Solved

Opening up a second interface on Sonicwall.

Posted on 2013-12-11
18
400 Views
Last Modified: 2013-12-13
We've had a standard setup on our Sonicwall of X0 interface internal subnet and X1 interface outward facing to the internet. I would like to open up another outward interface, let's say X2, to pipe in wireless internet with a wireless router. So my question is, do I use the same outward facing IP address as X1? Or will that mess things up for our internal network? Do I need a different outward facing IP address for this?
0
Comment
Question by:new_to_networks
  • 8
  • 5
  • 3
18 Comments
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39712262
Hi new_to_networks,

I'm not sure what you are asking for here. If you just want to setup a Wireless Access Point so that you can provide wireless access to your users then you'd just configure a port like X2 and configure it for wireless access (Port Shielding, Interface, Zone, Access Rules)

No you don't need an additional Public IP address for this and no it will not mess up anything.

Let me know if you have any other questions!
0
 

Author Comment

by:new_to_networks
ID: 39712300
Oh, I didn't know you could do that. Do you have a recommended setup guide or anything that exclusively deals with configuring the interface to just do wireless ( I realize I can just go to the manual, just wondering you have any other suggestions. I'm very green in my SonicWall understanding.)
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39712304
Sure no problem! What is your model, TZ 105, TZ 215, NSA 220, etc.)?
0
 

Author Comment

by:new_to_networks
ID: 39712507
NSA 2400
0
 
LVL 23

Expert Comment

by:masnrock
ID: 39713239
What type of environment is this? The best recommendation really depends on your exact goal... assuming this is a business environment, is the wireless network for guests or for employees? (The value of having a separate IP for that is debatable at best)

Now if this is something like a hotel environment, then I would have the corporate and guest networks use separate public IP addresses.
0
 

Author Comment

by:new_to_networks
ID: 39714216
This is for guests in an office environment. I'm going to plug in a wireless router into that interface. I want it to only be connected to the internet and not the intranet.
0
 

Author Comment

by:new_to_networks
ID: 39717155
I've requested that this question be deleted for the following reason:

No one is answering me.
0
 
LVL 25

Expert Comment

by:Diverse IT
ID: 39715272
You have to be patient...we all have demanding jobs too. If you change your mind...just re-post. Best of luck!
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 
LVL 23

Expert Comment

by:masnrock
ID: 39715417
You can define a new subnet on a different interface, then within the firewall rules, prevent that new subnet from communicating with the subnet already in place.
0
 

Author Comment

by:new_to_networks
ID: 39715423
Wouldn't I just configure it as a WAN interface?
0
 
LVL 23

Accepted Solution

by:
masnrock earned 500 total points
ID: 39715615
You do not need another WAN interface unless you are hooking up a second internet connection. You just need a second LAN defined .
0
 

Author Comment

by:new_to_networks
ID: 39715654
So this secondary LAN interface would share the same external outward facing IP as our primary LAN?
0
 
LVL 23

Assisted Solution

by:masnrock
masnrock earned 500 total points
ID: 39715691
Yes. If you want to have a different externally facing ip, just order an additional one. If the subnet mask is the same, then you can just use NAT rules.
0
 

Author Comment

by:new_to_networks
ID: 39715705
Ok, I have another problem. The Sonicwall itself is using an internal server for DNS.  I do not want this secondary LAN interface to use that DNS. That DNS is involved with a VPN tunnel to our datacenter. Can I have this secondary LAN interface use different DNS? It literally can have nothing to do with our intranet, it should be completely separate and see only the internet connection.
0
 
LVL 23

Expert Comment

by:masnrock
ID: 39715728
You can have the DHCP server for the second LAN use other DNS servers. Just make sure to specify within that DHCP server..
0
 

Author Comment

by:new_to_networks
ID: 39716857
Got it working.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now