Solved

WAN Interface/IP Assignment on SonicWALL

Posted on 2013-12-12
14
629 Views
Last Modified: 2013-12-13
How should the IP Assignment be configured for a WAN Interface? Basically, all I'm going to do is plug a wireless router into that interface. I just need the interface to serve up internet only. Options:

Static
DHCP
PPPoE
PPTP
L2TP

Not sure if I should do DHCP, because the SonicWALL is not our DHCP server, but I don't want the WAN to have anything to do with any DHCP servers on our intranet. What DHCP server would it be looking at? Maybe I should select Static? Not sure exactly.
0
Comment
Question by:new_to_networks
  • 6
  • 5
14 Comments
 
LVL 24

Expert Comment

by:diverseit
Comment Utility
Hi new_to_networks,

Not sure why you are looking to do this kind of configuration...it is outside of the design of security units? You can do an L2 bridge from WAN to X Zone (DMZ, LAN, etc) but if all you want to do is have the SonicWALL as your main firewall and provide Wireless to your users you just simply plug the wireless access point into one of the other unassigned ports like X2-X5.

DHCP should be turned off if on the SonicWALL if you are running it from your Windows Server.

Make sense?
0
 

Author Comment

by:new_to_networks
Comment Utility
When I plug into X5, an unconfigured port, there is no internet. I was under the impression that the port had to be configured to provide internet. All I need is one of the other interfaces, X2-X5 to provide internet but has no connection our intranet here. Just separating out the wireless from the office network. That's all I need.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
I'm a little unclear on how the SonicWall fits into your network.
Is it a Gateway, or basically being used as a managed switch (ie: how does it get it's IP if the Wan port is open, etc)?


Basically you would need to set the wireless router to Static, assign it an IP address outside of the DHCP range, and give it the Gateway and DNS addys.
And usually this would come out of the SW LAN port into the wireless routers WAN.
If you plug the wireless into the SW WAN, the SW is going think the wireless is a "server".

(I think that's correct. My coffee level is low...)    : /
0
 

Author Comment

by:new_to_networks
Comment Utility
So I need to set the interface on the Sonicwall as another LAN, or do I set it as a WAN interface?
0
 
LVL 32

Accepted Solution

by:
_ earned 500 total points
Comment Utility
Without knowing how the SW fits into the network, I'm going with:
SonicWall as LAN.

Plug from the LAN port to the wireless WAN port.

Set the wireless WAN to STATIC, and give it an IP that is outside the DHCP range (if that's possible). Point it to the Gateway and DNS servers.

You can set the wireless LAN as Dynamic or Static. Just make sure it uses a different network address than you intranet.
ex: intranet uses 192.168.0.x   So the wireless needs to be something like 192.168.1.x

Depending on your specific Intranet configuration, you might need to tell whichever router that is dealing with the Internet (or you are passing through to get to that one), about this "special" secondary LAN.
0
 

Author Comment

by:new_to_networks
Comment Utility
The SonicWall is the main firewall/router for the office. It is what our primary LAN comes from. So you are telling me to create a secondary LAN interface to plug the wireless router into? I don't want it to even see the DHCP server on our intranet, so I'm taking it that the secondary LAN will be completely static. Will this secondary LAN interface share the same external outward facing IP as the primary LAN?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:new_to_networks
Comment Utility
Also, I have another problem. The Sonicwall itself is using an internal server for DNS.  I do not want this secondary LAN interface to use that DNS. That DNS is involved with a VPN tunnel to our datacenter. Can I have this secondary LAN interface use different DNS? It literally can have nothing to do with our intranet, it should be completely separate and see only the internet connection.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
>> ...create a secondary LAN interface to plug the wireless router into?

Correct. As long as the SW has that ability.
So your Intranet would look something like z.y.0.x, and the wireless router would look something like z.y.1.x to the SonicWall.

Usually what you want to do is a pretty straight forward hookup. But it sounds like you have some kind of "custom" setup, and not wanting to go near the DHCP, makes it a bit trickier.

>> ...share the same external outward facing IP as the primary LAN?

It should.

>> Can I have this secondary LAN interface use different DNS

Something public, like Googles DNS (8.8.8.8) should work.
https://developers.google.com/speed/public-dns/docs/using

There are a couple of others around, but that's the one I have a number for.

I know I'm butchering this explanation, but maybe after I eat and get my caffeine/nicotine levels back up, I can make better sense.   ; )
0
 

Author Comment

by:new_to_networks
Comment Utility
Got it working.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
>> ...set a static IP on the wireless router and it would provide DHCP to wireless users- but it isn't.

That's odd.

>> Is there some way to have the SonicWall provide DHCP to just this interface, but NOT to the primary LAN interface?

Not that I know of.  I don't get many SonicWalls to play with, but I don't remember seeing that ability on any router.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
Glad to hear it.     : )

Thank you much.
0
 
LVL 32

Expert Comment

by:_
Comment Utility
Thank you. An unexpected surprise.

I love Friday the 13th's.   ; )
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now