?
Solved

TopicsNetworking Hardware Firewalls ,Miscellaneous Networking ,Networking

Posted on 2014-02-17
11
Medium Priority
?
341 Views
Last Modified: 2014-03-02
any helps shred some light every appreciates
needsaccess from X2 to our X0 port and vice versa.  


SW HP--sonicwal---Internet

Sw = L3 /(2)vlans

sonicwall X1 = ip 192.168.101.254 connecting to SW port 1(vlan 100)
Zone = X2 = ip 192.168.102.254  connecting to SW port 17 ( vlan 200)

SW-HP

Vlan 100 = 192.168.101.150

Vlan 200 = 192.168.102.150


Sonicwal route policy
Any      X2 Subnet      Any      0.0.0.0        X2      20      5


from X0 network I can accessing to X2 network = yes
from X2 network I could n't  to X0 network = not able


HP2650# conf
HP2650(config)# sh run

Running configuration:

; J4899A Configuration Editor; Created on release #H.10.83

hostname "HP2650"
interface 1
   no lacp
exit
interface 2
   no lacp
exit
interface 49
   no lacp
exit
interface 50
   no lacp
exit
trunk 49-50 Trk1 LACP
sntp server 207.200.81.113
ip routing
ip timep dhcp
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   no ip address
   no untagged 1-48,Trk1
   exit
vlan 100
   name "manage-vlan"
   untagged 1-16
   ip address 192.168.101.150 255.255.255.0
   tagged Trk1
   exit
vlan 200
   name "VLAN200"
   untagged 17-32
   ip address 192.168.102.150 255.255.255.0
   ip helper-address 192.168.101.254
   tagged Trk1
   exit
vlan 300
   name "VLAN300"
   untagged 33-48
   ip address 192.168.103.151 255.255.255.0
   ip helper-address 192.168.101.254
   tagged Trk1
   exit
ip route 0.0.0.0 0.0.0.0 192.168.101.254
no stack
spanning-tree
spanning-tree Trk1 priority 4
spanning-tree priority 0

1
0
Comment
Question by:VN-PC view
  • 7
  • 4
11 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 39868530
Have you added a rule to permit all traffic from X0 to X2 and vice versa?
0
 

Author Comment

by:VN-PC view
ID: 39869210
you meant Nat rule ? can you point me where how to .

many thanks
0
 
LVL 20

Accepted Solution

by:
carlmd earned 2000 total points
ID: 39869983
OK. X1 is the default WAN interface, so I assume you are using it that way. X0 is the default LAN interface. So is X2 defined as a LAN interface? Are you using any other interfaces on this Sonicwall? What model Sonicwall is this?

Given that X1 is the WAN, and X2 is a LAN interface, by default all traffic from X1 and X2 to X0 will be permitted by default. If you look (Firewall -> Access Rules) you should see an "any any" rule for for LAN -> WAN. Do you have this?

Can you post what you see from Network -> Interfaces. You can sanitize any public ip addresses.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 

Author Comment

by:VN-PC view
ID: 39870021
hi,

x1 LAN
x2 LAN 2 ( they both same zone of (trust), so route policy  all good here and access rule ( firewall) all good > allow any both side interface, I think it is default when you set x2 s same zone as LAN , sonicwall create default trusted, but I can accessing from x0 to x2 but when x2 to x0 not able,  maybe NAT issue

both x0 , x2 all able accesses to internet fine,
policy-rule.PNG
0
 

Author Comment

by:VN-PC view
ID: 39870078
Hi carlmd

forgot tell you model tz 150 firmware 5.8.xx
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39876822
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?

Does the log have any entries (blocking?) when you attempt access from X2->X0?
0
 

Author Comment

by:VN-PC view
ID: 39881323
Under Firewall->Access Rules do you have an any any (permit all) rule from LAN to LAN?

YES= all

Does the log have any entries (blocking?) when you attempt access from X2->X0?

YES= blocking from x2 to LAN
firewall rule doesn't have interface X2 - LAN not exist?
I suppose it must have X2 showing in firewall rule, but it is not showing that is wrong
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39882118
Can you post your firewall LAN to LAN rules.
0
 

Author Comment

by:VN-PC view
ID: 39885313
Hi Carlmd

here you goes
Capture.PNG
0
 

Author Comment

by:VN-PC view
ID: 39899424
resolved ( wrong configured on windows side not on sonic wall)

Carlmd , you were gave me right direction
0
 

Author Closing Comment

by:VN-PC view
ID: 39899427
good job
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month16 days, 11 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question