VN-PC view
asked on
Interface issues
any helps shred some light every appreciates
needsaccess from X2 to our X0 port and vice versa.
SW HP--sonicwal---Internet
Sw = L3 /(2)vlans
sonicwall X1 = ip 192.168.101.254 connecting to SW port 1(vlan 100)
Zone = X2 = ip 192.168.102.254 connecting to SW port 17 ( vlan 200)
SW-HP
Vlan 100 = 192.168.101.150
Vlan 200 = 192.168.102.150
Sonicwal route policy
Any X2 Subnet Any 0.0.0.0 X2 20 5
from X0 network I can accessing to X2 network = yes
from X2 network I could n't to X0 network = not able
HP2650# conf
HP2650(config)# sh run
Running configuration:
; J4899A Configuration Editor; Created on release #H.10.83
hostname "HP2650"
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 49
no lacp
exit
interface 50
no lacp
exit
trunk 49-50 Trk1 LACP
sntp server 207.200.81.113
ip routing
ip timep dhcp
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
no ip address
no untagged 1-48,Trk1
exit
vlan 100
name "manage-vlan"
untagged 1-16
ip address 192.168.101.150 255.255.255.0
tagged Trk1
exit
vlan 200
name "VLAN200"
untagged 17-32
ip address 192.168.102.150 255.255.255.0
ip helper-address 192.168.101.254
tagged Trk1
exit
vlan 300
name "VLAN300"
untagged 33-48
ip address 192.168.103.151 255.255.255.0
ip helper-address 192.168.101.254
tagged Trk1
exit
ip route 0.0.0.0 0.0.0.0 192.168.101.254
no stack
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree priority 0
1
needsaccess from X2 to our X0 port and vice versa.
SW HP--sonicwal---Internet
Sw = L3 /(2)vlans
sonicwall X1 = ip 192.168.101.254 connecting to SW port 1(vlan 100)
Zone = X2 = ip 192.168.102.254 connecting to SW port 17 ( vlan 200)
SW-HP
Vlan 100 = 192.168.101.150
Vlan 200 = 192.168.102.150
Sonicwal route policy
Any X2 Subnet Any 0.0.0.0 X2 20 5
from X0 network I can accessing to X2 network = yes
from X2 network I could n't to X0 network = not able
HP2650# conf
HP2650(config)# sh run
Running configuration:
; J4899A Configuration Editor; Created on release #H.10.83
hostname "HP2650"
interface 1
no lacp
exit
interface 2
no lacp
exit
interface 49
no lacp
exit
interface 50
no lacp
exit
trunk 49-50 Trk1 LACP
sntp server 207.200.81.113
ip routing
ip timep dhcp
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
no ip address
no untagged 1-48,Trk1
exit
vlan 100
name "manage-vlan"
untagged 1-16
ip address 192.168.101.150 255.255.255.0
tagged Trk1
exit
vlan 200
name "VLAN200"
untagged 17-32
ip address 192.168.102.150 255.255.255.0
ip helper-address 192.168.101.254
tagged Trk1
exit
vlan 300
name "VLAN300"
untagged 33-48
ip address 192.168.103.151 255.255.255.0
ip helper-address 192.168.101.254
tagged Trk1
exit
ip route 0.0.0.0 0.0.0.0 192.168.101.254
no stack
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree priority 0
1
Have you added a rule to permit all traffic from X0 to X2 and vice versa?
ASKER
you meant Nat rule ? can you point me where how to .
many thanks
many thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi,
x1 LAN
x2 LAN 2 ( they both same zone of (trust), so route policy all good here and access rule ( firewall) all good > allow any both side interface, I think it is default when you set x2 s same zone as LAN , sonicwall create default trusted, but I can accessing from x0 to x2 but when x2 to x0 not able, maybe NAT issue
both x0 , x2 all able accesses to internet fine,
policy-rule.PNG
x1 LAN
x2 LAN 2 ( they both same zone of (trust), so route policy all good here and access rule ( firewall) all good > allow any both side interface, I think it is default when you set x2 s same zone as LAN , sonicwall create default trusted, but I can accessing from x0 to x2 but when x2 to x0 not able, maybe NAT issue
both x0 , x2 all able accesses to internet fine,
policy-rule.PNG
ASKER
Hi carlmd
forgot tell you model tz 150 firmware 5.8.xx
forgot tell you model tz 150 firmware 5.8.xx
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?
Does the log have any entries (blocking?) when you attempt access from X2->X0?
Does the log have any entries (blocking?) when you attempt access from X2->X0?
ASKER
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?
YES= all
Does the log have any entries (blocking?) when you attempt access from X2->X0?
YES= blocking from x2 to LAN
firewall rule doesn't have interface X2 - LAN not exist?
I suppose it must have X2 showing in firewall rule, but it is not showing that is wrong
YES= all
Does the log have any entries (blocking?) when you attempt access from X2->X0?
YES= blocking from x2 to LAN
firewall rule doesn't have interface X2 - LAN not exist?
I suppose it must have X2 showing in firewall rule, but it is not showing that is wrong
Can you post your firewall LAN to LAN rules.
ASKER
ASKER
resolved ( wrong configured on windows side not on sonic wall)
Carlmd , you were gave me right direction
Carlmd , you were gave me right direction
ASKER
good job