Avatar of PRNComputers
PRNComputersFlag for United States of America

asked on 

SonicWALL with 2 WANs

We have a hotel client that has a TZ-100 configured to use their existing internet connection to support their internal business network (one subnet, SBS 2011) as well as their Reservations Webserver (different subnet, Windows 7). The internet connection has a static IP address which is being utilized by the Reservations Webserver for HTTP and HTTPS access. There are also firewall rules in place with allow traffic to flow between the two subnets over specific ports so the Reservations Webserver can communicate with their Property Management Software running on the SBS 2011 server.

They have now added another internet connection which they want to use for their business network and SBS 2011 Server as well as allow for OWA and Smartphone access to Exchange. The new connection also has its own static IP.

Is there a way to configure 2 WAN connections on the SonicWALL, each with their own static IP? We like to keep the internet traffic separated between the two subnets but keep the local traffic between the two subnets open over the currently specified ports. Also, we need to keep in mind that ports like 80 and 443 are utilized by both the Webserver and OWA (Exchange), so traffic coming in from the original internet line (Static IP 1) over port 80 needs to go to the Webserver (Subnet 1), while traffic coming in from the new internet line (Static IP 2) over port 80 needs to go to the SBS/Exchange server (Subnet 2).

Does this question make sense, and if so, is it possible? If so to both, how I do this? Thanks so much in advance.
Microsoft Server OSHardware FirewallsSBS

Avatar of undefined
Last Comment
Blue Street Tech
Avatar of ZabagaR
Flag of United States of America image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Blue Street Tech
Hi PRNComputers,

When you say different subnets are you talking about different Zones or just different subnets?

You can accomplish this through PortShield Groups and Zone Assignments.

Here is how to create a Secondary WAN connection:

Here is how to route only SMTP traffic through your Secondary WAN interface: https://www.fuzeqna.com/sonicwallkb/ext/kbdetail.aspx?kbid=5733

The Zone Assignment, PortShileding, & custom NAT policies will isolated the traffic so that ISP2 traffic coming in on port 80 will be going into SBS's zone respectively and the same with ISP1/Webserver.

You may want to create a DMZ for the web server and put the SBS box in the LAN the To lock down the communication between the Zones you simply create a Deny Firewall Rule on each Zone e.g. (DMZ>LAN, & LAN>DMZ) and then create additional rules to allow specific services, sources & destinations to secure communication between both Zones.

This can all be done without the additional WAN as well if you have more than 1 Static IP address provided from your ISP. Typically they give you 5 but in some cases they only provide one and in that case you can easily purchase another for around $25/mo. It's way cheaper than an additional WAN connection but if the client will pay...it's better overall bandwidth obviously.

Let me know how it goes.
Avatar of PRNComputers
Flag of United States of America image


So sorry for the delay. Had a bad family emergency (still going on) that's kept me away from things.

I went with the first option and I am able to get to the firewall via both WAN ports. That's exciting. However, I'm not currently able to get to OWA from outside. I guess I'll have to figure out how to redirect ports 80 and 443 for each WAN port separately. Since I left this hanging for so long, I'm going to give the points now and try to do the port thing myself. Thanks.
Avatar of ZabagaR
Flag of United States of America image

Since port 80 and 443 are by default management ports on the sonicwall, you'd either change the management ports to something else or uncheck the management box for one of those 2 ports altogether.
Setup a new question and I'll explain it there since this is a different question altogether!

P.S. So sorry to hear about your family emergency. I hope all is well soon!
Avatar of PRNComputers
Flag of United States of America image


Hi, Diverseit,

Thanks for the help and good wishes, it is all greatly appreciated.

I've opened a new question titled "Redirecting Ports on SonicWALL with 2 WANs". Any help would also be greatly appreciated.
You're welcome. Going over there now!

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo