• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 241
  • Last Modified:

SonicWall TZ-105 - How to (VLAN) isolate my lab's different Active Directory Forests

I am building my home lab with some decent Hyper-V servers/guests - so potentially plenty of AD forests & domains to come.  They should not be able to see each other except, perhaps down the road, I will create cross-forest trusts - but that could be another EE question.

SonicWall TZ-105
Several unmanaged 1GB switches
UBEE Cable Modem
I have 5 static public IP addresses from my ISP.
Internally, I plan to use a   /16    10.50.x.x

My question is:
How do I isolate my Active Directory forests via my SonicWall(network)?
VLANs? and if so then how?
  • 4
1 Solution
K BAuthor Commented:
Okay.  I did just find this video so it does give some insight to create the VLANs - So I believe I am okay there.

Q: How do I allow access for my laptop via RDP to each of the VLANs?
Q: How do I add my Wireless Access Point to certain VLANs?
For example, I need to be obtain an IP address via DHCP from the SonicWall but use the Wireless Access Point (on a different VLAN?) too.  Maybe I am over-thinking it?

...so if my VLANs are for example:
VLAN1   -   10.50.1.x   (Network Gear)
VLAN2   -   10.50.2.x   (Servers)
VLAN3   -   10.50.3.x   (Virtual Guests)
VLAN4   -   10.50.4.x   (DHCP)
...static routes?  Any help would be much appreciated!
Thank you!
K BAuthor Commented:
So researching a bit more I believe I am looking for the ability to do Inter-VLAN Routing.
Can my SonicWall do this and if...

...yes:  How?
...no:  Is there a work around?

Thank you again!
K BAuthor Commented:
Do I need a switch capable of doing Inter-VLAN routing?
How much is a cheap switch capable of Inter-VLAN routing?
Can I use static routes instead?  If so, how?
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

bbaoIT ConsultantCommented:
> building my home lab with some decent Hyper-V servers/guests
> potentially plenty of AD forests & domains to come.

basically you need a virtual infrastructure to support your coming ADs especially for a multi-forest environment which should require inter-subnet / inter-VLAN / inter-domain communications.

if all your DCs are to be running in VMs (that's commonly the purpose for the lab), then you actually don't need your SonicWALL device for VLAN isolation and routing. you need everything virtual including the central router, firewall and DHCP services.
K BAuthor Commented:
Thank you for your reply.
I would like vlans with my sonicwall. I have printers, the children's gaming consoles, Mobile devices and workstations, that hook up to the TVs all that I would like to vlan. I understand that I can do VLANs with the virtual inftructure and I appreciate the reply but I would like to do VLANs with the sonicwall if possible.
Aaron TomoskySD-WAN SimplifiedCommented:
The sonicwall can do vlans and your intervlan routing, but without a smart switch you can only use each port out of the sonicwall as one vlan, so a max of 4 I believe. If you had a netgear gs724t for example, you could have a bunch of tagged vlans coming out one port of the sonicwall and splitting out at the switch.

That said, to really play right, I agree you should also setup a virtual router.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now