How to reconfigure Corporate WLAN on Sonicwall with Windows DHCP

Pawel Gawronski
Pawel Gawronski used Ask the Experts™
on
Good Evening All,

This is my first post to Exchange Experts. I always tried to find my way by trying different solutions to the issues I had however I ma now facing DHCP issue on our new site with sonicwall product I have never used. Never used sonicwalls at all.

So I have below interfaces set:
Sonicwall Interfaces Config
At this site corporate WLAN on X2:V20 is our corporate WIFI with DHCP served from SonicWall with range 10.0.3.xxx to 10.0.3.200
X0 with subnet 10.0.0.1 is a Corporate LAN with DHCP served from Widnows Server 2016 deployed by me with subnet range 10.0.0.xxx to 10.0.0.200

Now I have to merge those so the WLAN network take DHCP from the Windows server instead of sonicwall.
Sonicwall Model: NSA 2600


Any suggestions please?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
J SpoorTME / Network Security Evangelist

Commented:
you do not have to merge them, actually there is no easy way to merge them.
You can however move the 10.0.3.0/4 DHCP scope to your DHCP server, remove the Scope and create an IP Helper policy on the SonicWall.

An alternative is moving that specific VLAN to a Layer2 Bridge with X0. This depends on if your firmware supports it.

Author

Commented:
Hi J Spoor,

Thank you for your reply.

I dont want to move the DHCP, I dont want o use this Scope at all as we have domain scope within 10.0.0.xxx range.

"An alternative is moving that specific VLAN to a Layer2 Bridge with X0. This depends on if your firmware supports it."
This is the way I have worked out last night but is this a good practice?
J SpoorTME / Network Security Evangelist

Commented:
As long as the WLAN is on a layer 3 interface, it needs it's own subnet and it's own DHCP scope.

Although L2B makes it simple in a number of cases, routing wise, especially with VPN routing, can be problematic.
If you are not seeing any issues with routing (especially between WLANs), L2B probably will work for your needs.
Expert Spotlight: Joe Anderson (DatabaseMX)

We’ve posted a new Expert Spotlight!  Joe Anderson (DatabaseMX) has been on Experts Exchange since 2006. Learn more about this database architect, guitar aficionado, and Microsoft MVP.

Author

Commented:
J Spoor,

Issue I am facing having it done that way is that wifi network is recognised as Public Unauthenticated as per below screenshot:

Both however are within the same subnet 10.0.0.xxx

This is on multiple pcs on Windows 10 Pro

I have tried rebooting DC/DHCP no luck.
unauthenticated_network.png
J SpoorTME / Network Security Evangelist

Commented:
missing the screenshot?

Author

Commented:
yes sorry:) just loaded to the previous comment.
J SpoorTME / Network Security Evangelist

Commented:
that's windows indeed for ya... not sure how to work around that...
try adding a WLAN to LAN NetBIOS IP helper policy.

Author

Commented:
any suggestion how would I do that please?
J SpoorTME / Network Security Evangelist

Commented:
Manage>Network>IP Helper
enable IP helper
enable NetBIOS protocol
click accept

add a new policy
protocol NetBIOS
Source X2:V20
Destination X0 subnet

Author

Commented:
Tried that and I have an error coming up:

 Address range overlaps with another range
J SpoorTME / Network Security Evangelist

Commented:
guess that's one of the features not compatible with L2B...

suggest you use WINS server instead

Author

Commented:
there must be a way doing it other way round so it can take DHCP with all settings from the physical Windows Server host?
J SpoorTME / Network Security Evangelist

Commented:
well both in L2B mode as well as in routed mode with IP Helper policies you can use the Windows server.

Author

Commented:
which I am doing so why it does this unauthenticated message?
Actually, L2B plus adding DHCP policies in IP Helper from Interface X2:20 to the DHCP server IP as a destination resolve the issue with IP address to be assigned only from 10.0.0.xxx subnet.

Following by a reboot of the server I have notice time is incorrect on the server and sonicwall so changed them both to much current timezone and now this is all working fine. Unauthenticated network message gone.

Thanks for all your help,
Pawel

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial