dbestcomputers
asked on
Sonicwall config for dual 2 subnets that talk to each other
We have 2 sites with Sonicwall TZ-105 routers. We have a cable that connects the 2 sites directly, and each site also has a WAN connection and an internal LAN, so on the back of the Sonicwall it would be X0 to LAN, X1 to WAN, and X4 I want to connect the 2 sites.
I first tried to assign 192.168.1.x to LAN1, and 192.168.2.x to LAN2, then 192.168.100.x to the X4 interfaces on each end, so Router1 has 192.168.100.1 and Router2 has 192.168.100.2. I then tried to set up a static route (I'm not familiar with this so I may have gotten it wrong). The static route stated that the 192.168.1.0 and 192.168.2.0 (on the respective routers) subnets were across the X4 interface and to go out the Gateway IP of the X4 interface. I was unable to ping across X4 at all. I experimented with this for a while before trying something else.
I found a guide on the net that said to do it as follows:
On Router1 I set up the X4 interface to portshield to X0, meaning that X4 is simply a switchport attached to X0, so no IP is assigned to that port. On router2, I assigned X4 an IP address from the scheme of Router1 (192.168.1.249), Then the guide said to set X4 interface to the "WAN" zone. I did this and the link now works, but it is very slow and I constantly lose connectivity for a few seconds, so I don't think this configuration is best.
I would like PROPER instructions to connect 2 LANs (on X0 of the routers) through the hardline I have on X4. Please do not post back with vague comments on possible issues with my config. Assume I have reset the routers to factory defaults and I am starting over. Thanks.
I first tried to assign 192.168.1.x to LAN1, and 192.168.2.x to LAN2, then 192.168.100.x to the X4 interfaces on each end, so Router1 has 192.168.100.1 and Router2 has 192.168.100.2. I then tried to set up a static route (I'm not familiar with this so I may have gotten it wrong). The static route stated that the 192.168.1.0 and 192.168.2.0 (on the respective routers) subnets were across the X4 interface and to go out the Gateway IP of the X4 interface. I was unable to ping across X4 at all. I experimented with this for a while before trying something else.
I found a guide on the net that said to do it as follows:
On Router1 I set up the X4 interface to portshield to X0, meaning that X4 is simply a switchport attached to X0, so no IP is assigned to that port. On router2, I assigned X4 an IP address from the scheme of Router1 (192.168.1.249), Then the guide said to set X4 interface to the "WAN" zone. I did this and the link now works, but it is very slow and I constantly lose connectivity for a few seconds, so I don't think this configuration is best.
I would like PROPER instructions to connect 2 LANs (on X0 of the routers) through the hardline I have on X4. Please do not post back with vague comments on possible issues with my config. Assume I have reset the routers to factory defaults and I am starting over. Thanks.
ASKER
How do I set up advertising the LAN over the X4 connection, I assume it has something to do with enabling RIP or setting a static route? I think that's the part I'm most confused about. Can you walk me through that?
I did this like your second attempt and it works.
Sonicwall1 port sheild x4 to x0
Sonciwall2 x4 assign ip in LAN range of sonicwall 1. Zone isn't important unless you want firewall rules. If you are bridging lans like I was, just leave it as LAN
Plug in x4 to x4
Sonicwall1 make address object for sonicwall2 network (let's call it s2)
Set traffic to s2 to use x4 and sonicwall2 x4 ip as it's gateway
Same thing in reverse on the sonicwall2
I can help with better specifics when I'm back in the office and can see my sonicwall Monday if you still need help.
Sonicwall1 port sheild x4 to x0
Sonciwall2 x4 assign ip in LAN range of sonicwall 1. Zone isn't important unless you want firewall rules. If you are bridging lans like I was, just leave it as LAN
Plug in x4 to x4
Sonicwall1 make address object for sonicwall2 network (let's call it s2)
Set traffic to s2 to use x4 and sonicwall2 x4 ip as it's gateway
Same thing in reverse on the sonicwall2
I can help with better specifics when I'm back in the office and can see my sonicwall Monday if you still need help.
One way is to setup a static map
SONICWALL1 192.168.254.1
SONICWALL2 192.168.254.2
Sonicwall1
LAN_OF_SONICWALL2 via 192.168.254.2
Sonicwall2
LAN_OF_SONICWALL1 via 192.168.254.1
See if the Aaron's guidance to your initial attempt is sufficient, or whether you want to have any control of inter-lan traffic. i.e. Limit .....
Here is a guide to setup dynamic advertising between two location. This type of setup simplifies things down the road if you ever add additional segments.
The example covers a VPN to connect, but you can use this example to map the X4 interface and the VPN in the event the X4 connection gets cut.
http://www.sonicwall.com/downloads/SonicWALL_Failover_Network_Designs.pdf
SONICWALL1 192.168.254.1
SONICWALL2 192.168.254.2
Sonicwall1
LAN_OF_SONICWALL2 via 192.168.254.2
Sonicwall2
LAN_OF_SONICWALL1 via 192.168.254.1
See if the Aaron's guidance to your initial attempt is sufficient, or whether you want to have any control of inter-lan traffic. i.e. Limit .....
Here is a guide to setup dynamic advertising between two location. This type of setup simplifies things down the road if you ever add additional segments.
The example covers a VPN to connect, but you can use this example to map the X4 interface and the VPN in the event the X4 connection gets cut.
http://www.sonicwall.com/downloads/SonicWALL_Failover_Network_Designs.pdf
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for dbestcomputers's comment #a40006515
for the following reason:
I really wanted to to work via route advertisement and static mappings, keeping the subnets completely seperated by a subnet in the middle, but I wasn't able to get that result. Instead I set up a VPN over the "WAN" link that was X4 to X4.
Accepted answer: 0 points for dbestcomputers's comment #a40006515
for the following reason:
I really wanted to to work via route advertisement and static mappings, keeping the subnets completely seperated by a subnet in the middle, but I wasn't able to get that result. Instead I set up a VPN over the "WAN" link that was X4 to X4.
You found two solutions that worked, one was slow for you and one used a VPN, but these are both still solutions. My solution was in place on my network for over a year and was not slow at all. If you needed help trying to get it working faster you should have asked.
ASKER
OK whatever, I'll accept the solution, I don't have time to waste on this.
However, the solution given was not working. "Slow" really doesn't justfy what was happening on the link, I should've been more specific, I could get 2 of 5 pings across usually, and the other 3 timed out. So we can prove there is "some" connection by pings but no data could be passed across the link. I don't consider that working at all.
You were specific in your configuration details as I requested but it really wasn't a valid solution IMO.
Also, the VPN solution (which actually worked) was MY solution, which I TRIED to accept as the solution before your rebuttal.....
Anyway, don't care, don't have time, here you go buddy.
However, the solution given was not working. "Slow" really doesn't justfy what was happening on the link, I should've been more specific, I could get 2 of 5 pings across usually, and the other 3 timed out. So we can prove there is "some" connection by pings but no data could be passed across the link. I don't consider that working at all.
You were specific in your configuration details as I requested but it really wasn't a valid solution IMO.
Also, the VPN solution (which actually worked) was MY solution, which I TRIED to accept as the solution before your rebuttal.....
Anyway, don't care, don't have time, here you go buddy.
192.168.254.250/30
One sonicwall will have 192.168.254.251/30 while the other 192.168.254.252/30
You then will eighter configure the two sonicwall to advertise their LAN and possibly a less preferred route to the outside that will function as a failover in case the WAN connection drops.