Solved

SonicWall TZ215 WAN failover

Posted on 2014-10-14
8
202 Views
1 Endorsement
Last Modified: 2014-11-10
I have a sonicwall   setup for wan failover< ISP1 and ISP2.  When one goes down and switches over the DNS does not.  The ISP that it switches too DNS doesnt switch over and still looks at the initial DNS of the down ISP.  Is their a solution to this??
DNS is not setup on Sonicwall
DNS stops working on server when failover from isp1 to isp2 happens
DNS forwarders on server are open DNS First in list then google DNS servers
Server nic points to its self
clients nic point to Server for DNS
1
Comment
Question by:nexxtep
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 40381449
You you have an internal DNS? What hands out dhcp?

It sounds like you have an internal DNS server which means the sonicwall should use that for its DNS. Personally I never use the ISP DNS servers for anything.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40381878
Changing to point to external dns servers (like google) might solve your problem.
0
 

Author Comment

by:nexxtep
ID: 40381982
DHCP and DNS is run on 2012 r2 server.  my server does point to Google and open DNS servers google being first. I have moved the forwarders up and down but no difference.  Once the failover falls back to the primary everthing works again.  Its just happens when going from ISP 1 to ISP 2 failover.
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 20

Expert Comment

by:carlmd
ID: 40382133
Do you have any firewall or App Control rules that force the dns services out a particular interface, or block it from one?

If not try this and see if it works. On your lan dns server change the dns to point to the LAN interface of the Sonicwall. Leave the secondary dns etc settings blank.
0
 

Author Comment

by:nexxtep
ID: 40382380
Carlmd,      I have basic setup of the TZ215 loadbalaceing and failover all defaults new sonicwall. Question, on lan dns server you mentioned above do you mean change the primary forwarders on my dns server to point to the LAN interface of sonicwall???
0
 
LVL 39

Accepted Solution

by:
Aaron Tomosky earned 250 total points
ID: 40382516
There are lots of ways to setup dns, but here is what I would suggest:
sonicwall, dhcp, and everything else points to your internal windows 2012r2 dns server. If you have a second dc (you really really should), use that ip as the secondary. Remove all forwarders from your dns servers, and just let them use root hints.
0
 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 250 total points
ID: 40384063
Yes, change the forwarder to the LAN Sonicwall interface and do not list any secondary.

This is something that sometimes works depending upon your specific configuration.
0
 

Author Closing Comment

by:nexxtep
ID: 40433731
thank you experts that did help out alot.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
increase internet speed 3 101
Block YouTube via Application Control in Fortigate 1000C 3 123
Monitor Bandwidth throughput in Fortigate 100D 1 41
ASA Tunnel 18 49
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question