Losing Internet Connection While On Wi-Fi Network

I've been handed a small Windows network and since I've been out of the IT field for about ten years, I figured I would turn to EE again for help, so here goes.

We are running a Sonicwall with two Windows 2012 servers and a local domain.  One server is running all services and the other is a file server that does backup.

Our wi-fi connections lose Internet access randomly.  Our existing IT consultant is suggesting it is a bandwidth issue but I'm not so sure.  The computers that lose connection will generally can get back by either rebooting, waiting a random amount of time or releasing and renewing the IP address.  Their connection to the wi-fi network is still active but the Internet is lost.

Currently the Sonicwall is setup to hand out DHCP as well as one of the Windows 2012 servers.  Could this be causing the problem?

Thanks for any suggestions.
Cary BergeronAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Blake LongEngineerCommented:
Having 2 DHCP servers will definitely cause problems on your network. I would turn it off on the Sonicwall.  Also, what do you have handling your WIFI? It could be a bad access point.
Cary BergeronAuthor Commented:
If I'm not mistaken ( just coming up to speed on this network) I believe the SonicWall TZ205W is running the wi-fi connection.  However, there is also a guest wi-fi network setup as well for some reason using a Netgear WAP WN802T v2
Cary BergeronAuthor Commented:
The SonicWall appears to have DHCP enabled for VPN, according to the network documentation I have.

Should the VPN clients get their DHCP from the Windows 2012 server once they are connected?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Blake LongEngineerCommented:
You should be able to point the Sonicwall wifi at the windows server for DHCP. If the netgear is for guest you may want to leave it as a separate network if that's how it is setup.
Blake LongEngineerCommented:
Yes, the vpn clients can get their DHCP from windows if that's how it is setup. Or you can let the sonicwall hand out DHCP to just the VPN clients and exclude a section from the windows DHCP for them.
David Johnson, CD, MVPOwnerCommented:
Sonicwall is setup to hand out DHCP as well as one of the Windows 2012 servers Bad idea.. they probably work until their client reaches 50% of the lease time and it tries to renew and guess what.. the odds are 50:50 which dhcp server it will get.. Will it get the original? or will it get the other one that says I don't have a reservation for you.. who are you? Unless the ranges don't overlap you will have problems.. this will totally screw up DNS.. are both the sonicwall and the windows DHCP setting the SAME dns settings? probably not..

DHCP is there can be only 1 in a network.. Access points/switches sometimes have dhcp helpers.
Blue Street TechLast KnightCommented:
Hi Cary,

You can run DHCP a few different ways but ultimately not by running both in the same Zone, e.g. Windows Server running DHCP LAN and SonicWALL running DHCP LAN would be an incorrect setup. If you were to do so Windows server's DHCP would automatically shut off. Windows has a strict enforcement on conflicting DHCP servers. An easy tell if this is happening is that the conflicting DHCP server would have to be removed or you'd manually have to re-enable the Windows DHCP server since SonicWALL would take precedence.

To accomplish a proper setup, you need to do one of two things, either: a) Allow Windows Server to manage both LAN & WLAN DHCP traffic or b) have Windows server handle LAN traffic and allow SonicWALL to handle WLAN. You can do either with the correct technical configuration through correcting DNS, using IP Helper DHCP Relay, etc. ..it really becomes a preference.

RE: the VPN side - again, it's your preference you can have either Windows handle VPN & DHCP, have the SonicWALL handle VPN & DHCP or have the SonicWALL handle the VPN and Windows handle the DHCP.

Again, technically all the configs I mentioned can be done correctly and so it comes down to preference. In IT management consolidation is key. As the network size increases the more consolidation matters. So depending on your network size and how complex your environment is will help you determine what makes more sense. There are pros and cons with both DHCP management systems but for me I like the features in SonicWALL more than I do in Windows, however in practice I consolidate everything in Windows since we manage multiple networks, they are all pretty large, and we are so centric to Windows it makes a lot of sense for us.

In a small network (TZ205 supports less than 20-30 users) you could go either way.

Let me know if you have any other questions!
Cary BergeronAuthor Commented:
SonicWALL is now passing DHCP for VPN users to the internal Windows server running DHCP.

However, there are still dropped wireless connections on the wi-fi running on the SonicWALL.  Same as above: Our wi-fi connections lose Internet access randomly.  Our existing IT consultant is suggesting it is a bandwidth issue but I'm not so sure.  The computers that lose connection will generally can get back by either rebooting, waiting a random amount of time or releasing and renewing the IP address.  Their connection to the wi-fi network is still active but the Internet is lost.

Is there something on the SonicWALL which could be causing this?
Blue Street TechLast KnightCommented:
I'd remove the NETGEAR from the equation at least temporarily as a troubleshooting step if not permanantly...you can setup a far better more controllable guest WiFi network on the SonicWALL anyway. Let me know what happens when you do that.

You haven't spoken to how your DHCP settings are in the SonicWALL or if you have any scopes setup for the WLAN on the Windows DHCP side. We need more info in order to help you.
Cary BergeronAuthor Commented:
On the SonicWALL under Network > DHCP Server the "Enable DHCP Server" is unchecked so I am assuming it's not handing out any info.  There is a dynamic scope created but it's not enabled either.

It does look like the VPN connections are picking up an IP address from the Windows DHCP since the IP's assigned are coming from the address pool there.

It's doesn't look like there is a scope setup for WLAN on the Windows server.  If there was, would it be listed under the scope options?
Blue Street TechLast KnightCommented:
OK now we're getting somewhere. So if DHCP for the WLAN isn't in Windows or in SonicWall then either it's being handed out by the NETGEAR or the machines are statically assigned from their NICs.

The VPN DHCP is probably being forwarded to the Windows server explicitly. Check IP Helper or the VPN Server has specified those settings there.

Unless you need the NETGEAR for extended coverage as a WAP I'd remove it and setup the WLAN on the SonicWALL for consolidated management, better features and security.

Once we isolate and setup the correct configuration we can then determine bandwidth issues, etc. But when you're infrastructure is unknown and/or not setup correctly, troubleshooting is sometimes superfluous because setting up best practices remedies many issues (two birds...). If you truly had bandwidth issues on the ISP level you'd see multiple connection issues across multiple Zones ...LAN, WLAN, guest, VPN...not exclusively to WLAN.

Check WLAN NICs...make sure they are not setup statically. Enable WLAN SSID with WLAN scope enabled in DHCP.

Let me know how it goes.
Blue Street TechLast KnightCommented:
How's it going?
Cary BergeronAuthor Commented:
So, still having intermittent issues here.

Currently we are running a simple D-Link dgs-016d switch and are looking to upgrade to a Cisco SG200-50P.  The thought is that the D-Link might be the bottleneck and the SonicWall is doing all the routing.

Couple questions.

1. Would the SonicWall be doing any routing for internal traffic?  Shouldn't the Windows DNS server be handling this?
2. Would we need a full blown layer 3 switch if the D-Link is causing issues or would the SG200 be ok?

We have about 15 workstations along with the hardware above so it's not a major network.
Blue Street TechLast KnightCommented:
In order for us to resolve your issues you have to respond to our posts - its how this forum works and how troubleshooting works. You didn't answer any of my previous questions... :)

Regardless, here is the answers to your questions:
1. Would the SonicWall be doing any routing for internal traffic?  Shouldn't the Windows DNS server be handling this?
DNS does not perform routing...it performs naming lookup queries. You tell it to go to bing.com and it looks up what bing.com translates to as an IP address. Routing can be done by either the SonicWALL or in larger companies +50 users plus and when the backplane is not robust enough done on the L3 Switch layer. However I have seen larger SonicWALL firewalls like NSA 3600's, NSA 4600's handle the entire backplane instead of offloading that function to a separate L3 switch and it was sustainable to do so after running load calcs.

2. Would we need a full blown layer 3 switch if the D-Link is causing issues or would the SG200 be ok?
No, not for your environment. SonicWALL should be able to handle all your backplane needs without bottlenecking. You can use the SonicWALL's L3 built-in switch to route and switch. Again, you really only need to use a dedicated L3 switch to take over these functions once you get to +50 users or the backplane of the SonicWALL is not robust enough. Neither is the scenario in your case.

Did I answer all your questions?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.