (10.0.1.253), and I can ping everything on the 10.0.0.0/24 network from the ASA.

but I'm unable to ping from my PC or server on the 10.0.0.0/24 network to the phones on the 10.0.1.0/24 network.  The only thing I can ping is the x2 interface on the sonicwall which is 10.0.1.253.

The sonicwall wall itself can ping everything on the 10.0.1.0/24 network.

so I believe I need a route within the sonicwall - but when I talked with support they said no, and I've tried several different routes on the sonicwall and nothing as worked yet.
0
 

Accepted Solution

by:
spectrumIT earned 0 total points
ID: 39631439
issue was resolved by multi homing a PC.
0
 

Author Closing Comment

by:spectrumIT
ID: 39641083
n/a
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question