cef_soothsayer
asked on
Need help with routing Issue
I have two networks that I need to join. A and B
Network "A" is 10.0.0.x/24 behind a cable modem. No special routing, etc.
Network "B" is more complex. It is a 10.10.x.x/16 network behind a sonicwall TZ210, with a cable modem in front of that. Behind the Sonicwall, there is a Cisco 3850 24 POE+. Here is where it gets interesting: Behind the Cisco are multiple subnetworks and VLANs. Lets call them "B.1" etc.
Network "B.1" is a 10.10.10.x/24 network on VLAN 1.
Network "B.2" is a 10.10.15.x/24 network on VLAN 15.
Network "B.3" is a 10.100.100.x/24 network on VLAN 3.
Network "B.4" is an unknown network with only one node: A managed Dell Switch. The other side of which we will call Network "B.4.1" which also has multiple subnetworks and VLANs.
Network "B.4.1.1" is a 10.10.14.x/24 network on VLAN 4
Network "B.4.1.2" is a 10.10.1.x/24 network on VLAN 5
And finally, on network B.4.1.2 there is another Dell managed Switch, the other side of which we will call Network "B.4.1.2.1" which is a 128.10.1.x/24 on VLAN 5
Clear as mud? Don't blame me. I inherited it and I'm not allowed to change it. (Yet ... )
So, What I need to do is give certain workstations on Network A access to a server on network "B.2" (10.10.15.x/24 network on VLAN 15) and also give access to certain workstations on network B (and various subnets and VLANs) to a server on Network A.
Here's what I did so far:
--------------------------
The sonicwall, from the diagnostics page, can ping the desired server on network A. (joy!) And the server on Net A can ping the sonicwall's X6 port. (joy!)
However, the server on Net A, can NOT ping the nodes in Net B. (understandable, since there is no route saved)
Nor can the nodes in net B ping the Server on net A. (odd, since there *is* a route in the sonicwall.) Furthermore, I plugged a laptop directly into the sonicwall's LAN port and was still unable to ping the server on net A.
For giggles, I set the firewall rules to be wide open in both directions and re-tested. Same results.
Help!
--------------------------
Also - Another new Sonicwall is on the way for network A.
Network "A" is 10.0.0.x/24 behind a cable modem. No special routing, etc.
Network "B" is more complex. It is a 10.10.x.x/16 network behind a sonicwall TZ210, with a cable modem in front of that. Behind the Sonicwall, there is a Cisco 3850 24 POE+. Here is where it gets interesting: Behind the Cisco are multiple subnetworks and VLANs. Lets call them "B.1" etc.
Network "B.1" is a 10.10.10.x/24 network on VLAN 1.
Network "B.2" is a 10.10.15.x/24 network on VLAN 15.
Network "B.3" is a 10.100.100.x/24 network on VLAN 3.
Network "B.4" is an unknown network with only one node: A managed Dell Switch. The other side of which we will call Network "B.4.1" which also has multiple subnetworks and VLANs.
Network "B.4.1.1" is a 10.10.14.x/24 network on VLAN 4
Network "B.4.1.2" is a 10.10.1.x/24 network on VLAN 5
And finally, on network B.4.1.2 there is another Dell managed Switch, the other side of which we will call Network "B.4.1.2.1" which is a 128.10.1.x/24 on VLAN 5
Clear as mud? Don't blame me. I inherited it and I'm not allowed to change it. (Yet ... )
So, What I need to do is give certain workstations on Network A access to a server on network "B.2" (10.10.15.x/24 network on VLAN 15) and also give access to certain workstations on network B (and various subnets and VLANs) to a server on Network A.
Here's what I did so far:
--------------------------
We ran a cable from a dumb switch on Network A to the Sonicwall's X6 port on Network B.
The X6 port was assigned it's own zone and portshield group, and given the IP address of a node on Network A.
I created a route in the sonicwall for access to the 10.0.0.0/24 network through the X6 port.
Then I added rules to the firewall to allow ONLY the desired ports and nodes from Net A to get to the server on net B. And Vica Versa.
Then we tested.
The sonicwall, from the diagnostics page, can ping the desired server on network A. (joy!) And the server on Net A can ping the sonicwall's X6 port. (joy!)
However, the server on Net A, can NOT ping the nodes in Net B. (understandable, since there is no route saved)
Nor can the nodes in net B ping the Server on net A. (odd, since there *is* a route in the sonicwall.) Furthermore, I plugged a laptop directly into the sonicwall's LAN port and was still unable to ping the server on net A.
For giggles, I set the firewall rules to be wide open in both directions and re-tested. Same results.
Help!
--------------------------
Also - Another new Sonicwall is on the way for network A.
Last Comment
ASKER
For traffic initiated withing the A network, it doesn't know how to get to net B. that's stage 2, after the new Sonicwall arrives. The new Sonicwall is for the Net A gateway, and I can add routing when I install it.
For traffic initiated in Net B headed to Net A, the old net B Sonicwall routes traffic to net A. And the return traffic (should?**) go back naturally, as the switch in Net A knows the origin port & IP. (The Net B/Sonicwall /X6 IP on Net A subnet).
So I'm not surprised that nodes on Net A can't reach the server on net B yet. It's "Why cant nodes on Net B reach server on Net A?" that I'm concerned with right now.
Thanks.
** Am I wrong?
For traffic initiated in Net B headed to Net A, the old net B Sonicwall routes traffic to net A. And the return traffic (should?**) go back naturally, as the switch in Net A knows the origin port & IP. (The Net B/Sonicwall /X6 IP on Net A subnet).
So I'm not surprised that nodes on Net A can't reach the server on net B yet. It's "Why cant nodes on Net B reach server on Net A?" that I'm concerned with right now.
Thanks.
** Am I wrong?
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
OMG I totally forgot about the NAT. I had planned on putting it in and assumed I already had. HA!
Fixing the NAT worked. Thanks!
Fixing the NAT worked. Thanks!
ASKER
Doh! <facepalm>
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
You say no special routes on network A. So how does it know where B is? You need a route from A to B OR make the sonicwall TZ210 port on the 'A' network the default gateway for a machine on Network A and then try.