Same subnet on WAN and LAN
QWERTZ
Newbie ✭
Hello all,
for internal tests we want to establish internet access for single clients via our Sonicwall. Since the clients should still have access to the internal resources, the client must be in the same subnet as the resource (access to certain resources is not possible from other subnets by the manufacturer).
We therefore imagined the following scenario:
Network: 192.168.1.0/24
Router: 192.168.1.1
Sonicwall - WAN interface: 192.168.1.2
Sonicwall - LAN interface: 192.168.1.254
On the test clients, we would set the IP of the Sonicwall LAN interface as the gateway. This way the internal communication between the clients would be possible directly, but the internet traffic of the test clients would go through the Sonicwall.
Is this possible with the Sonicwall?
Best Answer
-
CORRECT ANSWERArkwright
All-Knowing Sage ✭✭✭✭
You can put interfaces in different zones in L2 bridge mode but have them as the same network [ie, L2] with zone>zone access rules.
Not sure how that fits in with "internet traffic of the test clients would go through the Sonicwall." though.
It's possible that simply NATing the [untrusted?] clients would work around the "client must be in the same subnet as the resource" requirement? Not every application or protocol will work with NAT but it's by far the simplest approach to try first, not least because that's the default OOTB config on 99% of routers and firewalls.
0
Answers
This makes no sense.
@QWERTZ ,
it's not possible to route between identical subnets in the same network.
For example, If the same town has 2 identical street names, then it would be very hard for postal services to get the letter to the right person correct?
Thanks to the first two very helpful comments, I did the setup with a third-party firewall and ran it successfully.
I was looking for the bridge function described by @Arkwright ght here.
Sorry our comments were unhelpful. Maybe I should've asked you to rephrase your question.