Link to home
Start Free TrialLog in
Avatar of Y Y
Y Y

asked on

SonicWALL TZ215 - how to allow broadcast between VLANs?

The main network is short of IPs, so we created a VLAN and moved all VoIP phones to this new VLAN. The PBX has to remain in the main network. We setup firewall rules to allow all traffic between the main network and the VLAN on both directions. All the VoIP phones on this VLAN work fine EXCEPT that
1. Paging voice do not come out from the speakers on all phones any more
2. Background music do not come out from the speakers on all phones any more.

For troubleshooting purpose, we moved a VoIP phone back to the main network, the above 2 problems disappeared right away, the phone worked as normal again.

I could be wrong, but I think we need to enable broadcast between the main network and the VLAN on the firewall. But i have no idea how to do it.
The firewall is SonicWALL TZ215

Any thoughts?

Thanks!
Avatar of hypercube
hypercube
Flag of United States of America image

The PBX has to remain in the main network.
I hate to be annoying but this would be the first thing I'd want to tackle.  There must a a good reason for this and I don't need to know what it is.  So, I won't ask "why?".  Just food for thought.

I don't know how the PBX can communicate with the phones without broadcast capability.  I tried to argue a few days ago that one might try an arrangement like this (where there wasn't necessarily a broadcast address that would work) and one of the other Experts explained why it wouldn't work.  So I've abandoned the idea.

Generally one wants to prevent broadcast traffic between networks.

Have you considered simply increasing the number of addresses by going from /24 to /23 or... whatever?  The idea that traffic will be too great is a good caution but not always a practical concern.  How many computers, etc?

Back to my original comment, good system design would have things partitioned as well as makes sense to do.  If the PBX is on a separate subnet from the  phones then that violates good system design because they both comprise "the phone system".  

The PBX is going to have its own subnet broadcast address on which to listen and on which to broadcast.  So how would it know to broadcast on another address??  The arrangement needs a bit of explanation in such details.
Avatar of Y Y
Y Y

ASKER

Thanks Fred for the input.
Leaving the PBX in the main network would be much easier for us as we have other VoIP phones from other locations connecting back to this PBX via VPNs. Moreover, a few VoIP phones are still staying in the main network.
 
Yes, we already considered /23 network, but it seems to be more work. This is a SBS 2011 network, SBS 2011 does not like anything other than /24. Also, we have hard coded 30+ static IPs on various devices, it can be difficult to go thru all of them to make changes.

I am waiting for the reply from the phone company and also researching on how paging and background music work on this phone system. It is quite frustrated to have this problem even though we have already configured SonicWALL to allow "ALL" traffic between the main network and the new VLAN.

I will keep you posted if any updates.

Thanks again!
Yes, it appears that SBS 2011 *wizards* assume /24.  But it also appears that it can be configured after using the wizards using /24 as an interim step.  I'm sure others know better than I on this point.
e.g. https://social.technet.microsoft.com/Forums/en-US/2268e7f0-1fc9-409d-bdbc-d091919a1303/sbs2011-does-network-wizard-assume-that-network-mask-is-24bit?forum=smallbusinessserver ... and I didn't look further.
Avatar of Y Y

ASKER

The phone company said we have to put the PBX in the same network with all the phones.
Now we started preparing for this move. It's a hassle.
Avatar of Y Y

ASKER

The phone company came again and made some setting change on their system, this fixed the paging problem.
So the problem has nothing to do with SonicWALL.
FYI.
ASKER CERTIFIED SOLUTION
Avatar of Y Y
Y Y

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial