Solved

Sonicwall TZ215 - Route traffic to specific interfaces

Posted on 2013-06-27
7
1,847 Views
Last Modified: 2013-07-02
Hello experts,

I have a client that is looking to change their existing Internet connection and I'm trying to design something that will work for them.  Currently they have two bonded T1s that provide connectivity for both voice and data.  Their phone system uses VoIP.  We're looking to change the configuration and drop one of the T1s and bring in a Comcast business connection.

My thought is to use a Sonicwall TZ215 to provide failover capabilities in the event the cable connection goes down.  However, I need to be able to route the voice traffic over the T1 and keep the data connection on Comcast except in the case of an outage.

Can the Sonicwall do this?  If so, what does the configuration look like?  Do I have to route based on a block of IP addresses?  Should I set static IPs on the phones and create a rule so that block uses the T1?  

Any insight would be appreciated.

Thanks!
0
Comment
Question by:xlingshot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 17

Assisted Solution

by:TimotiSt
TimotiSt earned 100 total points
ID: 39283813
Yes, Sonicwalls can do Policy based routing. Search the admin guide for that or "PBR", it has a pretty good chapter on it.

Tamas
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39284657
As long as you can define "voice traffic" as from a subnet or ip range or certain ports etc... You can easily route it any way you want.
0
 

Author Comment

by:xlingshot
ID: 39285423
Thank you both for the information.  It does help, however I still have questions.

My thought is to set all the VoIP phones to static IP addresses and create a group within the Sonicwall for the phones.  I would configure my DHCP server to exclude that range of static IP addresses.  

I would configure WAN 1 as my VoIP connection and WAN 2 as my Data connection.  I would then create a route that defines the VoIP group to use WAN 1 and all other traffic to use WAN 2.  That seems pretty straight forward unless I'm missing something.

Would I still configure the failover with a Primary/Secondary configuration?  Would I set WAN 2 as the Primary for Data and the Group will still route out WAN 1?  If WAN 2 fails, will they automatically failover to WAN 1?  Is there a different type of failover configuration that I should be using?

Thanks again!
0
Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 400 total points
ID: 39285471
I'd leave wan1 as the default for everything, then you just have to make a single rule to push voip out wan2.

yes it will failover easily, just add a higher metric rule
http://help.mysonicwall.com/sw/eng/705/ui2/23100/Network/Add_Route_Policy.htm
0
 

Author Comment

by:xlingshot
ID: 39285574
Ok, I'll switch the Comcast connection to WAN1 and Cbeyond to WAN2.

Question, if WAN2 does fail, will the system try and route the VoIP traffic to WAN1 or will the route we configured only allow that traffic out WAN2?
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39285779
you have to add another rule sending that traffic out wan1 with a higher metric. like in the link i posted above
0
 

Author Closing Comment

by:xlingshot
ID: 39294535
Hey guys,

Thanks for the info.  I think this answered by question.  I appreciate the help!
0

Featured Post

Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Edge Routers for BGP 6 116
Dlink-DIR 816 router 4 63
can't ssh to external IP 9 89
how to know if a router is connected to a certain port 9 49
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question