Solved

TopicsNetworking Hardware Firewalls ,Miscellaneous Networking ,Networking

Posted on 2014-02-17
11
330 Views
Last Modified: 2014-03-02
any helps shred some light every appreciates
needsaccess from X2 to our X0 port and vice versa.  


SW HP--sonicwal---Internet

Sw = L3 /(2)vlans

sonicwall X1 = ip 192.168.101.254 connecting to SW port 1(vlan 100)
Zone = X2 = ip 192.168.102.254  connecting to SW port 17 ( vlan 200)

SW-HP

Vlan 100 = 192.168.101.150

Vlan 200 = 192.168.102.150


Sonicwal route policy
Any      X2 Subnet      Any      0.0.0.0        X2      20      5


from X0 network I can accessing to X2 network = yes
from X2 network I could n't  to X0 network = not able


HP2650# conf
HP2650(config)# sh run

Running configuration:

; J4899A Configuration Editor; Created on release #H.10.83

hostname "HP2650"
interface 1
   no lacp
exit
interface 2
   no lacp
exit
interface 49
   no lacp
exit
interface 50
   no lacp
exit
trunk 49-50 Trk1 LACP
sntp server 207.200.81.113
ip routing
ip timep dhcp
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   no ip address
   no untagged 1-48,Trk1
   exit
vlan 100
   name "manage-vlan"
   untagged 1-16
   ip address 192.168.101.150 255.255.255.0
   tagged Trk1
   exit
vlan 200
   name "VLAN200"
   untagged 17-32
   ip address 192.168.102.150 255.255.255.0
   ip helper-address 192.168.101.254
   tagged Trk1
   exit
vlan 300
   name "VLAN300"
   untagged 33-48
   ip address 192.168.103.151 255.255.255.0
   ip helper-address 192.168.101.254
   tagged Trk1
   exit
ip route 0.0.0.0 0.0.0.0 192.168.101.254
no stack
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree priority 0

1
0
Comment
Question by:VN-PC view
  • 7
  • 4
11 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 39868530
Have you added a rule to permit all traffic from X0 to X2 and vice versa?
0
 

Author Comment

by:VN-PC view
ID: 39869210
you meant Nat rule ? can you point me where how to .

many thanks
0
 
LVL 20

Accepted Solution

by:
carlmd earned 500 total points
ID: 39869983
OK. X1 is the default WAN interface, so I assume you are using it that way. X0 is the default LAN interface. So is X2 defined as a LAN interface? Are you using any other interfaces on this Sonicwall? What model Sonicwall is this?

Given that X1 is the WAN, and X2 is a LAN interface, by default all traffic from X1 and X2 to X0 will be permitted by default. If you look (Firewall -> Access Rules) you should see an "any any" rule for for LAN -> WAN. Do you have this?

Can you post what you see from Network -> Interfaces. You can sanitize any public ip addresses.
0
 

Author Comment

by:VN-PC view
ID: 39870021
hi,

x1 LAN
x2 LAN 2 ( they both same zone of (trust), so route policy  all good here and access rule ( firewall) all good > allow any both side interface, I think it is default when you set x2 s same zone as LAN , sonicwall create default trusted, but I can accessing from x0 to x2 but when x2 to x0 not able,  maybe NAT issue

both x0 , x2 all able accesses to internet fine,
policy-rule.PNG
0
 

Author Comment

by:VN-PC view
ID: 39870078
Hi carlmd

forgot tell you model tz 150 firmware 5.8.xx
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 20

Expert Comment

by:carlmd
ID: 39876822
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?

Does the log have any entries (blocking?) when you attempt access from X2->X0?
0
 

Author Comment

by:VN-PC view
ID: 39881323
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?

YES= all

Does the log have any entries (blocking?) when you attempt access from X2->X0?

YES= blocking from x2 to LAN
firewall rule doesn't have interface X2 - LAN not exist?
I suppose it must have X2 showing in firewall rule, but it is not showing that is wrong
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39882118
Can you post your firewall LAN to LAN rules.
0
 

Author Comment

by:VN-PC view
ID: 39885313
Hi Carlmd

here you goes
Capture.PNG
0
 

Author Comment

by:VN-PC view
ID: 39899424
resolved ( wrong configured on windows side not on sonic wall)

Carlmd , you were gave me right direction
0
 

Author Closing Comment

by:VN-PC view
ID: 39899427
good job
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Asa VPN Site to Site enable local internet access 4 83
Opening Ports 18 83
l2tp tunnel from pc to router 14 74
network error 8 35
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now