Change IP of X0 and gateway
We are about to implement Switches in the company. We need to configure it with the IP 172.16.1.254, this IP mentioned is configured in sonicwall as the IP of X0 and of the gateway.
I would like to know what is the best practice to change the IP of X0 lan and the gateway.
Do I have to configure the rules again?
Do I have to configure NAT?
Our Firewall is an NSA3600
thanks for your help
Thank you for visiting SonicWall Community.
It looks like you are trying to introduce Switch(es) between end computers and SonicWall which is fine. If we are looking for information on best practice to change the IP address on the SonicWall interface,
- We should first take the settings backup from the firewall. This would be really useful if the IP address change is messed up and once the firewall access is restored, this backup settings can be imported onto it to avoid any manual configuration.
- We should change the interface (X0) IP address on the SonicWall.
- After changing the IP address, we'll lose access to the SonicWall if the access attempt was done via X0 and we need to change the default gateway on the local PC thats been used to access the SonicWall to the changed IP address.
- In addition to the above point, the default gateway on all the end machines behind X0 should also be changed to the new IP address thats there on X0 interface of firewall if SonicWall acts as the default gateway, otherwise we should point the default gateway on the end machines to the Switch IP address if needed as per our requirement.
- Changing the IP address on X0 interface doesn't affect any default configuration such as Zones, Address Objects, Address Groups, Access Rules, NAT Policies and Route policies. In-fact these configs will get auto-updated with the new IP info.
- Like @TKWITS mentioned, only the custom Address Objects, Address Groups, Access Rules, NAT Policies and Route policies should be changed accordingly with the new IP.
Hope this answers your question. Please let me know for any clarification.0
To answer your question: Unless you have custom access and NAT rules that specifically use the X0 IP address you shouldn't have to change anything after changing the X0 IP address. Auto-created access and NAT rules will be automatically updated with the new information.
I don't really want to delve into WHY you are doing what you are doing. Implementing switching fabric should not involve using the current default gateway IP address on the switch. You are setting yourself up for failure. Adding a switch as a routing device would involve a plan on HOW to handle routing going forward, including any IP changes that NEED to happen.
Put some thought and planning toward what you are doing and if the plan will accomplish your goals.
Thanks for your reply,
Of course it would be something like this: the switches will have the 172.16.254, and that traffic will redirect it to the new ip that the sonicwall will have, example: 172.16.1.253 so that it goes to the internet.
What is the best practice to change the IP of the firewall?