Adding A Second DHCP Scope
Mr_Brightside Newbie ✭
We're running out of internal IP addresses due to the amount of non company items being put onto the Wifi (phones, tablets etc) and so need to add a second DHCP scope to create some more but while still allowing traffic between the two sets of IP addresses so people can access printers and file shares.
The Sonicwall is running SonicOS Enhanced 188.8.131.52-97n
Could somebody give me a step by step guide on how to add this second scope and allow it to talk to our current address scope ?
Category: Mid Range Firewalls
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
We do also have some CCTV cameras which are on static addresses outside of the scope which is being assigned by DHCP at the moment so obviously a solution that doesn't break them would be preferable :-)
You can create additional Trusted zone (LAN2) and assign on of the free interface, Follow the below KB.
NB: To allow communication within Zones by creating automatically Access Rules that allow traffic to flow between the interfaces of a Zone instance, select Allow Interface Trust. Otherwise, deselect the Allow Interface Trust check box. This option is enabled by default, but is often disabled when setting up Guest Services.
For more about Zone: https://www.sonicwall.com/support/knowledge-base/how-do-zones-work-in-sonicos/170503731702241/
NB: Once you done above steps; configure the new DHCP pool for the new zone. Follow the below KB:
Hi, good idea is to separate devices into different zones and/or VLANs as it was mentioned by @Ajishlal
just to clarify possible Setup:
X0 LAN (zone LAN) for trusted ethernet connected DEVICE
X0:VLAN17 (zone LAN) for trusted Wifi Device (just add tagged vlan 17 port on switch where your AP is connected - and assign configuration to AP (policy?))
X0:VLAN1900 (zone UNTRUSTED - zone type public) for private mobile devices - WIFI. So you can create dedicated SSID on your AP (need to add vlan tagged port to AP on switch)
X0:VLAN 2400 (zone LAN2 zone type Trusted) for CCTV just add ports to another VLAN on your switch.
Then on all mentioned interfaces you will be able to create DHCP scope.
And now 4 important comments: