Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Multiple subnets behind LAN Zone

scottrellscottrell Newbie ✭
in Mid Range Firewalls

Hello,

TZ370 Initial config problem. Gone through the basic set up and watched the videos. Factory defaults and just basic interface configuration--have only two interfaces in play X0 (LAN) and X1 (WAN). I have several subnets functioning on our switched network behind the LAN, routing and IP all working great, until the X0 interface. I have verified by patching a simple switch in place of the X0 interface and all traffic I expect to be routed to the X0 interface get there.

Problem is, the only subnet that seems to work through the firewall is the XO subnet itself. None of the subnets routed through to the XO interface from a different VLAN gets blocked. Again this is a factory default LAN to WAN access rule (any any allow), I haven't even begun to make access rule.

I thought perhaps I needed to define the additional subnets and assign them to the LAN zone, So I tried that, but no luck. Also, they don't appear as an address group for LAN Subnets--which I expected.

What am I missing?

-sc

Category: Mid Range Firewalls
Reply

Best Answer

  • CORRECT ANSWER
    prestonpreston Enthusiast ✭✭
    Answer ✓

    Hi @scottrell , I presume you are using a L3 Switch on the X0 Subnet ?

    If so you need to put all the networks in a group (makes sure they are in the LAN Zone) and create a route policy Policy/Routing Rules

    source = any with the destinations = Address Object Group with all the routed subnets via the Gateway ip for this you will need to create another Address object for the Switch IP on the LAN side, Interface X0 & metric 1

    the reason the Networks don't show in the LAN Subnets Address object is because that only applies to Interfaces set up in the LAN Zone, not to routed networks.

Answers

Sign In or Register to comment.