Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

SonicWall TZ215 WAN failover

Posted on 2014-10-14
8
200 Views
1 Endorsement
Last Modified: 2014-11-10
I have a sonicwall   setup for wan failover< ISP1 and ISP2.  When one goes down and switches over the DNS does not.  The ISP that it switches too DNS doesnt switch over and still looks at the initial DNS of the down ISP.  Is their a solution to this??
DNS is not setup on Sonicwall
DNS stops working on server when failover from isp1 to isp2 happens
DNS forwarders on server are open DNS First in list then google DNS servers
Server nic points to its self
clients nic point to Server for DNS
1
Comment
Question by:nexxtep
  • 3
  • 3
  • 2
8 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40381449
You you have an internal DNS? What hands out dhcp?

It sounds like you have an internal DNS server which means the sonicwall should use that for its DNS. Personally I never use the ISP DNS servers for anything.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40381878
Changing to point to external dns servers (like google) might solve your problem.
0
 

Author Comment

by:nexxtep
ID: 40381982
DHCP and DNS is run on 2012 r2 server.  my server does point to Google and open DNS servers google being first. I have moved the forwarders up and down but no difference.  Once the failover falls back to the primary everthing works again.  Its just happens when going from ISP 1 to ISP 2 failover.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 20

Expert Comment

by:carlmd
ID: 40382133
Do you have any firewall or App Control rules that force the dns services out a particular interface, or block it from one?

If not try this and see if it works. On your lan dns server change the dns to point to the LAN interface of the Sonicwall. Leave the secondary dns etc settings blank.
0
 

Author Comment

by:nexxtep
ID: 40382380
Carlmd,      I have basic setup of the TZ215 loadbalaceing and failover all defaults new sonicwall. Question, on lan dns server you mentioned above do you mean change the primary forwarders on my dns server to point to the LAN interface of sonicwall???
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 250 total points
ID: 40382516
There are lots of ways to setup dns, but here is what I would suggest:
sonicwall, dhcp, and everything else points to your internal windows 2012r2 dns server. If you have a second dc (you really really should), use that ip as the secondary. Remove all forwarders from your dns servers, and just let them use root hints.
0
 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 250 total points
ID: 40384063
Yes, change the forwarder to the LAN Sonicwall interface and do not list any secondary.

This is something that sometimes works depending upon your specific configuration.
0
 

Author Closing Comment

by:nexxtep
ID: 40433731
thank you experts that did help out alot.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question