Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

VLAN from one zone connected to an interface from another zone

DantDant Newbie ✭
in Entry Level Firewalls

Hello.


Is it possible to implement such a configuration?

When creating a VLAN, it is possible from the sonicwall interface ... but will it work at all?

TZ400

Thanks.

Category: Entry Level Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    shiprasahu93shiprasahu93 Moderator
    Answer ✓

    @Dant,

    Welcome to the SonicWall community.

    Yes, the physical interface can belong to a particular zone can have a sub-interface belonging to a different interface. The concept of zones is to make it easier to apply access rules and security policies.

    Please make sure that the access rules are added correctly for that zone that you set up on the VLAN sub-interface. Like Zone_example to WAN allowed etc.,

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Answers

  • DantDant Newbie ✭

    Thanks.


    I hope you fully understood me ... the different interface is to another ZONE.


    All communication is prohibited between the zones.

    Can the communication be set to be based only on a selected VLAN?

  • DantDant Newbie ✭

    Thanks.


    In fact, I have two zones built quite independently (at the cable level) with each other.

    I want to use the transmission medium, to include a computer that logically belongs to the other zone.

    It is not possible to run a new cable.

  • shiprasahu93shiprasahu93 Moderator

    @Dant,

    Even if traffic is completely prohibited between two zones, specific access rules based on the source/destination IP fields can be added to allow only the necessary traffic.

    I did not follow the cable part, do you have a network diagram or elaborate on the situation at hand?

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • DantDant Newbie ✭

    Thanks.

    Something like that ...




    Zona.png


  • shiprasahu93shiprasahu93 Moderator

    @Dant,

    Thanks for sharing that. I understand now.

    I hope you know that the VLAN interface under Zone B, can belong to Zone A but needs to have a separate IP scheme. But the access rules can be added such that New PC can communicate to the Zone A PC.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • DantDant Newbie ✭

    Thanks.

    I wanted to make sure it was doable before I started.

    Do only Access Rules need to be changed or NAT?

  • shiprasahu93shiprasahu93 Moderator

    @Dant ,

    In your case, just the access rule should be enough. The SonicWall adds routing policies etc once you configure VLAN sub-interfaces. So, it knows how to forward traffic between those networks.

    If you have any additional queries, please let us know.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.