Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register
Options

Need a separate internal network on TZ-500

DonDwildDonDwild Newbie ✭
in Entry Level Firewalls

Hi

I need to create a separate internal lan segment that has Internet access and DHCP. So I want it to not have access to anyone zones other than the WAN zone (so it can get internet access). Should I use a LAN zone as my zone type? I think I can create seperate DHCP address assignment for this zone (that is a non-used subnet). Once this is done, do I just assign this Zone to an unused interface (like X4 or X5) and write one access rule to give this Zone access to the WAN zone. Some quick steps would be helpful. Thanks

Category: Entry Level Firewalls
Reply

Answers

  • Options
    MarkDMarkD Cybersecurity Overlord ✭✭✭

    Depending on its use if you assign it the same LAN zone the default zone rules apply.

    If you assign this as a DMZ you have DMZ-WAN and LAN-DMZ but no DMZ to LAN without specific rules.

    you can create zones based on Trusted or Public and name them as you require.

    here's the KB article

    https://www.sonicwall.com/support/knowledge-base/how-do-zones-work-in-sonicos/170503731702241/

  • Options
    DonDwildDonDwild Newbie ✭

    I just want this to be a separate internal lan segment with DHCP and Internet access.

  • Options
    LarryLarry All-Knowing Sage ✭✭✭✭

    The short answer to your original question is: Yes.

    Here's how I have my LAN and one of my LAB environments:

    image.png

    You can then go to Access Rules to ensure isolation between your LAN and secondary environment.

Sign In or Register to comment.