Solved

Opening up a second interface on Sonicwall.

Posted on 2013-12-11
18
399 Views
Last Modified: 2013-12-13
We've had a standard setup on our Sonicwall of X0 interface internal subnet and X1 interface outward facing to the internet. I would like to open up another outward interface, let's say X2, to pipe in wireless internet with a wireless router. So my question is, do I use the same outward facing IP address as X1? Or will that mess things up for our internal network? Do I need a different outward facing IP address for this?
0
Comment
Question by:new_to_networks
  • 8
  • 5
  • 3
18 Comments
 
LVL 24

Expert Comment

by:diverseit
ID: 39712262
Hi new_to_networks,

I'm not sure what you are asking for here. If you just want to setup a Wireless Access Point so that you can provide wireless access to your users then you'd just configure a port like X2 and configure it for wireless access (Port Shielding, Interface, Zone, Access Rules)

No you don't need an additional Public IP address for this and no it will not mess up anything.

Let me know if you have any other questions!
0
 

Author Comment

by:new_to_networks
ID: 39712300
Oh, I didn't know you could do that. Do you have a recommended setup guide or anything that exclusively deals with configuring the interface to just do wireless ( I realize I can just go to the manual, just wondering you have any other suggestions. I'm very green in my SonicWall understanding.)
0
 
LVL 24

Expert Comment

by:diverseit
ID: 39712304
Sure no problem! What is your model, TZ 105, TZ 215, NSA 220, etc.)?
0
 

Author Comment

by:new_to_networks
ID: 39712507
NSA 2400
0
 
LVL 20

Expert Comment

by:masnrock
ID: 39713239
What type of environment is this? The best recommendation really depends on your exact goal... assuming this is a business environment, is the wireless network for guests or for employees? (The value of having a separate IP for that is debatable at best)

Now if this is something like a hotel environment, then I would have the corporate and guest networks use separate public IP addresses.
0
 

Author Comment

by:new_to_networks
ID: 39714216
This is for guests in an office environment. I'm going to plug in a wireless router into that interface. I want it to only be connected to the internet and not the intranet.
0
 

Author Comment

by:new_to_networks
ID: 39717155
I've requested that this question be deleted for the following reason:

No one is answering me.
0
 
LVL 24

Expert Comment

by:diverseit
ID: 39715272
You have to be patient...we all have demanding jobs too. If you change your mind...just re-post. Best of luck!
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 20

Expert Comment

by:masnrock
ID: 39715417
You can define a new subnet on a different interface, then within the firewall rules, prevent that new subnet from communicating with the subnet already in place.
0
 

Author Comment

by:new_to_networks
ID: 39715423
Wouldn't I just configure it as a WAN interface?
0
 
LVL 20

Accepted Solution

by:
masnrock earned 500 total points
ID: 39715615
You do not need another WAN interface unless you are hooking up a second internet connection. You just need a second LAN defined .
0
 

Author Comment

by:new_to_networks
ID: 39715654
So this secondary LAN interface would share the same external outward facing IP as our primary LAN?
0
 
LVL 20

Assisted Solution

by:masnrock
masnrock earned 500 total points
ID: 39715691
Yes. If you want to have a different externally facing ip, just order an additional one. If the subnet mask is the same, then you can just use NAT rules.
0
 

Author Comment

by:new_to_networks
ID: 39715705
Ok, I have another problem. The Sonicwall itself is using an internal server for DNS.  I do not want this secondary LAN interface to use that DNS. That DNS is involved with a VPN tunnel to our datacenter. Can I have this secondary LAN interface use different DNS? It literally can have nothing to do with our intranet, it should be completely separate and see only the internet connection.
0
 
LVL 20

Expert Comment

by:masnrock
ID: 39715728
You can have the DHCP server for the second LAN use other DNS servers. Just make sure to specify within that DHCP server..
0
 

Author Comment

by:new_to_networks
ID: 39716857
Got it working.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now