Perrin25
asked on
SonicWall TZ 600
At my office all of the computers plug into a central Dell switch that connects to the X0 LAN port and should be getting DHCP address from the 100 subnet. On Monday we had a computer that got an DHCP address from the 180 subnet so we put that computer on a static IP and thought the issue was resolved. Tuesday we got 2 more computers that recieved IP addresses from the 180 subnet so we just removed the DHCP hoping that would resolve the issue. Wednesday we had two more computers get incorrect DHCP addresses. On my computer I got an 160 subnet address, then I reset it and I got a 99 subnet address. Finally, I put in a static IP so I could work. Once I was able to, I set my computer back to DHCP and yesterday afternoon and again today I got the correct 100 subnet address but today another computer got the 99 subnet IP address.
I am using a TZ600 with Firmware Version SonicOS Enhanced 6.2.7.0-19n. I do not have any portsharing set up (I did contact sonicwall support to confirm this). On Sunday we copied the settings from an NSA 250 which had 5 ports and an expansion card with 5 additional ports. We did need to change the port number for the last five from M0X1 to X5, MOX2 to X6, etc, and then change the zone names in the FireWall Access Rules. Here are the listing of what is on what port:
X0 - primary LAN 192.168.100.1 (has own DHCP)
X1 - WAN
X2 - Separate LAN (used connect a separate sonicwall in a location without internet)
X3 - WLAN (sonicpoint) 192.168.99.1 (has own DHCP)
X4 - Unassigned
X5 - Sandbox 192.168.180.1 (we deleted the DHCP on this one)
X6 - Alarm 192.168.150.1 (has own DHCP)
X7 - Credit 192.168.160.1 (has own DHCP)
X8 - Guest Access 192.168.20.2 (wireless guest access through a sonicwall TZ 200)
X9 - HA-Link
for the zones Alarm, credit, DMZ, Guest Access, Sandbox, the source is set to any, the destination is set to any, the service is set to any, the action is set to Deny, users included is set to All, users excluded is set to None.
So my question is, has anyone experienced this before and/or have a suggestion for something that I might have set up incorrectly?
I am using a TZ600 with Firmware Version SonicOS Enhanced 6.2.7.0-19n. I do not have any portsharing set up (I did contact sonicwall support to confirm this). On Sunday we copied the settings from an NSA 250 which had 5 ports and an expansion card with 5 additional ports. We did need to change the port number for the last five from M0X1 to X5, MOX2 to X6, etc, and then change the zone names in the FireWall Access Rules. Here are the listing of what is on what port:
X0 - primary LAN 192.168.100.1 (has own DHCP)
X1 - WAN
X2 - Separate LAN (used connect a separate sonicwall in a location without internet)
X3 - WLAN (sonicpoint) 192.168.99.1 (has own DHCP)
X4 - Unassigned
X5 - Sandbox 192.168.180.1 (we deleted the DHCP on this one)
X6 - Alarm 192.168.150.1 (has own DHCP)
X7 - Credit 192.168.160.1 (has own DHCP)
X8 - Guest Access 192.168.20.2 (wireless guest access through a sonicwall TZ 200)
X9 - HA-Link
for the zones Alarm, credit, DMZ, Guest Access, Sandbox, the source is set to any, the destination is set to any, the service is set to any, the action is set to Deny, users included is set to All, users excluded is set to None.
So my question is, has anyone experienced this before and/or have a suggestion for something that I might have set up incorrectly?
J Spoor
sounds like you have a VLAN misconfiguration on the switches and X0 and X5 are somewhere connected to each other
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay it looks like the issue might be with the High Availability. I used the 160 subnet and plugged the one computer on that subnet directily into the Primary TZ600 and there was no issues. I plugged the computer back into the switch and connected the switch to both tz600 and has the same problem, the computer was switching between 100 subnet and 160 subnet each time I released and renewed the ip. then I unplugged the connection to the HA and the issue stopped. I was only getting the 160 subnet after each release and renew.
is the HA cable directly attached between the two TZ600s ?
ASKER
The HA is directly attached and I even swapped cables to be sure that was not the issue. I am doing a factory reset on the HA box now. I will update.