Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

TZ670 Virtual Interface Natively Bridged crashes sonicwall via wifi connection

Need some help with a weird crashing issue on a Sonicwall TZ670. Interface breakdown is as follows:

  • X0: Office Lan - 192.168.25.0
  • X1: WAN
  • X2: HA WAN
  • X3: PoS Lan and PoS Wifi - 192.168.1.0
  • X3V6: Unassigned Native Bridge to X0 for Office Wifi -192.168.25.0

X0 and X3 are in different Zones. X0 is in default LAN and X3 is in Custom Zone for PoS system - Separated for PCI compliance. 

Office Lan (X0) devices are on an unmaged Trendnet switch. PoS (X3) devices are on two connected unmanaged powerconnect switches. Also on the X3 zone are 2 Datto Access points that provides wifi for PoS devices and Office Lan Wifi tagging traffic as VLAN 6. LAN Wifi needs to be on the same subnet as wired LAN to control audio system.

Everything works great except when joining to the office LAN wifi. Shortly after a device connects, the sonicwall becomes mostly unresponsive and internet goes out until the Sonicwall is rebooted. Ping tests to google DNS and to the Sonicwall would have about 90% fail rates.

I was able to mitigate this somewhat by enabling asymmetric route support on the X3V6 virtual interface. I could connect to the wifi then, but if i jumped between SSIDs and then back to office wifi, it would crash until I disconnected and then the network was about 90% able to recover itself. 

I just upgraded to the TZ670 from a TZ300. When i had this setup on the TZ300 and first enabled it, it crashed the network for about 40 minutes and then was fine ever since, even after reboots. May have just got lucky with some firmware differences between the 2 models. 

I'm thinking this may be more of an unmanaged switch issue causing a flood of some sort and need to put them in managed mode and set the uplink port with PVID:1 with Tagged:6

Diagram attached of network as it is now but insight here would be awesome!

Category: Mid Range Firewalls
Reply

Answers

  • prestonpreston All-Knowing Sage ✭✭✭✭

    @Reaign, I'm presuming you haven't created the VLAN6 on the Powerconnect Switches as you mention they are unmanaged ?

    So at the moment you have set the AP with two SSID's one one on the Default VLAN and the other on VLAN6, and then also on the SonicWall X3 Sub Interface as X3:V6 ? if this is the case VLAN6 doesn't actually exist as this is created on the switch.

    you will need to add the VLAN6 on the powerconnect switches the Tag on the ports where the APs are connnected and the uplink to X3 the Switch on X0 doesn't need to know about the VLAN.

Sign In or Register to comment.