?
Solved

Sonicwall TZ215 - Route traffic to specific interfaces

Posted on 2013-06-27
7
Medium Priority
?
1,928 Views
Last Modified: 2013-07-02
Hello experts,

I have a client that is looking to change their existing Internet connection and I'm trying to design something that will work for them.  Currently they have two bonded T1s that provide connectivity for both voice and data.  Their phone system uses VoIP.  We're looking to change the configuration and drop one of the T1s and bring in a Comcast business connection.

My thought is to use a Sonicwall TZ215 to provide failover capabilities in the event the cable connection goes down.  However, I need to be able to route the voice traffic over the T1 and keep the data connection on Comcast except in the case of an outage.

Can the Sonicwall do this?  If so, what does the configuration look like?  Do I have to route based on a block of IP addresses?  Should I set static IPs on the phones and create a rule so that block uses the T1?  

Any insight would be appreciated.

Thanks!
0
Comment
Question by:xlingshot
  • 3
  • 3
7 Comments
 
LVL 17

Assisted Solution

by:TimotiSt
TimotiSt earned 300 total points
ID: 39283813
Yes, Sonicwalls can do Policy based routing. Search the admin guide for that or "PBR", it has a pretty good chapter on it.

Tamas
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39284657
As long as you can define "voice traffic" as from a subnet or ip range or certain ports etc... You can easily route it any way you want.
0
 

Author Comment

by:xlingshot
ID: 39285423
Thank you both for the information.  It does help, however I still have questions.

My thought is to set all the VoIP phones to static IP addresses and create a group within the Sonicwall for the phones.  I would configure my DHCP server to exclude that range of static IP addresses.  

I would configure WAN 1 as my VoIP connection and WAN 2 as my Data connection.  I would then create a route that defines the VoIP group to use WAN 1 and all other traffic to use WAN 2.  That seems pretty straight forward unless I'm missing something.

Would I still configure the failover with a Primary/Secondary configuration?  Would I set WAN 2 as the Primary for Data and the Group will still route out WAN 1?  If WAN 2 fails, will they automatically failover to WAN 1?  Is there a different type of failover configuration that I should be using?

Thanks again!
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 1200 total points
ID: 39285471
I'd leave wan1 as the default for everything, then you just have to make a single rule to push voip out wan2.

yes it will failover easily, just add a higher metric rule
http://help.mysonicwall.com/sw/eng/705/ui2/23100/Network/Add_Route_Policy.htm
0
 

Author Comment

by:xlingshot
ID: 39285574
Ok, I'll switch the Comcast connection to WAN1 and Cbeyond to WAN2.

Question, if WAN2 does fail, will the system try and route the VoIP traffic to WAN1 or will the route we configured only allow that traffic out WAN2?
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39285779
you have to add another rule sending that traffic out wan1 with a higher metric. like in the link i posted above
0
 

Author Closing Comment

by:xlingshot
ID: 39294535
Hey guys,

Thanks for the info.  I think this answered by question.  I appreciate the help!
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question