sonicwall / cisco switch Configuration ( 2 separate LAN networks using 2 different ports)
I have sonicwall 5600 connected to L3 switch using 2 ports X0 LAN and X2 HR zone.
sonicwall X1 has a public IP connected to ISP
i configured X0 as LAN for a different network and X2 as a HR zone for a different network. Both ports are connected to the cisco 3750.
int vlan 2 192.168.1.1/24
int vlan 5 192.168.5.1/24
int vlan 10 192.168.10.1
2 ports going up to sonic wall as access port. 1 for vlan 2 and 1 for vlan 5
CLIENT 1. vlan 5
ip add 192.168.5.5/24
gw : switch 192.168.5.1
vlan 2 ip add 192..168.1.5/24
gw switch 192.168.1.1
Both client 1 and 2 can reach server in vlan 10.
Both client can ping the switch
switch can ping 188.8.131.52
wha'ts NOT working
clients can ping their respective network on the sonicwall firewall
clients cannot ping 184.108.40.206
cannot access internet from the computers
traceroute to 220.127.116.11 from client shows it gets to the core and stops there.
i ran a packet monitor and i noticed that the packets were dropped becuase they were coming in from X0 instead of X2. what do i need to do in my cisco switch or the sonicwall to send the packet through the right port. Thank you
So on your switch, you have your 2 access ports one on VLAN 2 connected to X0 and the other on VLAN 5 Connected to X1 and their native VLANS are configured?
Can the switch reach the internet with a source IP of each of its LANs?
You might simplify things a bit by not having IPs in all LANs on the Sonicwall, and just have a stub network for routing between the Sonicwall and the switch. Otherwise you've added complexity where there's two ways a packet can reach the firewall from the various LANs.
Don't use the switch as a router and let the Sonicwall do the work. AKA have all your vlans as subinterfaces of X0 and use a single port on the switch as a trunk to uplink to X0.
Basically, do either what I or @TKWITS has suggested, but don't try to do both - you will end up with triangular routes, for no discernable benefit.
As per your network drawing, All internal LAN switching handling by Firewall & it will make more load in your Firewall when it comes to more clients/subnet/vlans. So I recommend below solution for your scenario.
Since you have a L3 Switch from cisco, you can utilize that switch for handling the all internal VLAN switching and routing traffic.
Internal VLAN restriction you can make ACL in cisco and create a default route to sonicwall for the internet traffic. (As same as below scn shot)
In Sonicwall, Create routing policy for the all VLANS as same as below screen shot.