Link to home
Start Free TrialLog in
Avatar of cmp119
cmp119Flag for United States of America

asked on

SoniceWall TZ400W - Wireless Subnet (WO) to LAN (X0) DNS Name Resolution Not Working

The wireless network (W0) has full access to the LAN (X0), and so does the X0 to W0.  Nothing is blocked between these networks.  The TZ400W takes care of DHCP services for the W0 network:  172.16.31.0, and includes both internal Windows Server DNS servers (10.1.0.12, 10.1.0.2).

I have a laptop connected to the W0 wireless network, and I can ping hosts on the LAN network X0: 10.1.0.0 via IP address without issue.  However, I cannot ping any LAN host via DNS host name.  This laptop is a Surface laptop and only has wireless access, so I could not connect it via an Ethernet cable.  I did not join the laptop to the local AD domain, and still resides within a WorkGroup.

I contacted SonicWall support and they indicate the firewall is allowing all traffic and the name resolution issue appears to be an internal DNS issue.  

On the LAN network I have two AD DNS servers, and one of those servers is also a DHCP server.  Everything appears to work fine on all devices connected to the network via an Ethernet connection, and the problem appears be wireless devices from the W0 network not able to resolve DNS host names.  

The only way I was able to resolve DNS host names on this laptop was modifying the local hosts file to include the DNS servers and a file server that they need to access.  

So I am just wondering how can DNS host resolution be resolved between the wireless LAN and the LAN networks without resorting to modifying hosts files.  This wireless network (W0) is supposed to be used for internal employees only so that they can access all LAN resources.  

Avatar of footech
footech
Flag of United States of America image

First confirm that the laptop is configured to use the correct IPs for DNS.

Since it's not joined to the domain, were you using FQDNs for the hostnames?  I'll typically prefer using nslookup for testing DNS, with the understanding that it uses a separate DNS resolver from the OS.  You can use commands like set all to see the srchlist (appended domain names).  Running set debug and then performing the query, you can see debug information about the actual query that is sent (and the reply).
Avatar of cmp119

ASKER

Yes, the router assigned the following IP address to the laptop:

IP:  172.16.31.196
GW:  172.16.31.1
DNS:  10.1.0.12, 10.1.0.2

Once I modified the local hosts file with with the following I was able to ping via hostname and also access windows shares, etc.

10.1.0.12           apg-dc
10.1.0.2             apg1
Thanks for the confirmation.  Did you understand the rest of my post?  I notice that your hosts file isn't using FQDNs.
ASKER CERTIFIED SOLUTION
Avatar of footech
footech
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cmp119

ASKER

I guess I will need to get a usb to Ethernet adapter and join the device to the AD domain.  That way I can rid of the need of modifying local hosts files.  Thanks for your help.  
I'm not sure if you did any testing to confirm whether this is indeed the issue.  If you did, joining a machine to the domain isn't the only fix.  For an individual machine, you could configure DNS suffixes to append in the NIC properties.  To avoid configuring individual machines, you should be able to configure the DHCP option (I think it's option 15) to provide a DNS suffix for the connection.