Link to home
Start Free TrialLog in
Avatar of rudym88
rudym88

asked on

Sonicwall NCS240

Hi guys,

Hoping someone can enlighten me with his or her wisdom.
Have two Sonicwall NSA 240 connecting two sites via VPN and all is working fine. Recently we installed a fiber to connect the two sites, one end of the fiber is connected to the LAN at Site-A and the other is connected to a switch at site-B, if I take a computer and plug-it in the switch at Site-B I get an IP from Site-A.

The question is, can a cable be connected to port X4 (my next available port) on the Sonicwall at Site-B from the switch coming from site-A and configure the Sonicwall to allow access either network from either site and eliminate the VPN.

If so, can someone tell me how or guide me in the right direction?

Any help is greatly appreciated.

Thanks
Rudy
Avatar of Carl Dula
Carl Dula
Flag of United States of America image

It sounds like you can eliminate the STS VPN without doing anything more if I understand your statement., "if I take a computer and plug-it in the switch at Site-B I get an IP from Site-A. "

To prove this why don't you just shut down the STS VPN and see if you can still access A from B.

Is the switch at Site B on the LAN there?
If you have a fiber link between Site A to Site B, you do not need the SonicWall VPN anymore. because you know have a Physical Link between the two sites.

what type of switches is the new fiber link connected to? I would suggest looking into VLANs and making the new Physical Fiber Link between the two sites a trunk Link.
Avatar of rudym88
rudym88

ASKER

Ruiz the switch is unmanaged.

Currently I have a cable going from the switch to port X3 on the NSA 240, I think what I need is to created (which I have tried but cant get it to work) a two way route between X0 and X3.

If someone can guide me or point me in the right direction it would be great.
Is there a reason why you want to run the new fiber traffic through the Sonicwall? If this is a point to point circuit with no outside access, and you trust the activity from/to the offices, you don't need to do this. On the other hand, you can if you want to use the Sonicwall to restrict services, but you do not need the VPN to do this.

Without the Sonicwall, if you simply connect the switch to the lan at that office you will have connectivity between the two offices.

Please advise as to which way you want to go?
Avatar of rudym88

ASKER

Carl thank for the reply, remember there is a network on site A running DHCP, if I connect the cable from site-a to the LAN of site-B, the clients on site-B would receive a IP from site A.

I think all I need is to create a route between port X0 and X4 but unfortunately I was not been able to get it to work.
ASKER CERTIFIED SOLUTION
Avatar of Carl Dula
Carl Dula
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of rudym88

ASKER

Carl,

I created the rule as follow but it doesn't work.

From - LAN-to-LAN
Source Port: Any
Service: Any
Source: LAN Primary Subnet
Destination: X4  Subnet (port is currently configured Zone::LAN, static IP: 192.168.0.250)

If you could send instructions it would be great, and much appreciated.
Avatar of rudym88

ASKER

Also should I connect the Fiber at Site-A to the Sonicwall of leave it connected directly to the switch on the LAN.

Thanks
Did you also  create the reverse rule, with X4 as the Source and LAN as the destination? Traffic needs to go both ways.
If I understand your setup, you can leave it connected to the switch, since you want it as part of the LAN.
Avatar of rudym88

ASKER

yes, but remember I also want site-a to access resources on site-b

Thanks
Avatar of rudym88

ASKER

sorry did not see the previous reply, I did create the rule at site-a
Lets review to make sure I have the connections right.

The fiber circuit is plugged into a switch at site A, that is connected to the LAN side of the Sonicwall. That is directly o the LAN and not through the Sonicwall.

At site B, the other end of the fiber is connected to X4 on that Sonicwall.

Is this correct?

What are the LAN subnets at both A and B?
Avatar of rudym88

ASKER

Yes that is correct.

Site A:  192.168.145.0
Site B: 192.168.0.0

Thanks
Is the switch at Site A managed? Does the fiber circuit have an ip address assigned to the fiber termination or at the switch? If so, what is it.

I believe you have a routing issue. Just need a bit more info. If you happen to have a diagram of your networks, please attach that as it would help.
Avatar of rudym88

ASKER

Sorry for the delay, was traveling, Attached find the visio diagram

Thanks for you help
Drawing1.vsd
What ip address have you assigned to X6 on the A and B Sonicwalls?

Can you provide copies of the rules you created for LAN to LAN on both Sonicwalls.

Are you using X4 or X6?