Solved

Sonicwall TZ 215 Config

Posted on 2014-07-25
6
347 Views
Last Modified: 2014-08-08
X0- LAN1 Data Switch (192.168.1.0 network)
X1- WAN1 (FIOS)
X2- WAN2 (T-1)
X3- LAN2 VoIP switch (192.168.2.0 network)
X4 and X5 Portshield to X0

Pretty much I want all traffic for VoIP switch (X3) to use ONLY T-1 WAN (X2).  All traffic  from data switch (X0) can use ONLY FIOS (X1).  I also have failover setup.  Just want to make sure my setup is correct.

Custom Routing Policies 1:
Source: Address Object (VoIP Traffic- 192.168.2.0)
Destination: Any
Service: VOIP
Gateway: X2 Default Gateway
Interface: X2
Metric: 1
Priority: 8

Custom Routing Policies 2:
Source: LAN Primary Subnet
Destination: Any
Service: Any
Gateway: X1 Default Gateway
Interface: X1
Metric: 1
Priority: 11

Would also like to implement QOS for VOIP.  I had some phone call quality issues a couple nights ago, but after adding custom routing policy 2 things improved.
0
Comment
Question by:Pedro Guerrero
  • 3
  • 3
6 Comments
 
LVL 24

Expert Comment

by:masnrock
ID: 40221286
I would have done NAT policies. That way, it routes the traffic just the way you want it, and also does the translations properly.

Since you have one whole interface for VOIP and nothing else, you really will not need to do QoS. Is your VOIP system hosted or in house?
0
 

Author Comment

by:Pedro Guerrero
ID: 40221411
VoIP system is hosted through ringcentral.  After opening their required UDP ports phone quality has been great.

Can you explain exactly how NAT policies would work better than what I have?
0
 
LVL 24

Accepted Solution

by:
masnrock earned 500 total points
ID: 40221429
Having reviewed again what you did, you might have actually basically accomplished the exact same thing. So no point in going and changing things around. Have you checked the firewall rules to make sure that the two LANs cannot communicate with one another? Only other thing I can think of to review is whether the failover is working the way you want it to.

BTW - If you ever start looking at an in house solution (I remember your mentioning 35 voip phones in house), I'd recommend 3CX, which has a bit of an upfront learning curve, but isn't overly difficult to get the features you need going. I can always recommend some vendors if need be. I've been in the process of testing it for rolling out in my office and to a few clients in need of replacement phone systems.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Pedro Guerrero
ID: 40224048
The two LANs do communicate; i will setup that rule today. I tested failover and works just fine.

My scan to email stopped working after I installed sonicwall.  Getting a SMTP Gateway error.  Any idea?  Could it be router blocking access?
0
 
LVL 24

Expert Comment

by:masnrock
ID: 40225910
Could be many different reasons. Is the email being sent to a relay outside of the network, or using an in house mail server?
0
 

Author Comment

by:Pedro Guerrero
ID: 40225956
relay outside of network.  was doing some troubleshooting and it worked using ip address of mail server.  Looks like it may be a DNS issue?  Everything DNS related on computers have been working just fine though.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question